Submitted URL: http://1wincasino.xyz/
Effective URL: https://1win-430.ru/
Submission: On November 26 via api from BY — Scanned from DE

Summary

This website contacted 4 IPs in 4 countries across 15 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3031::6815:3bb6, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-430.ru.
TLS certificate: Issued by E1 on October 1st 2023. Valid for: 3 months.
This is the only time 1win-430.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.55.132 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
16 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
27 4
Apex Domain
Subdomains
Transfer
16 1win-430.ru
1win-430.ru
621 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8755
3 KB
4 gstatic.com
fonts.gstatic.com
51 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4034
71 KB
2 1wincasino10.top
1wincasino10.top
797 B
2 1wincasino9.top
1wincasino9.top
807 B
2 1wincasino8.top
1wincasino8.top
801 B
2 1wincasino7.top
1wincasino7.top
798 B
2 1wincasino6.top
1wincasino6.top
804 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 1wincasino5.top
1wincasino5.top
448 B
1 1wincasino4.top
1wincasino4.top
452 B
1 1wincasino3.top
1wincasino3.top
452 B
1 1wincasino1.top
1wincasino1.top
448 B
1 1wincasino.xyz
1wincasino.xyz
639 B
27 15
Domain Requested by
16 1win-430.ru 1win-430.ru
7 mc.yandex.com 3 redirects 1win-430.ru
mc.yandex.ru
4 fonts.gstatic.com fonts.googleapis.com
3 mc.yandex.ru 1 redirects 1win-430.ru
2 1wincasino10.top 2 redirects
2 1wincasino9.top 2 redirects
2 1wincasino8.top 2 redirects
2 1wincasino7.top 2 redirects
2 1wincasino6.top 2 redirects
1 fonts.googleapis.com 1win-430.ru
1 1wincasino5.top 1 redirects
1 1wincasino4.top 1 redirects
1 1wincasino3.top 1 redirects
1 1wincasino1.top 1 redirects
1 1wincasino.xyz 1 redirects
27 15

This site contains no links.

Subject Issuer Validity Valid
1win-430.ru
E1
2023-10-01 -
2023-12-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-08-14 -
2024-01-24
5 months crt.sh

This page contains 1 frames:

Primary Page: https://1win-430.ru/
Frame ID: 1FD2508CD885784836F49C12FB1D4A50
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

1WIN официальный сайт букмекерской конторы 1ВИН

Page URL History Show full URLs

  1. http://1wincasino.xyz/ HTTP 301
    https://1wincasino1.top/ HTTP 301
    https://1wincasino3.top/ HTTP 301
    https://1wincasino4.top/ HTTP 301
    https://1wincasino5.top/ HTTP 301
    https://1wincasino6.top/ HTTP 301
    https://1wincasino7.top/ HTTP 301
    https://1wincasino8.top/ HTTP 301
    https://1wincasino9.top/ HTTP 301
    https://1wincasino10.top/ HTTP 301
    https://1win-430.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

27
Requests

89 %
HTTPS

92 %
IPv6

15
Domains

15
Subdomains

4
IPs

4
Countries

745 kB
Transfer

1204 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1wincasino.xyz/ HTTP 301
    https://1wincasino1.top/ HTTP 301
    https://1wincasino3.top/ HTTP 301
    https://1wincasino4.top/ HTTP 301
    https://1wincasino5.top/ HTTP 301
    https://1wincasino6.top/ HTTP 301
    https://1wincasino7.top/ HTTP 301
    https://1wincasino8.top/ HTTP 301
    https://1wincasino9.top/ HTTP 301
    https://1wincasino10.top/ HTTP 301
    https://1win-430.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://1wincasino6.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1wincasino7.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1wincasino8.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1wincasino9.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1wincasino10.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1win-430.ru/wp-content/uploads/2022/07/bggg.png
Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10199.NzfTIZt_jUaeIYjEzgSl3PEn3ax6x7l6IXHFzXj5KYI9uI8qCYE1IbztvwBoL6eS.xQ_O_HuRW4a2-C6RdTPIF1LOYpQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10199.ykhV_wWmehkb7_zRN6iC9oYY8nukHP2UZpM18GuFp_1LTiRPQ1vr8e32eLqYB8FY7j-WjP5Qxy-a638ehfhoxa6-O_FINzyZVHwuQmhEhTNgmyylzskZjke0PDgTJsC6hSNnbTSsV3gjNA07jGnNUjyonyPGq5w7-9PwMyGSdnhwXZwdKYpNehKpBtClyDUZenQSs-0vpP5or4rlLR6WRibvlN-8lTJ_k8fOMAbM7i4%2C.9X1IRLfvmBWK2uEg2dJM6DaoGBo%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10199.npFHfYmHXpY1Ejayw5_pPoXhr-r9dLpfl7GP2HVicRUauBkKUwNHTTQkhbMaW3v2c1YkbnmGxSwYe8IeOpSzAVwnUaVTnxc5n01BgYxAQF-X0HDi5oPWA-qigMCNM7okMMYvW8ReQEmWCgcVVrawPMiJ4bELYci2E1vaD4fbTatUkG5TvTMTVUGeon5n4JIEwwTSpO3ksvW1gMlJ1MHpyw%2C%2C.uwIcGw8gR-VgU9Gspb-k-dJ1Tnc%2C
Request Chain 23
  • https://mc.yandex.com/watch/94534150?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A7488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A1082448121869%3Ahid%3A942889634%3Az%3A60%3Ai%3A20231126083514%3Aet%3A1700984115%3Ac%3A1%3Arn%3A599748198%3Arqn%3A1%3Au%3A1700984115994590787%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C47%2C520%2C1%2C6485%2C0%2C%2C198%2C0%2C%2C%2C%2C7520%3Aco%3A0%3Acpf%3A1%3Ans%3A1700984106689%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700984115%3At%3A1WIN%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%201%D0%92%D0%98%D0%9D&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/94534150/1?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A7488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A1082448121869%3Ahid%3A942889634%3Az%3A60%3Ai%3A20231126083514%3Aet%3A1700984115%3Ac%3A1%3Arn%3A599748198%3Arqn%3A1%3Au%3A1700984115994590787%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C47%2C520%2C1%2C6485%2C0%2C%2C198%2C0%2C%2C%2C%2C7520%3Aco%3A0%3Acpf%3A1%3Ans%3A1700984106689%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700984115%3At%3A1WIN%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%201%D0%92%D0%98%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
1win-430.ru/
Redirect Chain
  • http://1wincasino.xyz/
  • https://1wincasino1.top/
  • https://1wincasino3.top/
  • https://1wincasino4.top/
  • https://1wincasino5.top/
  • https://1wincasino6.top/
  • https://1wincasino7.top/
  • https://1wincasino8.top/
  • https://1wincasino9.top/
  • https://1wincasino10.top/
  • https://1win-430.ru/
51 KB
13 KB
Document
General
Full URL
https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
94ded723fe49e2dc145afbb4863a7fe0fee832279237030bedfdf36137a22f8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82c074155a52365a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 07:35:14 GMT
link
<https://1win-430.ru/wp-json/>; rel="https://api.w.org/", <https://1win-430.ru/wp-json/wp/v2/pages/20>; rel="alternate"; type="application/json", <https://1win-430.ru/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDTrHDrWoR1SlcXe4bJt0m7VhqGI5Yq9Y3nENoW8qliElXIafDBZ4RXKfBFgKIaQ4b0HZSuUme%2BgiX8fGZt3z8spz94OMC%2FP5lP492ttALDxcz%2BXgyvcIGyqaZSuDgcHL6KaIF29OFfo6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82c07412ecd2bbc1-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 26 Nov 2023 07:35:13 GMT
location
https://1win-430.ru/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTWjg%2BybfFNzaB3yGujz6v%2BmeD%2F%2FlBtDTiABKOGMCffl%2F6rtgST2r0o6M7TVTc30MCJT%2Bjv%2FoVcuKNJ0%2BWJaoiX1VthWzBM0tG8WTw7l2pgzZl2644xPH1IBAx6Y5mUDBvFPGoto7ViE9gMCVtOf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.min.css
1win-430.ru/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
https://1win-430.ru/wp-includes/css/dist/block-library/style.min.css?ver=f1d3c45f27568959111ee293b37725be
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-17ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drZjeFbnKWHNXAfFaC%2F4TD%2BDZXvbETU77ieQcAshKYjxMc8nodoBURAM4f6q8W2St%2FneKrasIdteIuRyQoPmLMFHY2pPb2lIT%2FbWALRBhvK1eoOeyc6ZdpHDURf00E6D4HHwxoM2VuGh0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
82c07418ad8c365a-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Nov 2023 07:35:14 GMT
classic-themes.min.css
1win-430.ru/wp-includes/css/
291 B
546 B
Stylesheet
General
Full URL
https://1win-430.ru/wp-includes/css/classic-themes.min.css?ver=f1d3c45f27568959111ee293b37725be
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJUbIdw1XMrTwJV9%2FjMc43qVRURq2692jRdDup16DGifhUTmtIkOrpdG8V7sH1g%2F8fHhBPCwBslCo4CMOr4d5353h4av%2FinbTbTzen71B90lU4LEeX8RI0LojWBmXORTsCBNxGwC8PusYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
82c07418ad8d365a-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Nov 2023 07:35:14 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd610a9d43528d79b2afe2cd7ae2fde0bef9ea4ffb66f36d24868cea612efed1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 26 Nov 2023 07:35:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Nov 2023 07:35:14 GMT
style.min.css
1win-430.ru/wp-content/themes/root/css/
147 KB
29 KB
Stylesheet
General
Full URL
https://1win-430.ru/wp-content/themes/root/css/style.min.css?ver=2.4.1
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d562f64de28b3c975ada07a8ec399ba128df2ebb971289dea81a91b0ad17fb5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-24cc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mb5bm4F%2FjVzfZ%2BLVJ82EOKQVyROTgxplwnRh4mNLFtovS17O%2FbYLiECQVd%2Bn5DipgWdM3oVAex1GbimmUlwf30AJA7N5RwFmhCHE2Ef%2FsFOT%2FJbDCeKRI9YyGFp8euPEjiM3bxkkXi66zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
82c07418ad8e365a-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Nov 2023 07:35:14 GMT
jquery.min.js
1win-430.ru/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://1win-430.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-15ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTZGBPHngxTvBqaiS2dcEWM5OeOOuYtSPK8KZNyBVDBazV%2BWfK%2BQ526b6UPJLIot%2Fzok1oOCaeB5AHPpzvMMOsExqgAbODD9ka39Dx4SuskIBfeKL9Lv4%2FnkpLh1bn7AbUnJZpwGWQGDcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82c07418ad90365a-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Nov 2023 07:35:14 GMT
jquery-migrate.min.js
1win-430.ru/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://1win-430.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-3470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQo0JNk2%2FPADWSfLgYQQxAg5F8n9Hr8Hf8mr20wTPB8ESnhHRsJQ1Eli5JxmPje1Q8UqnXBte1y2%2BCB9syyIo8vOhff0%2FqxwJ87FiCR9tkPUwQzdIIyXBCrvp2MBWFi1S1VX30mB6eFFQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82c07418ad91365a-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Nov 2023 07:35:14 GMT
1win-header.png
1win-430.ru/wp-content/uploads/2022/07/
36 KB
36 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/1win-header.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07f60e24e4361a59fb6467c72d0993c4bf1cf58261043fa2fe5ff85ff311383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-8eb8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5Dmhj4O53LSQFEC7T1bRwjszkUm3862g9nTNZ1lBPWhojik%2B1WC9AMiRTHOFPK2FzC6GsCJ%2FQzFGKeqzkW2EZ003P4QLE31ZS62ZqP6PDf%2B4NRZSzTnDgmy9TlyIXS3DsmSMUePImtvXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82c07418ad92365a-FRA
alt-svc
h3=":443"; ma=86400
content-length
36536
expires
Mon, 27 Nov 2023 07:35:14 GMT
freespin-deposit.png
1win-430.ru/wp-content/uploads/2022/07/
117 KB
118 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/freespin-deposit.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4b36e5ce0c6a40bb316e63f0614ca9195f655381f16033a7ec10124a787afc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-1d4ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQuHOjBJPIbFAQQk2HfpYiJccIRMfPKL%2B2YvY15%2FCjZK0NQYkR6ZAzaZ7FcQQcdapsz6hupgnMdPHTNPZdxPgRg%2BZRxPKMRpInml%2BWzZ%2FhGrKW8VNBk0ZaLElLnZGjBQzTGStfdluiJeFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82c07418ad93365a-FRA
alt-svc
h3=":443"; ma=86400
content-length
120063
expires
Mon, 27 Nov 2023 07:35:14 GMT
lightbox.js
1win-430.ru/wp-content/themes/root/js/
3 KB
1 KB
Script
General
Full URL
https://1win-430.ru/wp-content/themes/root/js/lightbox.js?ver=2.4.1
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6689da9de439659c81141876190f91117e80885025c04d63ff41915efda4a6f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-a9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhjyadlrOqPP1WvXFZjBVTlAJgpRBz6tQij1xVKpxSDKaxFS4XMXtHa3dnrUHLRNmLDzT7Gml8ITGX3qRJ5joxhXXd95SbuwXflMaNd4pt2VYuU1axHli0lOAC3ohwx4wOBiGYJ7DohBZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82c074192fe0694b-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Nov 2023 07:35:14 GMT
scripts.min.js
1win-430.ru/wp-content/themes/root/js/
7 KB
3 KB
Script
General
Full URL
https://1win-430.ru/wp-content/themes/root/js/scripts.min.js?ver=2.4.1
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8fef484ac8a107d5c1d4592fc8dbcdd63232b32794b86d33ed9a646ba8b0abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-1d19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a66Ybefzi%2Bd2e7gETVGfUjb8xbhPcEwscvg1B8p1OVT5RzY18iGdtyfFskRWutyJ9afrnO3vLiVXD1pU0maVKweDNjazwZtsK8gWbhv64z2JC8XTvVPTnBp2I9g8AbVLZif2UxwjTmGTcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82c074196810694b-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Nov 2023 07:35:14 GMT
wp-emoji-release.min.js
1win-430.ru/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://1win-430.ru/wp-includes/js/wp-emoji-release.min.js?ver=f1d3c45f27568959111ee293b37725be
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIXjYhIXMlxK6RExnCqT6EUxK3PnKplpkMumpsUMhIGp6DZ6HiHXUAadU5T082L5PMelDBet2TITiVXH5lEBtXFA8Osg9IAb%2FiQUxb8UAyRLKptXnVTNxyMeq%2B1QFw249zMoH09zS2LYJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82c074197819694b-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 27 Nov 2023 07:35:14 GMT
bggg.png
1win-430.ru/wp-content/uploads/2022/07/
Redirect Chain
  • https://1wincasino6.top/wp-content/uploads/2022/07/bggg.png
  • https://1wincasino7.top/wp-content/uploads/2022/07/bggg.png
  • https://1wincasino8.top/wp-content/uploads/2022/07/bggg.png
  • https://1wincasino9.top/wp-content/uploads/2022/07/bggg.png
  • https://1wincasino10.top/wp-content/uploads/2022/07/bggg.png
  • https://1win-430.ru/wp-content/uploads/2022/07/bggg.png
4 KB
4 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/bggg.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac0d40d1bb25272ca52ef80b777b01675942d002c1cacfa5c7eeca0cab39a6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:15 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-fbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1az4JRgzZKw82D%2BJULkT7QNeWiClv7xvA0Qu0rjPkhxWXhElPJXbDvM1UHmKStiTZURgugZPcTIMk7t1T73Wx%2F%2BRuqbz9kY4AvJt3KZ%2BXcX0gxE4pelUEFRe7F0FPO%2BqygGdhXEwQwT%2BRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82c074212da6694b-FRA
alt-svc
h3=":443"; ma=86400
content-length
4029
expires
Mon, 27 Nov 2023 07:35:15 GMT

Redirect headers

date
Sun, 26 Nov 2023 07:35:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LpTVwf5s91LG0ySDHoUkGWQXlzEscLcsD5sgh9XVe4crVsNQ3PfYunENYr38IFThsj59tgAJcSmQ9yH357aRyN3bjCRCudsLoegoL%2FF6Uq9Mxanc5taP%2B2DvjBAAg9cpDhPc397OLu%2F1DOcYD4v"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://1win-430.ru/wp-content/uploads/2022/07/bggg.png
cache-control
max-age=14400
cf-ray
82c074209c9abbc1-FRA
alt-svc
h3=":443"; ma=86400
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1win-430.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:10:47 GMT
x-content-type-options
nosniff
age
134667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:10:47 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1win-430.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 20:50:19 GMT
x-content-type-options
nosniff
age
125095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 20:50:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1win-430.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
122972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:25:42 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1win-430.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:53:38 GMT
x-content-type-options
nosniff
age
186096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 03:53:38 GMT
w2-2.jpg
1win-430.ru/wp-content/uploads/2023/02/
117 KB
118 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2023/02/w2-2.jpg
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
486da58f25c9271f6ff7a2acb406c1aa30f373ee3555134bf2d8c6482231dff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-1d51a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6i%2FG2RY7HZhofxZ3gKjeZR4EFD2yYMSjbs%2FrM64nBbbOgFSFf1hMkkdbAShFk2EI2AHEOKFCIe7amFOMTBnmBIilbjDmCMFSHoj0ULRXBLqtUvJp5gicnB4n1lVyOXATyiJEVaTQXTVVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82c07419982a694b-FRA
alt-svc
h3=":443"; ma=86400
content-length
120090
expires
Mon, 27 Nov 2023 07:35:14 GMT
1WINN2.jpg
1win-430.ru/wp-content/uploads/2023/02/
112 KB
112 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2023/02/1WINN2.jpg
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d84205aa1e8d9ae87bc8655bc354f796e58d92d05503603b48fbd90b6eb2fb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-1bf80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FUMAbRrDcc9%2FAhDI4p5G0iyXNAQLNSh419NLXnzUrd0z2c3JSQrLW0%2FXZZATj2TmwSsXNH%2FRoRVZGl%2FB0FiXnix7xs34jrf9VbJ2KnZoeMgG%2B4S5%2F3rpiGicY6%2FwAl8rwTEHOYNMXrEog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82c07419982c694b-FRA
alt-svc
h3=":443"; ma=86400
content-length
114560
expires
Mon, 27 Nov 2023 07:35:14 GMT
bonus-1win2.png
1win-430.ru/wp-content/uploads/2022/07/
88 KB
89 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/bonus-1win2.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fbaefce87b6e9885e772074ae271ffb04f66f7d63d3de508c3fa587bedeae44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-160fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOi7ZQKwTzPQMxY31K5RStmW36XImNF%2BizTrBRIMdNb55gkYz2Ad9F19QhawvxXgy1cNk07yErihQ%2F4wyqCmfVfgGy4%2BimpUY11NNJ1eNgFmcLB8ikXZZo5epui%2BqSwJxLXMtFNJZLbpew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82c07419982e694b-FRA
alt-svc
h3=":443"; ma=86400
content-length
90365
expires
Mon, 27 Nov 2023 07:35:14 GMT
1win-line.png
1win-430.ru/wp-content/uploads/2022/07/
42 KB
42 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/1win-line.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6109d7aeb869271f55f5eeed17096b63f21e04e0b3cc61a7549ff1ae1caf46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-a73b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyAK6FuZxMvnlUbhVbWv8pbQurOk7v%2BXGM0jsibB0ypvsaJgQUJMaiRpALmEZTkPM5CiTNMDcjIGx%2Fz0hiTHWc29xmpmdThJB3UtQAU8N6%2BM6lR2cT%2FYogKm1Fb3rg%2FS79Finh9cQsEYUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82c07419982f694b-FRA
alt-svc
h3=":443"; ma=86400
content-length
42811
expires
Mon, 27 Nov 2023 07:35:14 GMT
tag.js
mc.yandex.ru/metrika/
200 KB
70 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Nov 2023 08:37:03 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656060af-113c3"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70595
expires
Sun, 26 Nov 2023 08:35:14 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10199.NzfTIZt_jUaeIYjEzgSl3PEn3ax6x7l6IXHFzXj5KYI9uI8qCYE1IbztvwBoL6eS.xQ_O_HuRW4a2-C6RdTPIF1LOYpQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10199.ykhV_wWmehkb7_zRN6iC9oYY8nukHP2UZpM18GuFp_1LTiRPQ1vr8e32eLqYB8FY7j-WjP5Qxy-a638ehfhoxa6-O_FINzyZVHwuQmhEhTNgmyylzskZjke0PDgTJsC6hSNnbTSsV3...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10199.npFHfYmHXpY1Ejayw5_pPoXhr-r9dLpfl7GP2HVicRUauBkKUwNHTTQkhbMaW3v2c1YkbnmGxSwYe8IeOpSzAVwnUaVTnxc5n01BgYxAQF-X0...
43 B
582 B
Image
General
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10199.npFHfYmHXpY1Ejayw5_pPoXhr-r9dLpfl7GP2HVicRUauBkKUwNHTTQkhbMaW3v2c1YkbnmGxSwYe8IeOpSzAVwnUaVTnxc5n01BgYxAQF-X0HDi5oPWA-qigMCNM7okMMYvW8ReQEmWCgcVVrawPMiJ4bELYci2E1vaD4fbTatUkG5TvTMTVUGeon5n4JIEwwTSpO3ksvW1gMlJ1MHpyw%2C%2C.uwIcGw8gR-VgU9Gspb-k-dJ1Tnc%2C
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10199.npFHfYmHXpY1Ejayw5_pPoXhr-r9dLpfl7GP2HVicRUauBkKUwNHTTQkhbMaW3v2c1YkbnmGxSwYe8IeOpSzAVwnUaVTnxc5n01BgYxAQF-X0HDi5oPWA-qigMCNM7okMMYvW8ReQEmWCgcVVrawPMiJ4bELYci2E1vaD4fbTatUkG5TvTMTVUGeon5n4JIEwwTSpO3ksvW1gMlJ1MHpyw%2C%2C.uwIcGw8gR-VgU9Gspb-k-dJ1Tnc%2C
date
Sun, 26 Nov 2023 07:35:14 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
474 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:35:14 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Nov 2023 08:37:03 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656060af-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 26 Nov 2023 08:35:14 GMT
1
mc.yandex.com/watch/94534150/
Redirect Chain
  • https://mc.yandex.com/watch/94534150?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A7488%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/94534150/1?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A7488%3Afu%3A0%3Aen%3Autf...
427 B
519 B
Fetch
General
Full URL
https://mc.yandex.com/watch/94534150/1?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A7488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A1082448121869%3Ahid%3A942889634%3Az%3A60%3Ai%3A20231126083514%3Aet%3A1700984115%3Ac%3A1%3Arn%3A599748198%3Arqn%3A1%3Au%3A1700984115994590787%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C47%2C520%2C1%2C6485%2C0%2C%2C198%2C0%2C%2C%2C%2C7520%3Aco%3A0%3Acpf%3A1%3Ans%3A1700984106689%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700984115%3At%3A1WIN%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%201%D0%92%D0%98%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
05558dac0646b7ed8dbc77cc0e6986ffdfde7b9d106d10d9a167e728c5d58332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 07:35:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 26-Nov-2023 07:35:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1win-430.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Sun, 26-Nov-2023 07:35:14 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 07:35:14 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 26-Nov-2023 07:35:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/94534150/1?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A7488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A1082448121869%3Ahid%3A942889634%3Az%3A60%3Ai%3A20231126083514%3Aet%3A1700984115%3Ac%3A1%3Arn%3A599748198%3Arqn%3A1%3Au%3A1700984115994590787%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C47%2C520%2C1%2C6485%2C0%2C%2C198%2C0%2C%2C%2C%2C7520%3Aco%3A0%3Acpf%3A1%3Ans%3A1700984106689%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700984115%3At%3A1WIN%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%201%D0%92%D0%98%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://1win-430.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 26-Nov-2023 07:35:14 GMT
94534150
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/94534150?wv-part=1&wv-type=7&wmode=0&wv-hit=942889634&page-url=https%3A%2F%2F1win-430.ru%2F&rn=5240683&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1700984117%3Aw%3A1600x1200%3Av%3A1170%3Az%3A60%3Ai%3A20231126083517%3Au%3A1700984115994590787%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1700984117&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1win-430.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 07:35:17 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 26-Nov-2023 07:35:17 GMT
content-type
image/gif
access-control-allow-origin
https://1win-430.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 26-Nov-2023 07:35:17 GMT
94534150
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/94534150?wv-part=1&wv-type=7&wmode=0&wv-hit=942889634&page-url=https%3A%2F%2F1win-430.ru%2F&rn=720748836&browser-info=we%3A1%3Aet%3A1700984118%3Aw%3A1600x1200%3Av%3A1170%3Az%3A60%3Ai%3A20231126083517%3Au%3A1700984115994590787%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1700984118&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1win-430.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 07:35:17 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 26-Nov-2023 07:35:17 GMT
content-type
image/gif
access-control-allow-origin
https://1win-430.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 26-Nov-2023 07:35:17 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery string| fixed_main_menu object| settings_array object| wps_ajax function| GoTo function| base64_decode function| createCookie function| readCookie function| eraseCookie function| ym object| twemoji object| wp object| Ya object| yaCounter94534150

18 Cookies

Domain/Path Name / Value
.1win-430.ru/ Name: _ym_uid
Value: 1700984115994590787
.1win-430.ru/ Name: _ym_d
Value: 1700984115
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2371237445fake
.yandex.com/ Name: i
Value: e3iHqH+OempBMQokSzkTXWGori/N/uTDJx6CicKz/Z7hIVV85MnLkKKJprRb24s057Runi106oHbm3e9MURo6yEfZF0=
.yandex.com/ Name: yandexuid
Value: 1900647471700984114
.1win-430.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1248479928fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 1900647471700984114
.yandex.ru/ Name: yuidss
Value: 1900647471700984114
.yandex.ru/ Name: i
Value: e3iHqH+OempBMQokSzkTXWGori/N/uTDJx6CicKz/Z7hIVV85MnLkKKJprRb24s057Runi106oHbm3e9MURo6yEfZF0=
.yandex.ru/ Name: yp
Value: 1701070514.yu.9510978411700984114
.yandex.ru/ Name: ymex
Value: 1703576114.oyu.9510978411700984114
mc.yandex.com/ Name: yabs-sid
Value: 2630346741700984114
.yandex.com/ Name: yuidss
Value: 1900647471700984114
.yandex.com/ Name: ymex
Value: 1732520114.yrts.1700984114
.yandex.com/ Name: bh
Value: KgI/MA==
.1win-430.ru/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-430.ru
1wincasino.xyz
1wincasino1.top
1wincasino10.top
1wincasino3.top
1wincasino4.top
1wincasino5.top
1wincasino6.top
1wincasino7.top
1wincasino8.top
1wincasino9.top
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
104.21.55.132
2606:4700:3031::6815:3bb6
2606:4700:3031::6815:4881
2606:4700:3032::6815:5fe8
2606:4700:3032::ac43:88fe
2606:4700:3032::ac43:dac0
2606:4700:3033::ac43:95dd
2606:4700:3033::ac43:bc50
2606:4700:3034::ac43:dd6e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a02:6b8::1:119
2a06:98c1:3121::3
05558dac0646b7ed8dbc77cc0e6986ffdfde7b9d106d10d9a167e728c5d58332
0d84205aa1e8d9ae87bc8655bc354f796e58d92d05503603b48fbd90b6eb2fb2
486da58f25c9271f6ff7a2acb406c1aa30f373ee3555134bf2d8c6482231dff4
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6689da9de439659c81141876190f91117e80885025c04d63ff41915efda4a6f2
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
7e6109d7aeb869271f55f5eeed17096b63f21e04e0b3cc61a7549ff1ae1caf46
8fbaefce87b6e9885e772074ae271ffb04f66f7d63d3de508c3fa587bedeae44
94ded723fe49e2dc145afbb4863a7fe0fee832279237030bedfdf36137a22f8c
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a8fef484ac8a107d5c1d4592fc8dbcdd63232b32794b86d33ed9a646ba8b0abf
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
bc4b36e5ce0c6a40bb316e63f0614ca9195f655381f16033a7ec10124a787afc
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
d07f60e24e4361a59fb6467c72d0993c4bf1cf58261043fa2fe5ff85ff311383
d562f64de28b3c975ada07a8ec399ba128df2ebb971289dea81a91b0ad17fb5b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
eac0d40d1bb25272ca52ef80b777b01675942d002c1cacfa5c7eeca0cab39a6b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd610a9d43528d79b2afe2cd7ae2fde0bef9ea4ffb66f36d24868cea612efed1