one-win.in Open in urlscan Pro
2606:4700:3034::6815:380b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://one-1win.in/
Effective URL:
https://one-win.in/
Submission Tags: @phish_report
Submission: On January 02 via api (January 2nd 2024, 9:11:30 pm UTC) from FI — Scanned from NZ

Summary HTTP 65 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 65 HTTP transactions. The main IP is 2606:4700:3034::6815:380b, located in United States and belongs to CLOUDFLARENET, US. The main domain is one-win.in.
TLS certificate: Issued by GTS CA 1P5 on December 19th 2023. Valid for: 3 months.

This is the only time one-win.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3031::6815:11f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:303... 2606:4700:3034::6815:380b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:303... 2606:4700:3032::ac43:a152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.248.213.45 13.248.213.45	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::ac43:d7b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.233.15.5 193.233.15.5	42745 (SAFEVALUE-AS) (SAFEVALUE-AS)
1	2606:4700:303... 2606:4700:3037::6815:a4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:88d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:1e5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:49b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2404:6800:400... 2404:6800:4006:80a::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:804::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:813::2016	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:814::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4006:811::200a	15169 (GOOGLE) (GOOGLE)
65	19

2 2606:4700:3031::6815:11f5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

one-1win.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:3034::6815:380b (United States)

ASN13335 (CLOUDFLARENET, US)

one-win.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:a152 (United States)

ASN13335 (CLOUDFLARENET, US)

1-win.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.213.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: a67c48129651a0940.awsglobalaccelerator.com

1winaz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:d7b7 (United States)

ASN13335 (CLOUDFLARENET, US)

1win-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.233.15.5 (Russian Federation)

ASN42745 (SAFEVALUE-AS, SC)

1win-bet.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:a4f (United States)

ASN13335 (CLOUDFLARENET, US)

1-winuz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:88d1 (United States)

ASN13335 (CLOUDFLARENET, US)

1win-pl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:1e5a (United States)

ASN13335 (CLOUDFLARENET, US)

1win-tr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:49b2 (United States)

ASN13335 (CLOUDFLARENET, US)

1winkz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4006:80a::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:809::2002 (Sydney, Australia) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:80b::2006 (Sydney, Australia)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:804::2004 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:813::2016 (Sydney, Australia)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:811::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	one-win.in one-win.in	1 MB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	965 KB
7	w.org s.w.org — Cisco Umbrella Rank: 4875	6 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 306	40 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 static.doubleclick.net — Cisco Umbrella Rank: 371	1 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	1-win.es 1-win.es	29 KB
2	one-1win.in 2 redirects one-1win.in	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 193	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	28 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	20 KB
1	1winkz.com 1winkz.com	2 KB
1	1win-tr.net 1win-tr.net	2 KB
1	1win-pl.com 1win-pl.com	1 KB
1	1-winuz.com 1-winuz.com	2 KB
1	1win-bet.com.br 1win-bet.com.br	2 KB
1	1win-it.com 1win-it.com	2 KB
1	1winaz.com 1winaz.com
65	18

	Domain	Requested by
27	one-win.in	one-win.in
7	www.youtube.com	one-win.in www.youtube.com
7	s.w.org	one-win.in
4	jnn-pa.googleapis.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	1-win.es	one-win.in
2	one-1win.in	2 redirects
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	1winkz.com	one-win.in
1	1win-tr.net	one-win.in
1	1win-pl.com	one-win.in
1	1-winuz.com	one-win.in
1	1win-bet.com.br	one-win.in
1	1win-it.com	one-win.in
1	1winaz.com	one-win.in
65	19

This site contains links to these domains. Also see Links.

Domain
activityedu.ru
visitkyiv.com.ua
1-win.es
1win-fr.com
1winaz.com
1win-it.com
1win-bet.com.br
1-winuz.com
1win-pl.com
1win-tr.net
1winkz.com

Subject Issuer	Validity	Valid
one-win.in GTS CA 1P5	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
1-win.es E1	`2024-01-02` - `2024-04-01`	3 months	crt.sh
1winaz.com Go Daddy Secure Certificate Authority - G2	`2023-12-19` - `2024-12-19`	a year	crt.sh
1win-it.com GTS CA 1P5	`2023-12-09` - `2024-03-08`	3 months	crt.sh
1win-bet.com.br R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
1-winuz.com GTS CA 1P5	`2023-12-27` - `2024-03-26`	3 months	crt.sh
1win-pl.com GTS CA 1P5	`2023-12-19` - `2024-03-18`	3 months	crt.sh
1win-tr.net E1	`2023-12-10` - `2024-03-09`	3 months	crt.sh
1winkz.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-27` - `2024-02-19`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://one-win.in/
Frame ID: E789CD662CD8EAEA750A127826210F48
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jRj4ctKIHjc
Frame ID: E9A29842E7053C61C91FDF5B4799D1D0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1WIN 🎰 Betting and Casino official online website ᐈ Registration Bonus ₹75000

Page URL History Show full URLs

http://one-1win.in/ HTTP 301
https://one-1win.in/ HTTP 301
https://one-win.in/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Basket

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Wink (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:_base/js/base|wink).*\.js

Page Statistics

65
Requests

92 %
HTTPS

84 %
IPv6

18
Domains

19
Subdomains

19
IPs

3
Countries

2298 kB
Transfer

4802 kB
Size

4
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://activityedu.ru/
Title: 1WIN Россия

Search URL Search Domain Scan URL

URL: https://visitkyiv.com.ua/
Title: 1WIN Україна

Search URL Search Domain Scan URL

URL: https://1-win.es/
Title: 1WIN España

Search URL Search Domain Scan URL

URL: https://1win-fr.com/
Title: 1WIN France

Search URL Search Domain Scan URL

URL: https://1winaz.com/
Title: 1WIN Azərbaycan

Search URL Search Domain Scan URL

URL: https://1win-it.com/
Title: 1WIN Italy

Search URL Search Domain Scan URL

URL: https://1win-bet.com.br/
Title: 1WIN Brasil

Search URL Search Domain Scan URL

URL: https://1-winuz.com/
Title: 1WIN O'zbekiston

Search URL Search Domain Scan URL

URL: https://1win-pl.com/
Title: 1WIN Polska

Search URL Search Domain Scan URL

URL: https://1win-tr.net/
Title: 1WIN Türkiye

Search URL Search Domain Scan URL

URL: https://1winkz.com/
Title: 1WIN Қазақстан

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://one-1win.in/ HTTP 301
https://one-1win.in/ HTTP 301
https://one-win.in/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://one-win.in/engine/classes/min/index.php?charset=utf-8&f=engine/editor/css/default.css&v=26 HTTP 0
http://one-win.in/?charset=utf-8&f=engine/editor/css/default.css&v=26

Request Chain 2

https://one-win.in/engine/classes/min/index.php?charset=utf-8&g=general&v=26 HTTP 0
http://one-win.in/?charset=utf-8&g=general&v=26

Request Chain 3

https://one-win.in/engine/classes/min/index.php?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26 HTTP 0
http://one-win.in/?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26

Request Chain 54

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

65 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
one-win.in/
Redirect Chain

http://one-1win.in/
https://one-1win.in/
https://one-win.in/

86 KB
18 KB

1236ms
1148ms

Document
text/html

2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

e6faf70250117eeb41bae0cb5d1519399fd0ad53bf1affe50791ae06f1e26a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 83f5fe77392550a7-AKL
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 21:11:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zlwi1KEqHht2oLSqF0dhXPmU3uLhGSzqGR5ouAE7JM4CbvkoF2lMJ%2BFnpkXhQ11%2B30sQoQFAJnYvjmGg%2FPO1sPXlmNufUdVYFK3iQp6QJuRvHTtPGHtSHzBb0EEv8yHP5CJWntXq9C2q"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.6.40

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83f5fe6f997a5551-SYD
content-type: text/html; charset=iso-8859-1
date: Tue, 02 Jan 2024 21:11:21 GMT
location: https://one-win.in
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDL4KFXZVU3lxOtVJlrbWcSbfHGyL94seWuTn19EP5Dctu8%2FY7rK8fpcVM4fRbonrwatTnQt6oXTFYE2W%2BTgDxb6yAXbyVFw26UfFAGc3m%2FmI7HXmogAv4lY2STghlMMXsyyXXc0DYMXGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET index.php
one-win.in/engine/classes/min/ 0
0

GET

/
one-win.in/
Redirect Chain

https://one-win.in/engine/classes/min/index.php?charset=utf-8&f=engine/editor/css/default.css&v=26
http://one-win.in/?charset=utf-8&f=engine/editor/css/default.css&v=26

0
0

GET

/
one-win.in/
Redirect Chain

https://one-win.in/engine/classes/min/index.php?charset=utf-8&g=general&v=26
http://one-win.in/?charset=utf-8&g=general&v=26

0
0

GET

/
one-win.in/
Redirect Chain

https://one-win.in/engine/classes/min/index.php?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26
http://one-win.in/?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26

0
0

GET
H2 200 engine.css
one-win.in/templates/Red/css/ 59 KB
23 KB 1442ms
1441ms Stylesheet
text/css 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/css/engine.css

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

943af0ef87a2dcc449d195254c7dcb2bbfd270e3dd11ae8310f2dcad1d49646a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ed35-5f443f6831ab5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgC49rG4AwfM45JfVsuR5IrH82k%2FkWtQM1sfaX3H%2Fg3VF7Yty2SMLUp436mPw4JftzCaOoljh4s95ocKdV1jTAtUmjLPWTxAq3K8hcq9WL5KExnXDeoBbj8GRcoXjq0NdhxMrgXLRIhD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83f5fe7e7b2350a7-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.css
one-win.in/templates/Red/css/ 59 KB
13 KB 1441ms
1439ms Stylesheet
text/css 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/css/styles.css

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a098f9759e4c5523b6e8e1097729744a217510b73470072f2b7a2f51005574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"eb9d-5f443f6831ab5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWeg0f%2F%2BRVSHTcQ%2BNXfzb9aCKxeZDKD0SJgDn12nnevXaJ%2F%2FNKyM96WIq3SxobdYZ%2B6abgUlqIrRQ2lrp9QQtqNkwV78h5ul1am2gEkQZXfs%2Bw78Yg47VkIgdVt8OCg1kgWMofUzlOkE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83f5fe7e7b2550a7-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 font.css
one-win.in/templates/Red/fonts/ 2 KB
610 B 883ms
881ms Stylesheet
text/css 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/fonts/font.css

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428e5ab72bba707703166878ea9a2008be0ed4d89bf0602f17612cef2f0a3c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:23 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"694-5f443f6846e8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4Y33wT3KRK7FQ8%2B3vOKr%2BKS2SHJasFFDK%2FV0FjBQDkwz3rKTWGRKMbb8z5HMxHZa0fj9Kjl5kOWZLngzpsfmoeX3POGQAG92IxKyDxL1Ux%2BeOEYLta%2FyFEs4dGzB2nbXx3fIEHCWFPJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83f5fe7e7b2650a7-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo1.png
one-win.in/templates/Red/images/ 14 KB
15 KB 1120ms
1119ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/logo1.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e802074f521bef709e7fc0b1e2f141832316c0e67d8278ec31ee38ad1ddc585f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:23 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "392d-5f443f683266d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePoc%2F%2FSiV8COKuCtUJD521waVQSnzMlEz4oYshP51xjvnoeWWgDxzCtXAC8YUCkiLeuUbHny%2BNb3issopOpz9hck3R6RZWXcGET94zW0LSIL9E1m7JeYVhlyTXflhI8suclcVhL7dIZh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe7e7b2850a7-AKL
alt-svc: h3=":443"; ma=86400
content-length: 14637

GET
H2 200 1f3b0.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
899 B 209ms
68ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f3b0.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

87eea51e11f1301207f08c548815bf770dfdf6f48ab6177095d2a4c2a74fb4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Tue, 02 Jan 2024 21:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2757.svg
s.w.org/images/core/emoji/14.0.0/svg/ 231 B
541 B 69ms
68ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2757.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e2e68e97593beb78225af7f9edc7624c19cd84ebfeb07dcbc4b06fb9f49d0526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Tue, 02 Jan 2024 21:11:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2696.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
857 B 69ms
68ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2696.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

12a52e8b4b0dfe911d87a2ecf7da2f1e64236430ee2e17b8f25a64a1e1a512a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Tue, 02 Jan 2024 21:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f91d.svg
s.w.org/images/core/emoji/14.0.0/svg/ 3 KB
1 KB 69ms
68ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f91d.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41fabf139814bb8c223b4b2c45187ad55c92515cc4c63659deaaf7f8775e4a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Tue, 02 Jan 2024 21:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 23f3.svg
s.w.org/images/core/emoji/14.0.0/svg/ 548 B
596 B 73ms
68ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/23f3.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2a7a5ec4c9338fb81c3ea9026463b56c4efda965b915d30341944691f0023370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Tue, 02 Jan 2024 21:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f3f3.svg
s.w.org/images/core/emoji/14.0.0/svg/ 997 B
714 B 74ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f3f3.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e5f1c198a1fda0174af0620a13dac9c73fb44849c9ffd1320ffdba3984178986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Tue, 02 Jan 2024 21:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f198.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
781 B 74ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f198.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

8ff03fd944d242f544d320b8427a94006d55cd8ed015786c0e4b6cf099a12f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Tue, 02 Jan 2024 21:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1628698060_bonuses-and-loyalty.jpg
one-win.in/uploads/posts/2021-08/medium/ 57 KB
57 KB 1524ms
1519ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628698060_bonuses-and-loyalty.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c390a9c13d4d49df5d0cc703284e856f2ae0c89e0e4bd7758c66415ac7303ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e3c5-5f443f68aa06f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOnrP%2FERBpXIh6sv5iu7jtYXq9G3ps%2FnZm1IPhjpEGuNb2PeD%2FuMYjfpj59vg0YGPL3MhI9%2F8YAzBdThUF%2FKz%2BsxPnhVLcdjJ3hIQ7GY6JtpsQ9i%2BYfMitSGAg0T0yQSTLBbrIVNZHhW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe844f6350c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 58309

GET
H3 200 1628697488_complete-registration.jpg
one-win.in/uploads/posts/2021-08/medium/ 83 KB
84 KB 1550ms
1546ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628697488_complete-registration.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f49de01c31e6f61bc046690f830238485de89653b8225327457fb69da9bc12df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "14c60-5f443f68a7d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31ckwqwPA1LvbYUbaEReJvulKld4ZnVUvbjhjsfZ5D3OJQu1XkGnVtM%2BzI5jEpS91ewzbR%2Fv9chvRZM2phA8UIOanCEhbuUTiKplMHcyqq4PavcCR8PeIFFzjdAIlMh1scPC0gXCLDQx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe844f6750c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 85088

GET
H3 200 1628697314_download-application.png
one-win.in/uploads/posts/2021-08/medium/ 141 KB
141 KB 1454ms
1450ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628697314_download-application.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2416d0e716f332126a402ba9ae028da7b40b110752c7d95c3762630c99dc653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "23325-5f443f68a7d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhKcJbEFQhD29751EMXeUrX2%2FYFetXpxRqm449G1eEzjHOdb8JNXuOfAl3CxUIHqEeGbuoLVebiIjdJFBt1XHDY%2B7Xo8FFBpxvci8Hmn908xB2efNfeJKxPXE%2B6Zbe20kNkRs0dXRL5l"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe844f6850c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 144165

GET
H3 200 1628697261_1win-main-page.jpg
one-win.in/uploads/posts/2021-08/medium/ 86 KB
87 KB 1508ms
1504ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628697261_1win-main-page.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88d2d786c15264587f527b067e334465febd01327e66190839533340624dbcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "15924-5f443f68a7960"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bdp0fLIqKRYZB23YJZ4O4xp8xmh2hNs2D1hc32pcGfNUMUj49mVRbQ96T6VOn1ItHIKlncunNmnDrXIAI4MXino0Mhi6Exz3MQjWR7JP8lphj9fXcDtzT247Yl4BhTmoFXX1cJDFoor0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe844f6950c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 88356

GET
H3 200 1628697049_casino.jpg
one-win.in/uploads/posts/2021-08/medium/ 100 KB
100 KB 1605ms
1600ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628697049_casino.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c87900417b85a75688d9477306f3917a414f95e7c6be9cb3b26fb28a95dc95fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "18fd8-5f443f68a7578"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqW9%2BtoLwqy%2BFqrFKMaNRMiM6IDDjjF0XrfiqTFGqtx7lU%2F3tlm%2BaU7Brg3fDCFgmt4osVr1ICE4EP3u%2B5qi2cWbONGMH%2BrQ6dVauSVGoJ7MfTxD5Wo9%2B5T2XmW7vf7dM3EvfI2kc2XV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe844f6b50c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 102360

GET
H3 200 1574107825_kaper.jpg
one-win.in/uploads/posts/2019-11/ 81 KB
82 KB 1619ms
1615ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2019-11/1574107825_kaper.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c0804c5085dde1f4bbadbc0e6266b9d34e057aa0f6a8ee9b0bac02df0f32be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "145c7-5f443f685ed58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BNlRJmSlFxxfzgF%2BR6To5tDdzrulqfX6h0zLsNdV5QsTcdCD9FzQUYMv%2FTGVvcxPQU4PfVulhdFzqslNzjzyfxAJSU%2BwiWtOO%2FrudgBDhu5nUXiH0JCmhv87R8JuZpWhZhYsqMu7M9%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe844f6c50c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 83399

GET
H3 200 1628696899_odds.png
one-win.in/uploads/posts/2021-08/medium/ 329 KB
329 KB 1635ms
1630ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628696899_odds.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801b9d74938e5978883d16550e8dca65fdc65fa4ab62da036d32ed5ea683e6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "523bf-5f443f68a7190"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmAahBI3WQJhT89jGiKE0c04WDIuC5c4oQIUpjO5isaVZVQI59WNwvG3%2FokCmZ%2FjM%2FDC%2BEP1vBg8djD%2BGl2bsLFX9V61U%2FLqizlSgJZ7p%2FraFTpb9jHt7sys3SA7W3o1YhhOLpi3E3OU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe844f6d50c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 336831

GET
H3 200 1628695838_types-of-bets.jpg
one-win.in/uploads/posts/2021-08/medium/ 91 KB
91 KB 1500ms
1496ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628695838_types-of-bets.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0908a00905c6bb685cd6b03f8c920044f2ac1a01f16578296b18c467aa9f7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "16b5a-5f443f68a69c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8bJPpRbHiGltdMIy53UnjKsarJmrGfJptdPMAv7lEbzqRs%2BgXM0fg3ZL8CmY5LBPOZSYp13chGfHBjvXXBsZhAGNCFxnFSqeRsLfCiAsOOZT3tfuz8m1HjBe2tIdxH2JQ%2BabnKWkrwf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe844f6e50c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 93018

GET
H3 200 email-decode.min.js Show response
one-win.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 38ms
37ms Script
application/javascript 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FTCjnUCBAMcgQkFJKXRIyanpnT5ESKrWT0RH4Pgk2ci0md1swYOzR1sweFD5%2BwB7NhYIjwC%2FKepM22EFDsHIoFVnHHiBP1PvzZupS3MhsnBI6aVbxsEtgKwxy4tJ1nJ20oWzPSyKOy%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 83f5fe811a1950c8-AKL
expires: Thu, 04 Jan 2024 21:11:23 GMT

GET
H3 200 ru_language.svg
one-win.in/templates/Red/images/ 926 B
957 B 899ms
895ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/ru_language.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f98019b7aee345b81a07cabfae056cbbda99fa46fc0fcc15e77fc6bc94b597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"39e-5f443f683842c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OI8tXNrTMPYTSinED9oa0YVFia5Pd6UrpClNd7AzMvmZ6jnNL%2FsBGegh3CYec%2Bls3MMNTkAG%2Br5YPSfcsmiFheyoIRd7YSkpHY0JJnT%2BZu%2BhpXT2eIWKTgWaBBoosOVwgJ7K35FdOCUi"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83f5fe844f6f50c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 uk_language.svg
one-win.in/templates/Red/images/ 678 B
823 B 887ms
882ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/uk_language.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcbd015c85ac3ffcb7ae7b9d7f7fb9824f77470f06d2b142a347a605c1f5ceaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a6-5f443f6838814"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6025GZ92bbbvjWJgqldeNBudrQB%2F0Mq9vFUfINrB0ae4cpc0ShkN2qQH%2Bf4dx7HzrCsGlq4FjcrBVWuUaVwwN6MMlt%2FUIsUqAQ4VyAjho%2B2Y89OLGhq7UdP%2FR84W6VCc3YhzfUzACXi"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83f5fe844f7050c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 in_language.svg
one-win.in/templates/Red/images/ 7 KB
3 KB 969ms
965ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/in_language.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ba8eb0910ee1169898e0e7bbedd01118af84e5a25e5a9ed4aac6205962e9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b69-5f443f683842c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8Sjcms0sj9yWYKqgbUYf6f47mMwi9sGnh21AXAA7w89WfEkc7HBPn3IRCLJgeh2Hfc4c%2F1aoQbYlHlwMh7whBF6y8n%2FUMNP0WIzv9JMjlTtTbYA80QKF8IQ5j7Yww4udFkBi2mXE2vQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83f5fe844f7150c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 es_language.png
1-win.es/templates/Red/images/ 12 KB
13 KB 1218ms
1129ms Image
image/png 2606:4700:3032::ac43:a152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1-win.es/templates/Red/images/es_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
cf-cache-status: BYPASS
last-modified: Fri, 10 Sep 2021 10:56:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "613b39cd-3123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC8BzAn7%2FMOB0q50iCpDe8ffCnSKkGefPMwDLSmlhzFcaU5X94iATARAWXkfWqqBd1bfaTWDgSX8pAjmPZ4Dp3kPg4rdvxrUedOlp8Vd7%2BtsHuYdOGz%2FTBQZDMeNklAv%2Be5Nl9uN8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 83f5fe84de547253-AKL
alt-svc: h3=":443"; ma=86400
content-length: 12579

GET
H2 200 fr_language.png
1-win.es/templates/Red/images/ 16 KB
16 KB 1233ms
1144ms Image
image/png 2606:4700:3032::ac43:a152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1-win.es/templates/Red/images/fr_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
cf-cache-status: BYPASS
last-modified: Mon, 13 Dec 2021 17:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b780a4-401b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIC77950rXBzTPR8TVI9UZIFDkciuOuozxsrz1ZFgo1bkxeaWjJZExC99%2Fqw0WpQSa%2BXgyC4fSAconSvYDltJluABeMdaBnzHOFZE0MzZB%2B65jNXqgoNR%2BSBfu4L4c%2BRj2EOBHMcuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 83f5fe84de567253-AKL
alt-svc: h3=":443"; ma=86400
content-length: 16411

GET
H/1.1 200
OK az_language.png
1winaz.com/templates/Red/images/ 0
0 598ms
207ms Image
text/html 13.248.213.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1winaz.com/templates/Red/images/az_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.213.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a67c48129651a0940.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

GET
H2 200 it_language.png
1win-it.com/templates/Red/images/ 969 B
2 KB 1169ms
880ms Image
image/png 2606:4700:3037::ac43:d7b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-it.com/templates/Red/images/it_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d7b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6cc412740f053235819c682454b1fa6ca2450b60998e9fe279542981bfe632a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
cf-cache-status: BYPASS
last-modified: Wed, 19 Jan 2022 16:28:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61e83c36-3c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QLxMGt1rZ7SmmDcdektm1BT4R%2FuY7gBuFXBtezeI7euIkQmEx8LARxd9u%2BGyHMebKmm%2FYkIqSFo%2F6qZww43LYrdaZrC2TStKW51PAXXuHtTlsmxcZx2FSfNMnvvUNOu%2BC7Hn5w3UHgCZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 83f5fe863d7adfc1-SYD
alt-svc: h3=":443"; ma=86400
content-length: 969

GET
H2 200 br_language.png
1win-bet.com.br/templates/Red/images/ 1 KB
2 KB 3890ms
322ms Image
image/png 193.233.15.5
SAFEVALUE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-bet.com.br/templates/Red/images/br_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.233.15.5 , Russian Federation, ASN42745 (SAFEVALUE-AS, SC),
Reverse DNS
Software: nginx /
Resource Hash: c5432f0e90740abb8554bcb28c9fe4a163792f85cc977706f092feb4e5a1f1b5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:27 GMT
last-modified: Tue, 21 Jun 2022 10:06:06 GMT
server: nginx
accept-ranges: bytes
etag: "62b1980e-5f0"
content-length: 1520
content-type: image/png

GET
H2 200 uz_language.png
1-winuz.com/templates/Red/images/ 1 KB
2 KB 1119ms
875ms Image
image/png 2606:4700:3037::6815:a4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1-winuz.com/templates/Red/images/uz_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7215d44838c531a3c8ef5b279ced07a14d7c5fb8f2da0d454d646e6576252a54

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
cf-cache-status: BYPASS
last-modified: Tue, 29 Mar 2022 14:08:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624312ce-441"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYJ5%2FAiw38hDJiiAzixZyZN2QyGZt6II1lETsl0zu0ADIBLqxXUhptDYe0euNVRzfpNhg3jAS2LSH0qrLcTZ73pNYrtsAzePhKLsd2dOStWgRetyBFTfYtS8EtWSRbTc3JDWGNAl%2FEYKJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 83f5fe85ec3879d0-SYD
alt-svc: h3=":443"; ma=86400
content-length: 1089

GET
H2 200 pl_language.png
1win-pl.com/templates/Red/images/ 868 B
1 KB 1047ms
867ms Image
image/png 2606:4700:3035::ac43:88d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-pl.com/templates/Red/images/pl_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:88d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09b2539ecd69cd2e7def2d40d335e7645e2443083c0854d715a05974fc335a7b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
cf-cache-status: BYPASS
last-modified: Tue, 24 May 2022 12:17:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "628cccde-364"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0M8uNtSYzOBBb08dA%2FUKZHaKCxNglLN5ZM9gaJUZ%2F8TqxZtSxxChF%2FgrtMZjiOYfN%2FoHI2XqjopVAwD3A3e0ek8GTjE7w66GCIoteajcD0p24K5p%2FCv1TwK05SGx1%2BoRUmi1o93ngM0Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 83f5fe8568651c5a-AKL
alt-svc: h3=":443"; ma=86400
content-length: 868

GET
H2 200 tr_language.png
1win-tr.net/templates/Red/images/ 1 KB
2 KB 1011ms
887ms Image
image/png 2606:4700:3030::6815:1e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-tr.net/templates/Red/images/tr_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 392ac239809c0d958800989e3bff5311fb1ad198fee5cb837f1bdff18f5a80b5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
cf-cache-status: BYPASS
last-modified: Tue, 24 May 2022 12:12:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "628ccbbd-4cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riUJVlOslhTlH2Q9km7u7ru2yF868vFbIoQnBo2zZPL2GJ4e%2BtT0SgFJAIw9w91fdbepvmRhvTmWyz49o%2FUdrN%2F4CzSYi%2B7PxjfNCJxN23pB0tuzbH73duavvDSDW97VhpBMHeUv5%2Fte%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 83f5fe851fe21c5a-AKL
alt-svc: h3=":443"; ma=86400
content-length: 1229

GET
H2 200 kz_language.png
1winkz.com/templates/Red/images/ 2 KB
2 KB 1041ms
918ms Image
image/png 2606:4700:3036::6815:49b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1winkz.com/templates/Red/images/kz_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:49b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772d2de3f63e8199a32fd98df9c9ff67f42bd9de364d93bac3cc73336d6f841d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
cf-cache-status: BYPASS
last-modified: Tue, 23 Aug 2022 22:37:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "630556a9-792"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1%2Bp7vBMmWYVjprY4o1DI9qkhT%2Fc8SLpMOhRqJP2AXGzLuIDZcAilVEmH4AkCgt0UxEdMVLxxttTEE02XwqVTnV67Sea6GJ7STGsuD5M4NOaU4YohkrPcWr5l%2B0U7JJFcI3gHelX%2F26o"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 83f5fe850fdf1c5a-AKL
alt-svc: h3=":443"; ma=86400
content-length: 1938

GET
H3 200 lib.js Show response
one-win.in/templates/Red/js/ 10 KB
4 KB 888ms
887ms Script
application/javascript 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/js/lib.js

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

583707b59618d1e2736b0d34c36b6cd4e1fd0e3e9b5cb6d7081a279c829f6a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:23 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"27a2-5f443f68408fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPjUSDogHvtwerereP214qza9gNWz1c61vX9JdA1IKtRnAG3KA0RF3IJig9pHfqcR8lzWJNpB5ci3Ekg0NQimukce0gu39189n9liqgmwwQBBZoQtN%2FHeM57kFgTBLwRHSy9ndS0zLJb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83f5fe814a7e50c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 svgxuse.min.js Show response
one-win.in/templates/Red/js/ 2 KB
1 KB 946ms
945ms Script
application/javascript 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/js/svgxuse.min.js

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e98232b17afe22e277834d378523c76acb889f464a31d5595e03a821fcb6dae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"73c-5f443f68408fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNtXmic%2BQ1byqEVOnWZEU9qvSw6EOTt%2BV3boqBOuXBLciauKLco6HCRk9x6c1rvPguPIXaWIzQJCmqmcEk8dvcZSBTGZwG5cOIccTOdYzff5Wdqa6OFJeBrUEhdp37YMNAuwC9DBI3yC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83f5fe844f5050c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 jRj4ctKIHjc Show response
www.youtube.com/embed/ Frame E9A2 90 KB
38 KB 696ms
296ms Document
text/html 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jRj4ctKIHjc

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a309af9d57fba1fede2813fe18429fc0298232c7bfd24aa5a72c25299a5f9c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-win.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:11:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bg.webp
one-win.in/templates/Red/images/ 81 KB
81 KB 1499ms
1498ms Image
image/webp 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/bg.webp

Requested by

Host: one-win.in
URL: https://one-win.in/templates/Red/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08cc9ee7c62f032f5e0d84b3a57b8fa6c4a95a06ef4cb7a97b11b704682d5908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/templates/Red/css/styles.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1420a-5f443f6839b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXat%2FIJvxaBZ08z6mizgTY3jl2r7rKrs1kv%2BPqPNwsC4p9joehKO%2BAs%2BU9RqAQDAK8VYw%2FsU1vHaAMse5TA8ZVxUjI%2Bi%2B3z50TLv40plgFaUkjor88iGC8liqb0Cm%2BqO3vDhQV7u7UtS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe877ba650c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 82442

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3900b5971fa63da5abbbfaa7cf3dd2c80a286116463f2ca626fe4df2c18af942

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H3 404 /
one-win.in/templates/Red/images/promoblock/ 27 KB
27 KB 547ms
547ms Image
text/html 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

ac94fef5201f349edfe23041f494ef9160ef4cce135f6b939f8d493175350e2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:11:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bx0AseNHXNvEP9JrtSduIorHHdFUxx3MJLttSRlWUnPEXCqW2uPlE99rGGYBj65Uvu%2BcyaWFQKDE5lknUeBVNEr6rx5EvKQcpD9jpOoBCGn8O%2BRU2Z8l6PTmIbzWp5hcXTxenxJRVEQj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83f5fe878bab50c8-AKL
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 home-coin1.d4c8e93a-105.png
one-win.in/templates/Red/images/promoblock/ 7 KB
7 KB 872ms
871ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/home-coin1.d4c8e93a-105.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c0894320dbd9a6b1b81551a4695808f4645a25f2f3f39eaa701ce12220a46d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1c1d-5f443f683e1eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BTIn0CFieya3AsgmJcLfOkKkbEkpt%2BUnZQH1Yml7Ehmy61YTnzaE%2FL0MGoH5a5x2GpPqi9nUjSQBGei0XAzDf4ENMLr38TjDsSwlBEvY9uwgsFUEyxSHERVrfqohh%2FUpy3FKeGaoLhb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe87abdb50c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 7197

GET
H3 200 home-coin2.46f26b73-95.png
one-win.in/templates/Red/images/promoblock/ 5 KB
5 KB 870ms
864ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/home-coin2.46f26b73-95.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6e0a8c491cbc5f563cdc974777d0b8b2ff8b6e3118ba52dbaf1a05e862825e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12c0-5f443f683e1eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrVnD5Z1WJzxX1HODpP3Mp5dyzb0KN7kuT99ZPJdfOUeRzYhWj60MaobznIImVhVu2q9ZZaaimP8uduVUhkr30K%2Fdz%2FPtqbXD1hUs8J1vuAigX9dmiJxoolmPBtCV1Hds3Xv45wpEfbg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83f5fe87abdc50c8-AKL
alt-svc: h3=":443"; ma=86400
content-length: 4800

GET
H3 200 arrow.432a5f97.svg
one-win.in/templates/Red/images/promoblock/ 231 B
658 B 904ms
897ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/arrow.432a5f97.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3abc1eae93fc3a9676e3c7afc9b3cacb22f449c05cc36701219e9fa364def01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e7-5f443f683de03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Alv54dzk4HZhvE1wID4LMpp%2Fg6HCPg9mjhZcj%2BUUGfV0SXRuFnNQkJseRjfsu%2FDqn%2BLp9X%2FIhodrB5eARUU9wPoqEb0bwqoiU%2Brc%2BwurkIGosS6V5v4yxr5%2B7CRsHSz7NhutiM%2Fcddl7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83f5fe87bbec50c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 bottom.14decf5c.svg
one-win.in/templates/Red/images/promoblock/ 461 B
788 B 904ms
897ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/bottom.14decf5c.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5389dded398cc3a7556f05f42b9c6f19fa7b6dbcabf0457e222137c7caeac104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1cd-5f443f683de03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79tJwOOkVPytjxffmmUMebuidRv6Q5NORmlOTM9kpxLJGcmAEHNMI%2F%2FaXnmtDg2nu63LRsXSvPK1y36yw%2BhIrhm5dzjcDics3hZirS5vSdY1w4cT67iNLRrvSp2HlGHXpH%2FuQ1NzvTD2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83f5fe87bbed50c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 gradient.69b8b4ad.svg
one-win.in/templates/Red/images/promoblock/ 970 B
994 B 870ms
862ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/gradient.69b8b4ad.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02cd0359ae57aea36e1a176bb722646c31ca84df3b6ce8b90d040c756c7cd798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3ca-5f443f683e1eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO%2F60m91vzUPyvQ9eJxwHNYkAK%2BHUkMY1PSlwA8Zqnzl1P7Zh199F%2BUiyUUGUSO6aQ6jpXbljWJ3FrWMG%2Bq%2FxiXhsnRSS5wZN5UbTbzIbPicGoosEp51jNQmrdmlmnKquT7T3OR3J7N8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83f5fe87bbf050c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 arrow-yellow.1cc072c7.svg
one-win.in/templates/Red/images/promoblock/ 1 KB
997 B 905ms
897ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/arrow-yellow.1cc072c7.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1dcb4cdf5b33c02d4b050a561c0a3ec763f864a121621326767b40f0621ea97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:24 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"404-5f443f683de03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxRl8qPxgSJIKQYA3hUQ1K%2FjEG%2F2dCV7YldVwyASZMOsSkk%2BDytdGKTM6nq08uaf6cewKtXsTP%2F61kuHK7ckC9xolb9QNiLb2mTtR0wE6hjl7g%2BLfwoXFLKKmspLLWQ9mjpAc%2F9PGBwm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83f5fe87bbf450c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 www-player.css
www.youtube.com/s/player/da154528/ Frame E9A2 358 KB
47 KB 180ms
179ms Stylesheet
text/css 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 27 Dec 2023 06:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47436
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Dec 2024 06:29:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9A2 10 KB
11 KB 551ms
152ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 29 Dec 2023 03:47:46 GMT
x-content-type-options: nosniff
age: 408218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10748
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 03:47:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9A2 11 KB
11 KB 573ms
175ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 28 Dec 2023 23:16:57 GMT
x-content-type-options: nosniff
age: 424467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10788
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 23:16:57 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/en_US/ Frame E9A2 52 KB
16 KB 154ms
153ms Script
text/javascript 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234595572b74d58cd52917208142b3131ad7992126358ee0d917a40cd1240e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 01 Jan 2024 08:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16296
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Dec 2024 08:25:12 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame E9A2 322 KB
97 KB 181ms
180ms Script
text/javascript 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 01 Jan 2024 20:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Dec 2024 20:11:18 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/en_US/ Frame E9A2 2 MB
767 KB 241ms
240ms Script
text/javascript 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd8d118fe8ac283b6e6ece58b4bcbbc06cd734f11761faa7c46ff08069f711f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 01 Jan 2024 08:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785283
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Dec 2024 08:35:30 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E9A2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

249ms
249ms

XHR
application/json

2404:6800:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Server

2404:6800:4006:809::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ce44fbd90616fd3712ee1788b2dbf2f0c265086de86c0ac0c004835f85eb101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 Jan 2024 21:11:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E9A2 29 B
495 B 549ms
152ms Script
text/javascript 2404:6800:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80b::2006 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 20:59:16 GMT
x-content-type-options: nosniff
age: 729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Jan 2024 21:14:16 GMT

GET
H2 200 Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js Show response
www.google.com/js/th/ Frame E9A2 51 KB
20 KB 549ms
152ms Script
text/javascript 2404:6800:4006:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2004 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 15:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 15:06:16 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/jRj4ctKIHjc/ Frame E9A2 27 KB
28 KB 832ms
433ms Image
image/jpeg 2404:6800:4006:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jRj4ctKIHjc/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::2016 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2a3de04ddeb444f03fe8b3449c7743e3cd5ccc6b7a4284e25306df24af0e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27988
x-xss-protection: 0
server: sffe
etag: "1660305367"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Jan 2024 23:11:25 GMT

GET
DATA 200
OK truncated
/ Frame E9A2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 tTaDBDwWahX27Cf_23g9Z-5uGAU0zBPZr4xF9Sw1TEE5An5pHmalzsPPbpGwy9S71YmJUoHAD-M=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame E9A2 3 KB
3 KB 895ms
497ms Image
image/jpeg 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/tTaDBDwWahX27Cf_23g9Z-5uGAU0zBPZr4xF9Sw1TEE5An5pHmalzsPPbpGwy9S71YmJUoHAD-M=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac6a52aa87188ecc54bde0c6e237703e834a843dd0fe0ba9b4fa8e66fdefc042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2827
x-xss-protection: 0
expires: Wed, 03 Jan 2024 21:11:25 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 643ms
246ms Preflight
text/html 2404:6800:4006:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 02 Jan 2024 21:11:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E9A2 86 KB
40 KB 258ms
258ms XHR
application/json+protobuf 2404:6800:4006:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

501c8c34fbfa6a04ac1939818d2dd0d5a5a4133f09925f6614d26c8fc2f1c70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: application/json+protobuf

Response headers

date: Tue, 02 Jan 2024 21:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40360
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame E9A2 0
10 B 152ms
152ms Image
text/plain 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Hyd5zQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jan 2024 21:11:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 246ms
245ms Preflight
text/html 2404:6800:4006:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 02 Jan 2024 21:11:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E9A2 98 B
142 B 250ms
249ms XHR
application/json+protobuf 2404:6800:4006:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

295a2bcbbf1808f092bb69a57414923baf7415bee9f14e86a47ad5e047152c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: application/json+protobuf

Response headers

date: Tue, 02 Jan 2024 21:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E9A2 28 B
50 B 294ms
284ms XHR
application/json 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
X-Goog-Request-Time: 1704229888261
Content-Type: application/json
X-YouTube-Utc-Offset: 780
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Pacific/Auckland
X-Goog-Visitor-Id: CgtPWnU2RWFVSlBBayj899GsBjIKCgJOWhIEGgAgLQ%3D%3D
X-YouTube-Ad-Signals: dt=1704229884847&flash=0&frm=2&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 02 Jan 2024 21:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: one-win.in
URL: https://one-win.in/engine/classes/min/index.php

Domain: one-win.in
URL: http://one-win.in/?charset=utf-8&f=engine/editor/css/default.css&v=26

Domain: one-win.in
URL: http://one-win.in/?charset=utf-8&g=general&v=26

Domain: one-win.in
URL: http://one-win.in/?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.one-win.in/	1970-01-21 02:09:25	Name: __ddg1_ Value: WPVVDaEYR3uFRp5LM8Rc
one-win.in/	1969-12-31 23:59:59	Name: PHPSESSID Value: 69kileh5klk9pni9ldi9tc0247
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: c_NH2sp5EUg
.youtube.com/	1970-01-20 21:43:01	Name: VISITOR_INFO1_LIVE Value: OZu6EaUJPAk

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://one-win.in/ Message: Mixed Content: The page at 'https://one-win.in/' was loaded over HTTPS, but requested an insecure script 'http://one-win.in/?charset=utf-8&g=general&v=26'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://one-win.in/ Message: Mixed Content: The page at 'https://one-win.in/' was loaded over HTTPS, but requested an insecure stylesheet 'http://one-win.in/?charset=utf-8&f=engine/editor/css/default.css&v=26'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://one-win.in/ Message: Mixed Content: The page at 'https://one-win.in/' was loaded over HTTPS, but requested an insecure script 'http://one-win.in/?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://one-win.in/templates/Red/images/promoblock/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1-win.es
1-winuz.com
1win-bet.com.br
1win-it.com
1win-pl.com
1win-tr.net
1winaz.com
1winkz.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
one-1win.in
one-win.in
s.w.org
static.doubleclick.net
www.google.com
www.youtube.com
yt3.ggpht.com
one-win.in
13.248.213.45
192.0.77.48
193.233.15.5
2404:6800:4006:804::2004
2404:6800:4006:809::2002
2404:6800:4006:809::2003
2404:6800:4006:80a::200e
2404:6800:4006:80b::2006
2404:6800:4006:811::200a
2404:6800:4006:813::2016
2404:6800:4006:814::2001
2606:4700:3030::6815:1e5a
2606:4700:3031::6815:11f5
2606:4700:3032::ac43:a152
2606:4700:3034::6815:380b
2606:4700:3035::ac43:88d1
2606:4700:3036::6815:49b2
2606:4700:3037::6815:a4f
2606:4700:3037::ac43:d7b7
02cd0359ae57aea36e1a176bb722646c31ca84df3b6ce8b90d040c756c7cd798
05a098f9759e4c5523b6e8e1097729744a217510b73470072f2b7a2f51005574
08cc9ee7c62f032f5e0d84b3a57b8fa6c4a95a06ef4cb7a97b11b704682d5908
09b2539ecd69cd2e7def2d40d335e7645e2443083c0854d715a05974fc335a7b
0c0894320dbd9a6b1b81551a4695808f4645a25f2f3f39eaa701ce12220a46d4
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826
12a52e8b4b0dfe911d87a2ecf7da2f1e64236430ee2e17b8f25a64a1e1a512a0
234595572b74d58cd52917208142b3131ad7992126358ee0d917a40cd1240e83
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
295a2bcbbf1808f092bb69a57414923baf7415bee9f14e86a47ad5e047152c4f
2a7a5ec4c9338fb81c3ea9026463b56c4efda965b915d30341944691f0023370
2ce44fbd90616fd3712ee1788b2dbf2f0c265086de86c0ac0c004835f85eb101
3900b5971fa63da5abbbfaa7cf3dd2c80a286116463f2ca626fe4df2c18af942
392ac239809c0d958800989e3bff5311fb1ad198fee5cb837f1bdff18f5a80b5
39f98019b7aee345b81a07cabfae056cbbda99fa46fc0fcc15e77fc6bc94b597
3abc1eae93fc3a9676e3c7afc9b3cacb22f449c05cc36701219e9fa364def01c
3f2a3de04ddeb444f03fe8b3449c7743e3cd5ccc6b7a4284e25306df24af0e03
41fabf139814bb8c223b4b2c45187ad55c92515cc4c63659deaaf7f8775e4a0c
428e5ab72bba707703166878ea9a2008be0ed4d89bf0602f17612cef2f0a3c4f
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
48c0804c5085dde1f4bbadbc0e6266b9d34e057aa0f6a8ee9b0bac02df0f32be
4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77
501c8c34fbfa6a04ac1939818d2dd0d5a5a4133f09925f6614d26c8fc2f1c70b
5389dded398cc3a7556f05f42b9c6f19fa7b6dbcabf0457e222137c7caeac104
583707b59618d1e2736b0d34c36b6cd4e1fd0e3e9b5cb6d7081a279c829f6a5e
60ba8eb0910ee1169898e0e7bbedd01118af84e5a25e5a9ed4aac6205962e9a1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7215d44838c531a3c8ef5b279ced07a14d7c5fb8f2da0d454d646e6576252a54
772d2de3f63e8199a32fd98df9c9ff67f42bd9de364d93bac3cc73336d6f841d
7b6e0a8c491cbc5f563cdc974777d0b8b2ff8b6e3118ba52dbaf1a05e862825e
801b9d74938e5978883d16550e8dca65fdc65fa4ab62da036d32ed5ea683e6a7
87eea51e11f1301207f08c548815bf770dfdf6f48ab6177095d2a4c2a74fb4b7
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf
8ff03fd944d242f544d320b8427a94006d55cd8ed015786c0e4b6cf099a12f0c
943af0ef87a2dcc449d195254c7dcb2bbfd270e3dd11ae8310f2dcad1d49646a
a0908a00905c6bb685cd6b03f8c920044f2ac1a01f16578296b18c467aa9f7ec
a309af9d57fba1fede2813fe18429fc0298232c7bfd24aa5a72c25299a5f9c56
ac6a52aa87188ecc54bde0c6e237703e834a843dd0fe0ba9b4fa8e66fdefc042
ac94fef5201f349edfe23041f494ef9160ef4cce135f6b939f8d493175350e2c
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
c390a9c13d4d49df5d0cc703284e856f2ae0c89e0e4bd7758c66415ac7303ef2
c5432f0e90740abb8554bcb28c9fe4a163792f85cc977706f092feb4e5a1f1b5
c87900417b85a75688d9477306f3917a414f95e7c6be9cb3b26fb28a95dc95fb
d1dcb4cdf5b33c02d4b050a561c0a3ec763f864a121621326767b40f0621ea97
d2416d0e716f332126a402ba9ae028da7b40b110752c7d95c3762630c99dc653
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
d88d2d786c15264587f527b067e334465febd01327e66190839533340624dbcf
dcbd015c85ac3ffcb7ae7b9d7f7fb9824f77470f06d2b142a347a605c1f5ceaa
e2e68e97593beb78225af7f9edc7624c19cd84ebfeb07dcbc4b06fb9f49d0526
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f1c198a1fda0174af0620a13dac9c73fb44849c9ffd1320ffdba3984178986
e6cc412740f053235819c682454b1fa6ca2450b60998e9fe279542981bfe632a
e6faf70250117eeb41bae0cb5d1519399fd0ad53bf1affe50791ae06f1e26a73
e802074f521bef709e7fc0b1e2f141832316c0e67d8278ec31ee38ad1ddc585f
e98232b17afe22e277834d378523c76acb889f464a31d5595e03a821fcb6dae1
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f49de01c31e6f61bc046690f830238485de89653b8225327457fb69da9bc12df
fd8d118fe8ac283b6e6ece58b4bcbbc06cd734f11761faa7c46ff08069f711f5

one-win.in Open in urlscan Pro 2606:4700:3034::6815:380b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

92 %HTTPS

84 %IPv6

18 Domains

19 Subdomains

19 IPs

3 Countries

2298 kBTransfer

4802 kBSize

4 Cookies

11 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

one-win.in Open in urlscan Pro
2606:4700:3034::6815:380b Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

92 %
HTTPS

84 %
IPv6

18
Domains

19
Subdomains

19
IPs

3
Countries

2298 kB
Transfer

4802 kB
Size

4
Cookies

65 HTTP transactions
2 data transactions