Submitted URL: https://035302.win/
Effective URL: https://www.035302.win/
Submission: On August 30 via api from US — Scanned from AT

Summary

This website contacted 15 IPs in 6 countries across 12 domains to perform 98 HTTP transactions. The main IP is 185.150.10.75, located in Vienna, Austria and belongs to EXOSCALE, CH. The main domain is www.035302.win.
TLS certificate: Issued by R11 on August 30th 2024. Valid for: 3 months.
This is the only time www.035302.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 185.150.10.75 61098 (EXOSCALE)
54 81.28.12.12 199524 (GCORE)
2 142.250.186.74 15169 (GOOGLE)
3 2.17.100.147 20940 (AKAMAI-ASN1)
2 216.58.206.40 15169 (GOOGLE)
5 142.250.185.67 15169 (GOOGLE)
2 88.214.195.101 46636 (NATCOWEB)
3 9 87.250.250.119 13238 (YANDEX)
2 216.239.34.36 15169 (GOOGLE)
1 13.224.189.49 16509 (AMAZON-02)
7 18.245.46.19 16509 (AMAZON-02)
1 93.158.134.119 13238 (YANDEX)
1 34.203.25.204 14618 (AMAZON-AES)
1 15.197.143.135 16509 (AMAZON-02)
98 15
Apex Domain
Subdomains
Transfer
54 gcdn.online
slott1.gcdn.online
slott2.gcdn.online
slott3.gcdn.online
2 MB
12 035302.win
035302.win
www.035302.win
984 KB
8 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 7846
downloads.intercomcdn.com — Cisco Umbrella Rank: 23025
698 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
5 gstatic.com
fonts.gstatic.com
64 KB
3 sportradar.com
tm.ads.sportradar.com — Cisco Umbrella Rank: 38141
tracker.ads.sportradar.com — Cisco Umbrella Rank: 42158
58 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5025
api-iam.intercom.io — Cisco Umbrella Rank: 5121
6 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
71 KB
2 r2drtb.com
pixel-us.r2drtb.com
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
175 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
98 12
Domain Requested by
27 slott1.gcdn.online slott1.gcdn.online
www.035302.win
15 slott3.gcdn.online www.035302.win
12 slott2.gcdn.online www.035302.win
11 www.035302.win slott1.gcdn.online
8 mc.yandex.com 2 redirects www.035302.win
mc.yandex.ru
7 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
5 fonts.gstatic.com fonts.googleapis.com
2 region1.google-analytics.com www.googletagmanager.com
2 mc.yandex.ru 1 redirects slott1.gcdn.online
2 pixel-us.r2drtb.com www.googletagmanager.com
www.035302.win
2 tracker.ads.sportradar.com tm.ads.sportradar.com
tracker.ads.sportradar.com
2 www.googletagmanager.com www.035302.win
www.googletagmanager.com
2 fonts.googleapis.com slott1.gcdn.online
1 downloads.intercomcdn.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io www.035302.win
1 tm.ads.sportradar.com www.035302.win
1 035302.win 1 redirects
98 18

This site contains links to these domains. Also see Links.

Domain
slott.com
r2d.partners
Subject Issuer Validity Valid
035302.win
R11
2024-08-30 -
2024-11-28
3 months crt.sh
slott1.gcdn.online
E6
2024-07-03 -
2024-10-01
3 months crt.sh
upload.video.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
tracker.ads.sportradar.com
R11
2024-07-11 -
2024-10-09
3 months crt.sh
*.google-analytics.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.gstatic.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
slott2.gcdn.online
E6
2024-07-30 -
2024-10-28
3 months crt.sh
*.r2drtb.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-08 -
2025-07-08
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2024-05-23 -
2024-11-02
5 months crt.sh
slott3.gcdn.online
E5
2024-08-18 -
2024-11-16
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2023-12-01 -
2024-12-29
a year crt.sh
intercom-attachments-10.com
Amazon RSA 2048 M03
2024-06-08 -
2025-07-06
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.035302.win/
Frame ID: 8E5F375A0BFC8E2789CFDC8D27C10117
Requests: 92 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7eeb3111.js
Frame ID: EC0891E798290C08358F5F74CE76732B
Requests: 8 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: E69AA290183C0C7F8B79A106CD21AC88
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Slott Spielothek für Video Slots Deutschland & alle Casino Spiele

Page URL History Show full URLs

  1. https://035302.win/ HTTP 302
    https://www.035302.win/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

98
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

18
Subdomains

15
IPs

6
Countries

3623 kB
Transfer

9864 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://035302.win/ HTTP 302
    https://www.035302.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10477.7acd71QqFxD7ChBvOh0ZrlcNzvhW5dZoxFGrA-RwbzzKfoOVMuvxSf46C5ej_-_s.yPEDdfAi-cqpendhtLv7KjzIPcE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10477.YPoGmVrASegnXKEFeI0nIjnJsxx9z1kkctw3byCJdXTjfGLv-DGjs-RyudxMsFgaaNuOF3oMNT8OOjR379noNj1KP0Dc-A0vBNElHXpoJz9QF9mGmU5ihP3rE0Nf-F-4ZGgkc_PcRErf5ynRBpeuLpaklclEnTviu1f-vbP7XtdmP7ukY_UnaHbqVgArBSTKPzEsdCoJLvjWqdTYvIx8ItyoJkzu93SbWTxeuvIZFK0%2C.bYyYJ_cPh_AmWSWzGuW1KUgjW5g%2C
Request Chain 82
  • https://mc.yandex.com/watch/96416313?wmode=7&page-url=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-AT%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A1091325290030%3Ahid%3A1044172320%3Az%3A120%3Ai%3A20240831011326%3Aet%3A1725059606%3Ac%3A1%3Arn%3A575173480%3Arqn%3A1%3Au%3A1725059606882646081%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A338%3Awv%3A2%3Ads%3A0%2C0%2C51%2C8%2C108%2C0%2C%2C116%2C21%2C%2C%2C%2C606%3Aco%3A0%3Acpf%3A1%3Ans%3A1725059599843%3Agi%3AR0ExLjEuNzEzODg1MTg5LjE3MjUwNTk2MDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725059607%3At%3ASlott%20Spielothek%20f%C3%BCr%20Video%20Slots%20Deutschland%20%26%20alle%20Casino%20Spiele&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96416313/1?wmode=7&page-url=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-AT%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A1091325290030%3Ahid%3A1044172320%3Az%3A120%3Ai%3A20240831011326%3Aet%3A1725059606%3Ac%3A1%3Arn%3A575173480%3Arqn%3A1%3Au%3A1725059606882646081%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A338%3Awv%3A2%3Ads%3A0%2C0%2C51%2C8%2C108%2C0%2C%2C116%2C21%2C%2C%2C%2C606%3Aco%3A0%3Acpf%3A1%3Ans%3A1725059599843%3Agi%3AR0ExLjEuNzEzODg1MTg5LjE3MjUwNTk2MDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725059607%3At%3ASlott%20Spielothek%20f%C3%BCr%20Video%20Slots%20Deutschland%20%26%20alle%20Casino%20Spiele&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

98 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.035302.win/
Redirect Chain
  • https://035302.win/
  • https://www.035302.win/
21 KB
7 KB
Document
General
Full URL
https://www.035302.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
1c405ff0ae6416ee74aa1d5445ac2dd799fc4f315e8a8e4ad873ee2e3bf3bd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 30 Aug 2024 23:13:19 GMT
expires
0
link
<https://slott1.gcdn.online/js/webpack.d.m.f53d413e.js>; rel=preload; as=script; crossorigin=anonymous, <https://slott1.gcdn.online/js/vendors.d.m.510e1ffb.js>; rel=preload; as=script; crossorigin=anonymous, <https://slott1.gcdn.online/js/app.ccb2f081b6a9.js>; rel=preload; as=script; crossorigin=anonymous
pragma
no-cache
server
nginx/1.14.1
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

content-length
161
content-type
text/html
date
Fri, 30 Aug 2024 23:13:19 GMT
location
https://www.035302.win/
server
nginx/1.14.1
webpack.d.m.f53d413e.js
slott1.gcdn.online/js/
195 KB
22 KB
Script
General
Full URL
https://slott1.gcdn.online/js/webpack.d.m.f53d413e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a3739dd14847399e879621ab63e490f61b94b61b0dd496364cf931fe8eb9d668

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108939
x-cached-since
2024-08-29T16:57:41+00:00
x-id-fe
cec-hw-edge-gc13
content-length
21782
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-7a99a70d266231c703fe3a459dedeb60-f9cd64ceefe71a32-01
etag
"66d03b44-5516"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendors.d.m.510e1ffb.js
slott1.gcdn.online/js/
201 KB
57 KB
Script
General
Full URL
https://slott1.gcdn.online/js/vendors.d.m.510e1ffb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ac68583fd59cdd0799c40885e3533afc197bd38ceac9307028b41b9e8e5a36a8

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108939
x-cached-since
2024-08-29T16:57:41+00:00
x-id-fe
cec-hw-edge-gc13
content-length
58319
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-ab99c46b2a3576f268aebb29c2d30a8a-127620ab9c67129f-01
etag
"66d03b44-e3cf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.ccb2f081b6a9.js
slott1.gcdn.online/js/
363 KB
69 KB
Script
General
Full URL
https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
74f64fbbdf5c074cc1ee9b5bc20898e23a8229be29317a8e41ca42a4062a288f

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108939
x-cached-since
2024-08-29T16:57:41+00:00
x-id-fe
cec-hw-edge-gc13
content-length
70807
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-22f57e82693050d90c1757b6d10904eb-f0ab3f5b61877f2c-01
etag
"66d03b44-11497"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-lodash.d.m.29e17cc7.js
slott1.gcdn.online/js/
73 KB
23 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-vendor-lodash.d.m.29e17cc7.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7d7d70bd726ace5583dad54e078742f0feecaaf831dcc755d0b3d13aeb412eed

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
23253
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-b8ee5b05f36cc3fc1b5ac9fdc1ac8cfe-2b52beb3acb551cc-01
etag
"66d03b44-5ad5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-vue-router.d.m.63dedac1.js
slott1.gcdn.online/js/
23 KB
8 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-vendor-vue-router.d.m.63dedac1.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d3184dfa0fcf994a19e5a40487055636f8eed1202abcb1a246b5091f81accd07

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
8313
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-c5f17d0b8bbd908f5d8a2670b41eb569-c07b82b6df3d194c-01
etag
"66d03b44-2079"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-vue.d.m.4c47cf40.js
slott1.gcdn.online/js/
143 KB
47 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-vendor-vue.d.m.4c47cf40.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8b2d6ff250aba36a02490b6da9702de143b31b476fd6f82e363618699dc367c7

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
47892
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-381efa0468f86db0580d392164d145f2-05d48bfa52863669-01
etag
"66d03b44-bb14"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-route-modules-core.d.m.2393c667.js
slott1.gcdn.online/js/
71 KB
15 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-route-modules-core.d.m.2393c667.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1861f34b7dd24841b80c83478b6ce351f3d8fa5531699db9f1c4b067b6a11c90

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
15399
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-f0b5f3cf782c5e76f013f7a72e9c8046-12a82987c4dff9e6-01
etag
"66d03b44-3c27"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-casino.d.m.728341ec.js
slott1.gcdn.online/js/
53 KB
11 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-casino.d.m.728341ec.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9371b4d932a782347a4f1a90dcde2a9e9e56cb15aa50585b9293311d0cd2131a

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
10858
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-9cfc69d656aad9f9f0bd2e27f938455b-f0dadba5b1759704-01
etag
"66d03b44-2a6a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-profile.d.m.df88e65f.js
slott1.gcdn.online/js/
27 KB
7 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-profile.d.m.df88e65f.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ae8c3f6c04c6459eaa7bd954659b54dbd2cc34d6d10c4d47019c64085ee9a506

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
7171
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-f12820221927ccff4ffef8c062e929e7-f6f8a9055dfb596d-01
etag
"66d03b44-1c03"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-core.d.m.ff0514e0.js
slott1.gcdn.online/js/
167 KB
39 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-core.d.m.ff0514e0.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a53a3c2e30ba71f2c349eb4690940a21ba77b8321ce9b966349c603b84489f3a

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
40216
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-04047884c9aea3ce5ab5d4c49729aab7-ce38bf69023dfbf2-01
etag
"66d03b44-9d18"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-referral-program.d.m.c8ee9675.js
slott1.gcdn.online/js/
29 KB
6 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-referral-program.d.m.c8ee9675.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0a04dc6812b68235f05fe6a13ea6407646f7c70fc4abb39de945ac24213ab6f2

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
6428
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-d688fa6e0c761f2f174407bfc17a7eee-87d34cf846772004-01
etag
"66d03b44-191c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-errors.d.m.7f49251d.js
slott1.gcdn.online/js/
19 KB
5 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-errors.d.m.7f49251d.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d0bf3900195e480db2218832820d5692b100d64fac833e23f42a66c73f3d68eb

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
5033
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-b1976461a990f599078c3062222bc284-754bc69669bf9acc-01
etag
"66d03b44-13a9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-pin-code.d.m.2b0674e8.js
slott1.gcdn.online/js/
29 KB
8 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-pin-code.d.m.2b0674e8.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
81cd36940e703345deb91f03066fadde5735b3dc3be29ac38542313f966738d6

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
7653
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-262643de58144aa9b0d6609eced09658-e4f518ac2f133a2c-01
etag
"66d03b44-1de5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-landings.d.m.8072195f.js
slott1.gcdn.online/js/
24 KB
5 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-landings.d.m.8072195f.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ff774d0fa3e50c4bfa95451f7a01f43d917ce2f429ac090948d9f052a14ab331

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
5479
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-f88311ead7a5f1f20eba7df97acf34c4-ac2398fc272bab19-01
etag
"66d03b44-1567"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-dialogs.d.m.d11a51e4.js
slott1.gcdn.online/js/
22 KB
6 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-dialogs.d.m.d11a51e4.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
179964249ec9a0fb3cbae024a777c673c736db11cb939daad935681d419e9e53

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
5758
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-83eefe8329ec10e8e6dbcc8573c6a8d6-4f78d8b7c99f7cc3-01
etag
"66d03b44-167e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-registration.d.m.941d46ce.js
slott1.gcdn.online/js/
21 KB
7 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-registration.d.m.941d46ce.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8580c34e186194ad3c072296cf8c3c2cb3092aba3d97fd575f4038f55261b3f5

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
7030
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-b64b57810c58fcdc618e43377ab3619f-fc193f923fd4ba96-01
etag
"66d03b44-1b76"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-customer-notifications.d.m.1cc4b462.js
slott1.gcdn.online/js/
17 KB
4 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-customer-notifications.d.m.1cc4b462.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
139635723c372c73c036819049086c6fa74d28f9dca3d6098cb69017b19af086

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
4312
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-e57657e9416f277eaaeb9dec35e55a42-56ed7aaf037d81ab-01
etag
"66d03b44-10d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-analytics.d.m.4d2e4948.js
slott1.gcdn.online/js/
26 KB
8 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-analytics.d.m.4d2e4948.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a0bd271303c0afec1093c44c649e746dfbf0977563eb9b6b46ce71dc23c9c364

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
8129
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-451de65da23a344d223c1679d07dc48c-a615961684401d5d-01
etag
"66d03b44-1fc1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-app.d.m.d47daa83.js
slott1.gcdn.online/js/
2 MB
361 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-app.d.m.d47daa83.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c0c7685bfa304fe29e1f0fd7418be70d1f15f8775963ca50ed9560652df373bb

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
369232
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-5186579bbf97274af362f0c550983828-10f755932f320ba2-01
etag
"66d03b44-5a250"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendors.d.m.759738ff.js
slott1.gcdn.online/js/
429 KB
115 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-vendors.d.m.759738ff.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e67ff02573646a3c57f7502c408488052ab66bf416d078a83a13323faf9ae7be

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108937
x-cached-since
2024-08-29T16:57:43+00:00
x-id-fe
cec-hw-edge-gc13
content-length
117717
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-3243bea8c586dfe1b2042af6fe02e9d9-e61d9e7a75200827-01
etag
"66d03b44-1cbd5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-1
www.035302.win/
244 KB
58 KB
Fetch
General
Full URL
https://www.035302.win/api-1
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
f45e7908c8d166954db8d7fb9c67e7a14b344682a988b5181c5c368625ea0dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-browser
chrome
x-app-version
6.95.0
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://www.035302.win/
x-app-modernity
modern
x-requested-uri
/
x-app-skin
slott
x-app-rendering
csr

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
de-AT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
async-module-banners.d.m.93c2d75c.js
slott1.gcdn.online/js/
27 KB
6 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-banners.d.m.93c2d75c.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
89a12126a18e4308ed673dc50c3d4cd20732555178516b5998d6d109025c7bc6

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:20 GMT
content-encoding
br
age
108934
x-cached-since
2024-08-29T16:57:46+00:00
x-id-fe
cec-hw-edge-gc13
content-length
5544
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-39c141a92e3cc3e3b840bcb92e975c20-67ac9a0506b7c221-01
etag
"66d03b44-15a8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap&family=Montserrat:wght@300;400;500;600;700&display=swap
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/async-module-core.d.m.ff0514e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
6d062386679d54648d1f2ad09c6aff67933248c4468da9e1e57b8d29e8b7952f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 23:13:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 23:13:21 GMT
async-route-modules-casino.d.m.252386f1.js
slott1.gcdn.online/js/
84 KB
20 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-route-modules-casino.d.m.252386f1.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
53d7cb0929d5d614adf6f9be52b758f2b35fed00e3680277ea7dfaad254c6253

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:21 GMT
content-encoding
br
age
50560
x-cached-since
2024-08-30T09:10:41+00:00
x-id-fe
cec-hw-edge-gc13
content-length
19994
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-bdaa17b9bdd601b6ada7b5dee4a9dab1-8274834be8800990-01
etag
"66d03b44-4e1a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-1
www.035302.win/
18 KB
5 KB
Fetch
General
Full URL
https://www.035302.win/api-1
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
376afdb89c1830fe3ada92dbe4969d099a07b1aff245b639ed289661b9255eb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
LIGHT
x-app-browser
chrome
x-app-version
6.95.0
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://www.035302.win/de-de/
x-app-language
de_DE
x-app-modernity
modern
x-requested-uri
/
x-app-skin
slott
x-app-rendering
csr

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
de-AT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
tag-manager.js
tm.ads.sportradar.com/dist/
192 KB
28 KB
Script
General
Full URL
https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAAX
Requested by
Host: www.035302.win
URL: https://www.035302.win/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eee291b412992dc09c34efc50ec24ea539d9d22e1d80d44d92ece7a92135a7bd

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:21 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
content-disposition
inline
content-length
28263
apigw-requestid
dWHCwiF4joEEPEg=
gtm.js
www.googletagmanager.com/
209 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XTG9WWN
Requested by
Host: www.035302.win
URL: https://www.035302.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9c4fc00c00ecc767449088c573a6a2d3d9124feea2b4d5d53376c85c2dd0d691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74454
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Aug 2024 23:13:21 GMT
api-1
www.035302.win/
439 B
621 B
Fetch
General
Full URL
https://www.035302.win/api-1
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
0cb4e89a0de88e70ae664c71e425f74a8ecdb23785863328a33df85ca4edcbf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
LIGHT
x-app-browser
chrome
x-app-version
6.95.0
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://www.035302.win/de-de/
x-app-language
de_DE
x-app-modernity
modern
x-requested-uri
/
x-app-skin
slott
x-app-rendering
csr

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
de-AT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
async-module-lobby.d.m.b4b8dd3e.js
slott1.gcdn.online/js/
52 KB
10 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-module-lobby.d.m.b4b8dd3e.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9a0426f9b4eb73d386ad6744f283ddab1a4f662601b51eea31d28c45564f4af0

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:21 GMT
content-encoding
br
age
50560
x-cached-since
2024-08-30T09:10:41+00:00
x-id-fe
cec-hw-edge-gc13
content-length
10483
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-50e4666bc731f955e363cf89048164f1-b426e273c761dffe-01
etag
"66d03b44-28f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-1
www.035302.win/
380 KB
22 KB
Fetch
General
Full URL
https://www.035302.win/api-1
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
cbef360bfb2dcc64b1957603cff9a074e4a426443114301c88993fe1110411a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
LIGHT
x-app-browser
chrome
x-app-version
6.95.0
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://www.035302.win/de-de/
x-app-language
de_DE
x-app-modernity
modern
x-requested-uri
/
x-app-skin
slott
x-app-rendering
csr

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
de-AT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap&family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 17:11:04 GMT
x-content-type-options
nosniff
age
108138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 17:11:04 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap&family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:39:14 GMT
x-content-type-options
nosniff
age
102848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:39:14 GMT
sprite.svg
www.035302.win/
870 KB
871 KB
Other
General
Full URL
https://www.035302.win/sprite.svg
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/async-vendor-vue.d.m.4c47cf40.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
45be4547e2ca26f8d5d44fcb9d37f291ac6426124e23313df32256d0c7cb1c57

Request headers

Referer
https://www.035302.win/de-de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:22 GMT
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx/1.14.1
etag
"66d03b44-d9894"
content-type
image/svg+xml
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
891028
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-light.931c771d.svg
slott1.gcdn.online/img/
2 KB
1 KB
Image
General
Full URL
https://slott1.gcdn.online/img/logo-light.931c771d.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7903979d7dc22c07c7a529fb08b8fb2278ff6c2415575465fb635bf27de4fb80

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:22 GMT
content-encoding
br
age
2824975
x-cached-since
2024-07-29T06:30:27+00:00
x-id-fe
cec-hw-edge-gc13
content-length
996
last-modified
Thu, 25 Jul 2024 08:47:25 GMT
server
nginx
traceparent
00-d80574425cc78e99832aade4cfe0e53b-6793f578cb88ea4d-01
etag
"66a2111d-3e4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-short.d2aa5d8b.svg
slott1.gcdn.online/img/
1 KB
733 B
Image
General
Full URL
https://slott1.gcdn.online/img/logo-short.d2aa5d8b.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
025ee9ea4b305564eb4869eba43c3489f5acf694e9792693856d44bd29fbfb1b

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:23 GMT
content-encoding
br
age
2824850
x-cached-since
2024-07-29T06:32:33+00:00
x-id-fe
cec-hw-edge-gc13
content-length
565
last-modified
Thu, 25 Jul 2024 08:47:25 GMT
server
nginx
traceparent
00-043afb97499a8f965756087e392c6c69-754c1591598f0a73-01
etag
"66a2111d-235"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-1
www.035302.win/
13 KB
5 KB
Fetch
General
Full URL
https://www.035302.win/api-1
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
728a3171df7c18f48d4bb4ce328fcdea3fb592e491aa3a81499a292d10d491e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
LIGHT
x-app-browser
chrome
x-app-version
6.95.0
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://www.035302.win/de-de/
x-app-language
de_DE
x-app-modernity
modern
x-requested-uri
/
x-app-skin
slott
x-app-rendering
csr

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
de-AT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
top-7.svg
slott2.gcdn.online/SC/Slott/egs/
2 KB
1 KB
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/top-7.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dcb88f847acf7448d0b634e8f56082ef961d0f91f073f865ae75cb750ebf64e5

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 30 May 2024 09:07:57 GMT
server
nginx
traceparent
00-a7caa0b3b73b3ce5c28411a54cbf0a7c-db5e1fe40daa3fdc-01
age
250734
etag
W/"7bd-619a833f80d75"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
new-5.svg
slott2.gcdn.online/SC/Slott/egs/
4 KB
2 KB
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/new-5.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
def01f20585c7d00ba20efa335f49445cc9d882b6e269edafe8a2fa5ab2fb93a

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 30 May 2024 09:08:50 GMT
server
nginx
traceparent
00-fd189621886408347db3b0a346ffabe8-fcf8924d9f3f6c6e-01
age
250734
etag
W/"ed8-619a837277b9b"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
promotions-1.svg
slott2.gcdn.online/SC/Slott/egs/
2 KB
883 B
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/promotions-1.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
200dc3768626faebf0a4603e112e5759eebbc829b495e3c977bafacd9c7fbb1f

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 30 May 2024 09:03:16 GMT
server
nginx
traceparent
00-42f1837bc1f406eccc53865fc29645c0-84e8a7495761272e-01
age
250734
etag
W/"607-619a823375a6f"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
slots_instantwin-3.svg
slott2.gcdn.online/SC/Slott/egs/
3 KB
1 KB
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/slots_instantwin-3.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3056170837a9901a81cc806bb07c5c289f43f3d30ffb79913dd9202305781e05

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 12:28:34 GMT
server
nginx
traceparent
00-890c594f087acbdfce72d1ac8a2043d5-d7e7698ad499fcdd-01
age
250734
etag
W/"a42-6142ad89058fe"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
slots_slots-2.svg
slott2.gcdn.online/SC/Slott/egs/
1 KB
814 B
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/slots_slots-2.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4362aa346d3ede0f4af2db4301f8e2ed7325c133d5d80b79565130cd1a9cae44

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 12:27:27 GMT
server
nginx
traceparent
00-6c07e7c887558df9545d6172c7a0dd54-a7796fb6dcc5d49e-01
age
250734
etag
W/"508-6142ad486d6c8"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
slots_dropswins-2.svg
slott2.gcdn.online/SC/Slott/egs/
11 KB
5 KB
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/slots_dropswins-2.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4caefc145658ba351ab27466ae3f8cf17cfffecb8c2d9a1cf0dfbe6d2be2ba0e

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 12:28:27 GMT
server
nginx
traceparent
00-c2fbb346d3ee123e7d308abffeeaae1d-e96843b4bb4a9021-01
age
250734
etag
W/"2cdc-6142ad828773b"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
providers-1.svg
slott2.gcdn.online/SC/Slott/egs/
556 B
440 B
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/providers-1.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0a503ee81553423230779e9cf81a90b47d9644e25470d361e78913db81c97798

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 30 May 2024 09:03:41 GMT
server
nginx
traceparent
00-ffb71b34f2c7fcb1d923fce3fb41ecb2-ad39f4b658c72ddf-01
age
250734
etag
W/"22c-619a824bddb41"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
top-5.svg
slott2.gcdn.online/SC/Slott/egs/
2 KB
1 KB
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/top-5.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dcb88f847acf7448d0b634e8f56082ef961d0f91f073f865ae75cb750ebf64e5

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 09:20:21 GMT
server
nginx
traceparent
00-53da718a3586bfc37290609259078c2e-bfef73fdfa4747fa-01
age
250734
etag
W/"7bd-6143c5546946a"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
top100winners-6.svg
slott2.gcdn.online/SC/Slott/egs/
2 KB
1 KB
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/top100winners-6.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8051740e36337bb1bb25145a513395f24bb0229249aa963df5cef322ca6262c9

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 07:42:46 GMT
server
nginx
traceparent
00-85e898c39bde8c202a727a352f470858-042a8c54d45f0ad0-01
age
250734
etag
W/"8f2-61aac8745e647"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
slots_megaways-2.svg
slott2.gcdn.online/SC/Slott/egs/
2 KB
891 B
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/slots_megaways-2.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
43de54aa9b78cb5595bcc645ae37b7212fb2baa0a07857c620c96943ec4e95e4

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 12:28:07 GMT
server
nginx
traceparent
00-ca92b98830ed4ebc2847770e42393c29-ed35ad77524be87e-01
age
250734
etag
W/"628-6142ad6f788b5"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
slots_bonusbuy-3.svg
slott2.gcdn.online/SC/Slott/egs/
2 KB
1 KB
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/slots_bonusbuy-3.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dfa61e04da9bb4e158d48fe17f4710bcdc1b1b2f11b9af67bde4b70046f4052f

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 12:25:18 GMT
server
nginx
traceparent
00-008544529d4cd5a305bbff0a763d96e4-e21ef87485998c30-01
age
250734
etag
W/"9a5-6142accda6bff"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
slots_books-2.svg
slott2.gcdn.online/SC/Slott/egs/
2 KB
1 KB
Image
General
Full URL
https://slott2.gcdn.online/SC/Slott/egs/slots_books-2.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e35f7ac829c218c19cf0c36cb1f2bfe487fdf2d37b75584abd48c24d2c9c05c3

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:24 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 12:28:16 GMT
server
nginx
traceparent
00-dd6f92080dd009668b7c82c79f9ae0b0-fce0a5dda2cf37ad-01
age
250734
etag
W/"76d-6142ad77c77f8"
x-cached-since
2024-08-28T01:34:30+00:00
content-type
image/svg+xml
access-control-allow-origin
*
x-id-fe
cec-hw-edge-gc13
cache
HIT
tracker.js
tracker.ads.sportradar.com/dist/
27 KB
7 KB
Script
General
Full URL
https://tracker.ads.sportradar.com/dist/tracker.js
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAAX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-147.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:25 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
etag
"235331a0761142ae4fd345cdf7c7f9ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
CF7d_uFN8tnzxM-zAxPJ6Lq_ZmZdt7ot500VWAS7fM1ByK9hdcgnRg==
content-length
6405
css2
fonts.googleapis.com/
45 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap&family=Prompt:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/async-module-core.d.m.ff0514e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
5a98da761aefe00c837ce063a2e698233ff7a8c1fbcf20b29f993b699de936a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 23:13:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 23:13:25 GMT
js
www.googletagmanager.com/gtag/
309 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-60HVMZT0PR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XTG9WWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
081665f6b07c4c523b2a37281875e54e9fba4ab37600dec1e26b5e47188f31af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104664
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Aug 2024 23:13:25 GMT
js
pixel-us.r2drtb.com/pixel/
474 B
808 B
Script
General
Full URL
https://pixel-us.r2drtb.com/pixel/js?auth=dqgzs7&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XTG9WWN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.195.101 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d20cb5692b29adfe0d6f9d99fd36bcbc229e5fcf18e9ad0df65841fe73ce98fb

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Aug 2024 23:13:25 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
474
Expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/
202 KB
71 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/async-module-analytics.d.m.4d2e4948.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
0b3a7957052e42a025c147ed20d40754190fbf824a358e7c38b2aa5d112144cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
date
Fri, 30 Aug 2024 23:13:25 GMT
last-modified
Wed, 28 Aug 2024 08:43:08 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66cee31c-11652"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71250
expires
Sat, 31 Aug 2024 00:13:25 GMT
api-1
www.035302.win/
24 KB
4 KB
Fetch
General
Full URL
https://www.035302.win/api-1
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
0fec749452962f99456319319fcc5292d9949db15184164a3cb53389e06618a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
LIGHT
x-app-browser
chrome
x-app-version
6.95.0
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://www.035302.win/de-de/
x-app-language
de_DE
x-app-modernity
modern
x-requested-uri
/
x-app-skin
slott
x-app-rendering
csr

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
de-AT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
sp-3.8.0.js
tracker.ads.sportradar.com/dist//
73 KB
24 KB
Script
General
Full URL
https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by
Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-147.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:25 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
etag
"143272dddc33395008a84a86ac9c2e96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
WisIF1V6MGo8gfjtw0twCQEkDxuSKqgJQKart6stBn1hKQFxRdMkEA==
content-length
24162
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-60HVMZT0PR&gtm=45je48s0v9179560501z89179917677za200zb9179917677&_p=1725059601068&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=713885189.1725059605&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725059605&sct=1&seg=0&dl=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&dt=Slott%20Spielothek%20f%C3%BCr%20Video%20Slots%20Deutschland%20%26%20alle%20Casino%20Spiele&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5519
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60HVMZT0PR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.035302.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-vendor-firebase.d.m.cfba4601.js
slott1.gcdn.online/js/
44 KB
12 KB
Script
General
Full URL
https://slott1.gcdn.online/js/async-vendor-firebase.d.m.cfba4601.js
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
423454068c2e5bb08f9053a5ff1d890d05953fd918a12e2a445b9c9886575345

Request headers

Referer
https://www.035302.win/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:25 GMT
content-encoding
br
age
40823
x-cached-since
2024-08-30T11:53:02+00:00
x-id-fe
cec-hw-edge-gc13
content-length
12361
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx
traceparent
00-06abb06083d4c0bebbc3781d29647144-a76d3ecbff990b84-01
etag
"66d03b44-3049"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
de.5fc389b0.svg
slott1.gcdn.online/img/
187 B
304 B
Image
General
Full URL
https://slott1.gcdn.online/img/de.5fc389b0.svg
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d6b700f13243d3049cb3abbe3f41572badba823a00b53ee71e542df9827a919d

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:25 GMT
content-encoding
br
age
444000
x-cached-since
2024-08-25T19:53:25+00:00
x-id-fe
cec-hw-edge-gc13
content-length
115
last-modified
Tue, 20 Aug 2024 16:21:11 GMT
server
nginx
traceparent
00-a13df2a19fecbf5592a1132ca2de1013-23f55710d18d158c-01
etag
"66c4c277-73"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap&family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 16:57:53 GMT
x-content-type-options
nosniff
age
108932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 16:57:53 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap&family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:00:32 GMT
x-content-type-options
nosniff
age
105173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:00:32 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap&family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.035302.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:58:24 GMT
x-content-type-options
nosniff
age
314101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 07:58:24 GMT
FootballBlastHoldandWin%40513x767-1@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
54 KB
55 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/FootballBlastHoldandWin%40513x767-1@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a84399e8a0a6e70117f71fc5c2314ab565962cd5d8130c7393baf77772389e18

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2024 11:35:41 GMT
server
nginx
traceparent
00-44056e58ec9df4c35c510fd0e318287d-e1ec3290ff1d7d5a-01
age
210691
etag
W/"d92c-61e6142c4136a"
x-cached-since
2024-08-28T12:41:55+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
WildBandito%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
61 KB
61 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/WildBandito%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
21299413aed21d28c88fd039bcc6c8fb8ad6e4a4666c63ed16fd1e0d35fc47ca

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 14:18:54 GMT
server
nginx
traceparent
00-8aae6ff4c3fbf819163644675493bdda-41915d05ef14333e-01
age
50240
etag
W/"f364-616c43be2619c"
x-cached-since
2024-08-30T09:16:06+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
GatesOfOlympus%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
53 KB
53 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/GatesOfOlympus%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e4914b265bf1a2b4c3384e3f2f0eba89591a2fd50a9a99abc2f879a7f9bde59

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2024 14:00:44 GMT
server
nginx
traceparent
00-6202afcfa72b71645ea07d39d88b4dc2-3105fdabbec93101-01
age
287826
etag
W/"d2aa-618f73e741a69"
x-cached-since
2024-08-27T15:16:20+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
WildSlinger%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
38 KB
38 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/WildSlinger%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a7ba1d7de42ddd19db7876273ec0b356fd439b6137f511a6a84fa14e692994b7

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2024 08:47:13 GMT
server
nginx
traceparent
00-fbe73742da6f57acf51ff9d561dae39b-29020fa993d1a47e-01
age
50240
etag
W/"9898-6201978d2ceee"
x-cached-since
2024-08-30T09:16:06+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
Aviator%40513x767-1@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
27 KB
28 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/Aviator%40513x767-1@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5edc7ef63af93b70faaa84c0a76bdec7f18cdfbc8714734cca2d27f6b019627f

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Mon, 13 May 2024 12:53:51 GMT
server
nginx
traceparent
00-bbe770424c1817449386a973b3b793ca-ed2cb1a66a75ea69-01
age
295859
etag
W/"6d9e-6185560954a4a"
x-cached-since
2024-08-27T13:02:27+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
CavemenandDinosaurs%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
56 KB
56 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/CavemenandDinosaurs%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
671bba079b49592f13aa2e5b3957e69a143fa05ac9af8ad2d6a077d4b5adb618

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2024 10:07:26 GMT
server
nginx
traceparent
00-c8882ef5862ea7c9c4d13e28b9c97d34-70350bf0c7e9a032-01
age
132646
etag
W/"dec0-61bc82e6a44cb"
x-cached-since
2024-08-29T10:22:40+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
SlottAdventure%40513x767-2@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
41 KB
41 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/SlottAdventure%40513x767-2@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b0326e9648dbe2b26c68f52e2a5ae5cb1c8f60c1fb5f6bb80264a24ca584f528

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Aug 2024 08:24:04 GMT
server
nginx
traceparent
00-0c1efe97cc3ace28d39f0fe3cd3b7bf2-bbce0bef4f0a8088-01
age
206680
etag
W/"a306-61fc8aea55ee2"
x-cached-since
2024-08-28T13:48:46+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
caishenspalace%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
46 KB
46 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/caishenspalace%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c5b93b9ac8988b202007fd63ec6c8281bec5740e50bf3420ef540dfe9078e5e5

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Mon, 19 Aug 2024 11:21:22 GMT
server
nginx
traceparent
00-75d05bfd7002fa37d598b159a30b2b71-72a194e89749931b-01
age
298888
etag
W/"b686-62007823b88fc"
x-cached-since
2024-08-27T12:11:58+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
SweetBonanza%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
49 KB
50 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/SweetBonanza%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d88b91db9e19326e4a0fe864edf2b83715ae7ff10c6b5578908431205f499e77

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 08:53:58 GMT
server
nginx
traceparent
00-6fa598d252dcde138d40e59909370ddd-8098e8ed2f1a3611-01
age
295859
etag
W/"c576-6173864eae77a"
x-cached-since
2024-08-27T13:02:27+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
WildBountyShowdown%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
44 KB
44 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/WildBountyShowdown%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3070a8d8df472f9adbd7a78c915fa9345fd4ea39324998c269dd937d090f1d8

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc12
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 14:18:21 GMT
server
nginx
traceparent
00-9b193b967389028df873addb1c8545a1-800b09d6723f1479-01
age
96798
etag
W/"b0da-616c439f22b11"
x-cached-since
2024-08-29T20:20:08+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
804x804-24@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/bn/
43 KB
43 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/bn/804x804-24@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
368ce7500b4216c48120615a6f7c289c2b7a5c101d385d5f4198827d475d6623

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2024 14:56:15 GMT
server
nginx
traceparent
00-8f12d0fdd061f5388048642fef4636ab-8120b2785135313b-01
age
104605
etag
W/"aca0-61f91cfabb9d1"
x-cached-since
2024-08-29T18:10:01+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
elegold%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
33 KB
33 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/elegold%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c366dbc04a1bd0c1538ca89fffb9800732dc5ca7b76afe636a10792150df4c8a

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Mon, 19 Aug 2024 11:19:12 GMT
server
nginx
traceparent
00-f6085c935bcd6f836b656b08b2cdbd24-6502424f831541a5-01
age
210060
etag
W/"83ce-620077a855c86"
x-cached-since
2024-08-28T12:52:26+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
GemsRampage%40513x767@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
40 KB
41 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/GemsRampage%40513x767@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6da3a181fd0b3ad68b62394b2efd52840ddf31ce4d086a42e14e7f71f9597709

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2024 09:50:29 GMT
server
nginx
traceparent
00-4dac4128a9514862e19b8114496b1f58-6702a58416167437-01
age
210061
etag
W/"a196-61e5fca98a798"
x-cached-since
2024-08-28T12:52:25+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
BookOfDead%40513x767-2@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/
51 KB
51 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/egs/BookOfDead%40513x767-2@x2.webp
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cffeee3a56b86d41f63367e3075bfc8cb5bd2256cb461dbafae9c77eb8edcd7d

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc4
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 12:30:26 GMT
server
nginx
traceparent
00-6056c6ea883b03253f7bf9d3f18a6c89-cb731490b0edfdb1-01
age
287826
etag
W/"cc9e-61dfd7164074b"
x-cached-since
2024-08-27T15:16:20+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
pixel
pixel-us.r2drtb.com/
0
301 B
Image
General
Full URL
https://pixel-us.r2drtb.com/pixel?auth=dqgzs7&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined&site=www.035302.win&ln=de-AT
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.195.101 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Aug 2024 23:13:26 GMT
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10477.7acd71QqFxD7ChBvOh0ZrlcNzvhW5dZoxFGrA-RwbzzKfoOVMuvxSf46C5ej_-_s.yPEDdfAi-cqpendhtLv7KjzIPcE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10477.YPoGmVrASegnXKEFeI0nIjnJsxx9z1kkctw3byCJdXTjfGLv-DGjs-RyudxMsFgaaNuOF3oMNT8OOjR379noNj1KP0Dc-A0vBNElHXpoJz9QF9mGmU5ihP3rE0Nf-F-4ZGgkc_PcRE...
43 B
730 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10477.YPoGmVrASegnXKEFeI0nIjnJsxx9z1kkctw3byCJdXTjfGLv-DGjs-RyudxMsFgaaNuOF3oMNT8OOjR379noNj1KP0Dc-A0vBNElHXpoJz9QF9mGmU5ihP3rE0Nf-F-4ZGgkc_PcRErf5ynRBpeuLpaklclEnTviu1f-vbP7XtdmP7ukY_UnaHbqVgArBSTKPzEsdCoJLvjWqdTYvIx8ItyoJkzu93SbWTxeuvIZFK0%2C.bYyYJ_cPh_AmWSWzGuW1KUgjW5g%2C
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:27 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10477.YPoGmVrASegnXKEFeI0nIjnJsxx9z1kkctw3byCJdXTjfGLv-DGjs-RyudxMsFgaaNuOF3oMNT8OOjR379noNj1KP0Dc-A0vBNElHXpoJz9QF9mGmU5ihP3rE0Nf-F-4ZGgkc_PcRErf5ynRBpeuLpaklclEnTviu1f-vbP7XtdmP7ukY_UnaHbqVgArBSTKPzEsdCoJLvjWqdTYvIx8ItyoJkzu93SbWTxeuvIZFK0%2C.bYyYJ_cPh_AmWSWzGuW1KUgjW5g%2C
strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:13:26 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
597 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.035302.win
URL: https://www.035302.win/de-de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:13:26 GMT
last-modified
Wed, 28 Aug 2024 08:43:08 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66cee31c-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 31 Aug 2024 00:13:26 GMT
api-1
www.035302.win/
195 B
484 B
Fetch
General
Full URL
https://www.035302.win/api-1
Requested by
Host: slott1.gcdn.online
URL: https://slott1.gcdn.online/js/app.ccb2f081b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
c4d000fd911d0fd6df5c0377d686d7282b35fd953cc984fcd41aadd77cdf8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
LIGHT
x-app-browser
chrome
x-app-version
6.95.0
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://www.035302.win/de-de/
x-app-language
de_DE
x-app-modernity
modern
x-requested-uri
/
x-app-skin
slott
x-app-rendering
csr

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
de-AT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
1
mc.yandex.com/watch/96416313/
Redirect Chain
  • https://mc.yandex.com/watch/96416313?wmode=7&page-url=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-...
  • https://mc.yandex.com/watch/96416313/1?wmode=7&page-url=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Aut...
603 B
805 B
Fetch
General
Full URL
https://mc.yandex.com/watch/96416313/1?wmode=7&page-url=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-AT%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A1091325290030%3Ahid%3A1044172320%3Az%3A120%3Ai%3A20240831011326%3Aet%3A1725059606%3Ac%3A1%3Arn%3A575173480%3Arqn%3A1%3Au%3A1725059606882646081%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A338%3Awv%3A2%3Ads%3A0%2C0%2C51%2C8%2C108%2C0%2C%2C116%2C21%2C%2C%2C%2C606%3Aco%3A0%3Acpf%3A1%3Ans%3A1725059599843%3Agi%3AR0ExLjEuNzEzODg1MTg5LjE3MjUwNTk2MDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725059607%3At%3ASlott%20Spielothek%20f%C3%BCr%20Video%20Slots%20Deutschland%20%26%20alle%20Casino%20Spiele&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
ceccc70413f05561aa46cac4705006e3ea7fa4c67df36f444f1bfc3f6b39297e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 30-Aug-2024 23:13:27 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.035302.win
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
603
x-xss-protection
1; mode=block
expires
Fri, 30-Aug-2024 23:13:27 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:13:27 GMT
last-modified
Fri, 30-Aug-2024 23:13:27 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
https://www.035302.win
location
/watch/96416313/1?wmode=7&page-url=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-AT%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A1091325290030%3Ahid%3A1044172320%3Az%3A120%3Ai%3A20240831011326%3Aet%3A1725059606%3Ac%3A1%3Arn%3A575173480%3Arqn%3A1%3Au%3A1725059606882646081%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A338%3Awv%3A2%3Ads%3A0%2C0%2C51%2C8%2C108%2C0%2C%2C116%2C21%2C%2C%2C%2C606%3Aco%3A0%3Acpf%3A1%3Ans%3A1725059599843%3Agi%3AR0ExLjEuNzEzODg1MTg5LjE3MjUwNTk2MDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725059607%3At%3ASlott%20Spielothek%20f%C3%BCr%20Video%20Slots%20Deutschland%20%26%20alle%20Casino%20Spiele&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 30-Aug-2024 23:13:27 GMT
s7squiur
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/s7squiur
Requested by
Host: www.035302.win
URL: https://www.035302.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4687766e1bf6379997215933c0b4a558e24f9c2160bf0f7c7c9f67f8921656dc

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
vOA4_cNch4D_lr80yYCWWsT3S7yJgchq
content-encoding
gzip
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 23:07:29 GMT
x-amz-cf-pop
FRA2-C1
age
368
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2666
last-modified
Fri, 30 Aug 2024 16:11:39 GMT
server
AmazonS3
etag
"79e0f7a4501bc79dbd676680491c8929"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
OMz3wsJKpVnT0YmsTN1US-uVdNu-nO2hRkZvavLfV0l8xfbXc50aOw==
favicon.ico
www.035302.win/
9 KB
10 KB
Other
General
Full URL
https://www.035302.win/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
0df53d0a257b74099cce7f816e4456d26ccc9f6787b0aebb8928591284f3adc2

Request headers

Referer
https://www.035302.win/de-de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:27 GMT
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx/1.14.1
accept-ranges
bytes
etag
"66d03b44-25be"
content-length
9662
content-type
image/x-icon
favicon-32.png
www.035302.win/favicon/
2 KB
2 KB
Other
General
Full URL
https://www.035302.win/favicon/favicon-32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.10.75 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
f02996e1bc86c13d165aa55deb6b2b0e3d5bbb941ceeb593cbb17fe539470241

Request headers

Referer
https://www.035302.win/de-de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:27 GMT
last-modified
Thu, 29 Aug 2024 09:11:32 GMT
server
nginx/1.14.1
etag
"66d03b44-70a"
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1802
expires
Thu, 31 Dec 2037 23:55:55 GMT
1
mc.yandex.com/watch/96416313/
43 B
86 B
Ping
General
Full URL
https://mc.yandex.com/watch/96416313/1?page-url=goal%3A%2F%2Fwww.035302.win%2FzABTestNewUsers&page-ref=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1725059607_d6844f4cf78c2dc9b2741622ecb3d34a682f4b9affec8db2628aa88c49cd7f26&browser-info=ar%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A3%3Aen%3Autf-8%3Ala%3Ade-AT%3Av%3A1420%3Acn%3A1%3Adp%3A1%3Als%3A1091325290030%3Ahid%3A1044172320%3Az%3A120%3Ai%3A20240831011327%3Aet%3A1725059607%3Ac%3A1%3Arn%3A683744870%3Arqn%3A2%3Au%3A1725059606882646081%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C7426%2C7427%2C0%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1725059599843%3Agi%3AR0ExLjEuNzEzODg1MTg5LjE3MjUwNTk2MDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725059607%3At%3ASlott%20Spielothek%20f%C3%BCr%20Video%20Slots%20Deutschland%20%26%20alle%20Casino%20Spiele&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)lt(402500)aw(1)rcm(1)cdl(na)eco(21037572)ti(0)&force-urlencoded=1&site-info=%7B%22ab_test_light_mode%22%3A%7B%22light%22%3A%7B%22visit%22%3A%22light%22%7D%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 23:13:27 GMT
last-modified
Fri, 30-Aug-2024 23:13:27 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://www.035302.win
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Aug-2024 23:13:27 GMT
1
mc.yandex.com/watch/96416313/
43 B
74 B
Ping
General
Full URL
https://mc.yandex.com/watch/96416313/1?page-url=goal%3A%2F%2Fwww.035302.win%2FzInit&page-ref=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1725059607_d6844f4cf78c2dc9b2741622ecb3d34a682f4b9affec8db2628aa88c49cd7f26&browser-info=ar%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A3%3Aen%3Autf-8%3Ala%3Ade-AT%3Av%3A1420%3Acn%3A1%3Adp%3A1%3Als%3A1091325290030%3Ahid%3A1044172320%3Az%3A120%3Ai%3A20240831011327%3Aet%3A1725059607%3Ac%3A1%3Arn%3A655414785%3Arqn%3A3%3Au%3A1725059606882646081%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1725059599843%3Agi%3AR0ExLjEuNzEzODg1MTg5LjE3MjUwNTk2MDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725059607%3At%3ASlott%20Spielothek%20f%C3%BCr%20Video%20Slots%20Deutschland%20%26%20alle%20Casino%20Spiele&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(3)lt(402500)aw(1)rcm(1)cdl(na)eco(21037572)ti(0)&force-urlencoded=1&site-info=%7B%22type%22%3A%7B%22web%22%3A%22desktop%22%7D%2C%22webVersion%22%3A%226.95.0%22%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:27 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Aug-2024 23:13:27 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://www.035302.win
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Aug-2024 23:13:27 GMT
frame-modern.7eeb3111.js
js.intercomcdn.com/ Frame EC08
460 KB
139 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.7eeb3111.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/s7squiur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79fc6b6150541fc97306b3105e5aa95f6cefe7b44d9634c4b5f3865cf786c2c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
W1FqklWmhRPhzAXcG3Y.8sRQy_O65U1Y
content-encoding
gzip
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 22:11:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
3707
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141661
last-modified
Fri, 30 Aug 2024 16:09:33 GMT
server
AmazonS3
etag
"f323f20c76c3fb0818a72c7626a2c9f1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
2SJ-jRzYpjLhSwhlgoi222qU1Vg21cRZ-e65wzpu-kqRdbmCIBBx8Q==
vendor-modern.24002cc7.js
js.intercomcdn.com/ Frame EC08
455 KB
145 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.24002cc7.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/s7squiur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
614ba69cc45e1d7f36150f778fe53f5ad76ad857df5c5ac9c762a6978086b09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
odmp4KUNj_g8fM3BUDkVAjUrbClgKU7A
content-encoding
gzip
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 22:35:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
2288
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
147288
last-modified
Wed, 28 Aug 2024 15:55:42 GMT
server
AmazonS3
etag
"9cffe9d409ffd49439595bfe9ba87d5d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
l3kwkFiPbHV4faoWKKYF1UzTkBlawoB5FRNcK_IZFbHm8C5eA5kdLQ==
metrika_match.html
mc.yandex.com/metrika/ Frame E69A
0
0
Document
General
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.035302.win/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Fri, 30 Aug 2024 23:13:27 GMT
etag
"66cee31c-416"
expires
Sat, 31 Aug 2024 00:13:27 GMT
last-modified
Wed, 28 Aug 2024 08:43:08 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
ping
api-iam.intercom.io/messenger/web/ Frame EC08
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7eeb3111.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.203.25.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-25-204.compute-1.amazonaws.com
Software
nginx /
Resource Hash
30941d992278e5ca354e58489fe02a375c967be94338b5e8d4355a1bb89f3268
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 30 Aug 2024 23:13:28 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-099ad2298f9ad38b6
status
200 OK
x-xss-protection
1; mode=block
x-request-id
002eetbcv9udqqtanka0
x-runtime
0.276230
server
nginx
etag
W/"30941d992278e5ca354e58489fe02a37"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.035302.win
x-intercom-version
d9409c4fb2cbcd2eab6e7e70b40db16f017a8961
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
vendors~locale-de-json-modern.d40450de.js
js.intercomcdn.com/ Frame EC08
33 KB
10 KB
Script
General
Full URL
https://js.intercomcdn.com/vendors~locale-de-json-modern.d40450de.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7eeb3111.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fdbbac8014bac11b55e9f5f9dddca50dad01b73c8f6f62921b08648b5021660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ZXtcAMVAy_bQq2r_cni0TOiAI2kCRTgd
content-encoding
gzip
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 21:29:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
6217
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9362
last-modified
Tue, 27 Aug 2024 15:50:54 GMT
server
AmazonS3
etag
"0d3fcb3c3910734f3afbe4c1a61f7c56"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
a1UvjE-mQZHGUNjdDGfrkk61zyfbeoqPJgjAnfyohYKtxGe9R__mUA==
efc962c5c9b3d20873f54b8304ac2476.png
downloads.intercomcdn.com/i/o/500148/377e32f8dd59e593b9d5cf4c/
19 KB
20 KB
Image
General
Full URL
https://downloads.intercomcdn.com/i/o/500148/377e32f8dd59e593b9d5cf4c/efc962c5c9b3d20873f54b8304ac2476.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.143.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a69d63ecdf0f33068.awsglobalaccelerator.com
Software
nginx /
Resource Hash
804a4383bdc438f4bc6a25db601e09ac8be34ba449df58646657aa4abd609e0f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css static.intercomassets.com
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:13:29 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-099ad2298f9ad38b6
content-security-policy
default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css static.intercomassets.com
status
200 OK
content-transfer-encoding
binary
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="efc962c5c9b3d20873f54b8304ac2476.png"; filename*=UTF-8''efc962c5c9b3d20873f54b8304ac2476.png
x-xss-protection
1; mode=block
x-request-id
002egi0ibrhg78cndrrg
x-runtime
0.059898
last-modified
Thu, 14 Mar 2024 11:50:06 GMT
server
nginx
x-request-queueing
0
vary
Accept-Encoding
x-frame-options
deny
content-type
image/png
x-intercom-version
d9409c4fb2cbcd2eab6e7e70b40db16f017a8961
cache-control
max-age=86400, private
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-60HVMZT0PR&gtm=45je48s0v9179560501za200zb9179917677&_p=1725059601068&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=713885189.1725059605&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1725059605&sct=1&seg=0&dl=https%3A%2F%2Fwww.035302.win%2Fde-de%2F&dt=Slott%20Spielothek%20f%C3%BCr%20Video%20Slots%20Deutschland%20%26%20alle%20Casino%20Spiele&en=scroll&epn.percent_scrolled=90&_et=42&tfd=10609
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60HVMZT0PR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:13:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.035302.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
804x804-23@x2.webp
slott3.gcdn.online/UUKJASJD/images/SC/Slott/bn/
29 KB
29 KB
Image
General
Full URL
https://slott3.gcdn.online/UUKJASJD/images/SC/Slott/bn/804x804-23@x2.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.28.12.12 Amsterdam, Netherlands, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d971d16e8384b019c2ae0aafc6db6c371a11f503a263e57f066731c29d60d7e5

Request headers

Referer
https://www.035302.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id
cec-hw-edge-gc13
date
Fri, 30 Aug 2024 23:13:32 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2024 13:41:26 GMT
server
nginx
traceparent
00-76c3f55b379c0b86c89985d5ce9cb4a9-69aa14e61c7e4f93-01
age
210102
etag
W/"7424-61f90c424277a"
x-cached-since
2024-08-28T12:51:50+00:00
content-type
image/webp
x-id-fe
cec-hw-edge-gc4
cache
HIT
vendors~app~tooltips-modern.e81e570b.js
js.intercomcdn.com/ Frame EC08
713 KB
170 KB
Script
General
Full URL
https://js.intercomcdn.com/vendors~app~tooltips-modern.e81e570b.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7eeb3111.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
y.8LYanT38EwrYVHHvTb_SAMqrg_MXRN
content-encoding
gzip
via
1.1 ab3010c44069f62a66a4882fcd391e60.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 22:13:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
3593
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
173998
last-modified
Thu, 29 Aug 2024 13:54:24 GMT
server
AmazonS3
etag
"048f420ead72fc2361f0f436029161a1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
F-bzkEnduKkv0oXnpt6hsMF7d92RvImQprAbwlgNNFdh0M_5HG-cSA==
vendors~app-modern.0c015106.js
js.intercomcdn.com/ Frame EC08
80 KB
26 KB
Script
General
Full URL
https://js.intercomcdn.com/vendors~app-modern.0c015106.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7eeb3111.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05cd035dd0a4e15528d8dae6d46a4e63a51ab201b6b5babd285a168ac97367be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
oHSCI82VF1j_i.r2XXYPnul0ZUoC3CvF
content-encoding
gzip
via
1.1 ab3010c44069f62a66a4882fcd391e60.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 22:44:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
1753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26578
last-modified
Thu, 29 Aug 2024 13:54:24 GMT
server
AmazonS3
etag
"db4199aae5c39cd9805f4223ef475c48"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
TgRVIP_PbtiFEe9YyHTsip3XnW7ctlpBTLeugyWq9_bz9O4wXch2jQ==
app~tooltips-modern.76c17db8.js
js.intercomcdn.com/ Frame EC08
199 KB
54 KB
Script
General
Full URL
https://js.intercomcdn.com/app~tooltips-modern.76c17db8.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7eeb3111.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4486e5bf5b483da8e984ad5641c069473ba01f734f927603aed5e18e4b140ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Jmnt.tLpk1y..Llb0y_FR6F4NXTrLSmF
content-encoding
gzip
via
1.1 ab3010c44069f62a66a4882fcd391e60.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 22:11:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
3712
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54748
last-modified
Fri, 30 Aug 2024 16:09:33 GMT
server
AmazonS3
etag
"5c1024b9002853719915be555e247482"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ECpYXkHxZJx7TRFCEoGkiiORHzybp7qyjhzK4LiG7sCwKxO-QV6JGA==
app-modern.f829a1f4.js
js.intercomcdn.com/ Frame EC08
462 KB
134 KB
Script
General
Full URL
https://js.intercomcdn.com/app-modern.f829a1f4.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7eeb3111.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ZTLNHR.02Nd7MHHRWzuXRePj7rso6KTO
content-encoding
gzip
via
1.1 ab3010c44069f62a66a4882fcd391e60.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 22:11:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
3712
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136944
last-modified
Fri, 30 Aug 2024 16:09:33 GMT
server
AmazonS3
etag
"52cb25e10f310ab5691ee1af91763ef9"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
lMO7x99rpyVewiJYYPoQ_ZjLlAMsxW5ry1mN_nAjdy2AB16vMe_KpQ==

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| __webpack_public_path__ object| initConfig object| webpackChunk_frontend_web function| _ object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| mainApp object| srtmCommands object| x object| y object| dataLayer function| gtag object| _ads object| webpackJsonp_ads function| setImmediate function| clearImmediate object| _srt_namespace function| _srt_argus function| _ads_popstate_listener object| google_tag_manager object| google_tag_data object| GlobalSnowplowNamespace function| snowplowApi function| onYouTubeIframeAPIReady object| gaGlobal object| Ya function| Intercom function| __intercomAssignLocation function| __intercomReloadLocation

30 Cookies

Domain/Path Name / Value
www.035302.win/ Name: ABTestSeed
Value: 92
www.035302.win/ Name: qtag_rfrr
Value: null-null
www.035302.win/ Name: ipfrom
Value: 212.103.61.108
www.035302.win/ Name: x-app-language
Value: de_DE
www.035302.win/ Name: firstTheme
Value: LIGHT
.035302.win/ Name: _ga
Value: GA1.1.713885189.1725059605
.035302.win/ Name: _ga_60HVMZT0PR
Value: GS1.1.1725059605.1.0.1725059605.0.0.0
.yandex.ru/ Name: i
Value: zpPRp4QuyMNNXEuXaW8BdnxB/a5HxAlvX2+wy8RDvbi1ylLQaE/rl7FFUcrDliEVAgnbk6IZ+OTcOZ6Cq7aZ2wRBuTg=
.yandex.ru/ Name: yandexuid
Value: 6396769181725059605
.yandex.ru/ Name: yashr
Value: 1830330251725059605
.035302.win/ Name: _sp_srt_ses.82f8
Value: *
.035302.win/ Name: _sp_srt_id.82f8
Value: 968015ad-c332-4db1-b383-eda009c2ace8.1725059606.1.1725059606..b599419d-a393-4435-af33-c17d946f5ffd....0
.035302.win/ Name: _ym_uid
Value: 1725059606882646081
.035302.win/ Name: _ym_d
Value: 1725059606
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1510120725fake
.yandex.com/ Name: yashr
Value: 7628185811725059606
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3026672256fake
.yandex.com/ Name: yandexuid
Value: 6396769181725059605
.yandex.com/ Name: yuidss
Value: 6396769181725059605
.yandex.com/ Name: i
Value: zpPRp4QuyMNNXEuXaW8BdnxB/a5HxAlvX2+wy8RDvbi1ylLQaE/rl7FFUcrDliEVAgnbk6IZ+OTcOZ6Cq7aZ2wRBuTg=
.yandex.com/ Name: yp
Value: 1725146007.yu.3155387371725059606
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.035302.win/ Name: _ym_isad
Value: 2
mc.yandex.com/ Name: yabs-sid
Value: 1343997861725059607
.yandex.com/ Name: ymex
Value: 1727651607.oyu.3155387371725059606#1756595607.yrts.1725059607
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGCXpMm2Bg==
.035302.win/ Name: intercom-id-s7squiur
Value: faff18a5-a368-4067-9700-986b31906229
.035302.win/ Name: intercom-session-s7squiur
Value:
.035302.win/ Name: intercom-device-id-s7squiur
Value: 0efa10b2-d304-475f-bcd1-4ea279df1f4f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

035302.win
api-iam.intercom.io
downloads.intercomcdn.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
mc.yandex.com
mc.yandex.ru
pixel-us.r2drtb.com
region1.google-analytics.com
slott1.gcdn.online
slott2.gcdn.online
slott3.gcdn.online
tm.ads.sportradar.com
tracker.ads.sportradar.com
widget.intercom.io
www.035302.win
www.googletagmanager.com
13.224.189.49
142.250.185.67
142.250.186.74
15.197.143.135
18.245.46.19
185.150.10.75
2.17.100.147
216.239.34.36
216.58.206.40
34.203.25.204
81.28.12.12
87.250.250.119
88.214.195.101
93.158.134.119
025ee9ea4b305564eb4869eba43c3489f5acf694e9792693856d44bd29fbfb1b
05cd035dd0a4e15528d8dae6d46a4e63a51ab201b6b5babd285a168ac97367be
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
081665f6b07c4c523b2a37281875e54e9fba4ab37600dec1e26b5e47188f31af
0a04dc6812b68235f05fe6a13ea6407646f7c70fc4abb39de945ac24213ab6f2
0a503ee81553423230779e9cf81a90b47d9644e25470d361e78913db81c97798
0b3a7957052e42a025c147ed20d40754190fbf824a358e7c38b2aa5d112144cb
0cb4e89a0de88e70ae664c71e425f74a8ecdb23785863328a33df85ca4edcbf0
0df53d0a257b74099cce7f816e4456d26ccc9f6787b0aebb8928591284f3adc2
0fec749452962f99456319319fcc5292d9949db15184164a3cb53389e06618a9
139635723c372c73c036819049086c6fa74d28f9dca3d6098cb69017b19af086
179964249ec9a0fb3cbae024a777c673c736db11cb939daad935681d419e9e53
1861f34b7dd24841b80c83478b6ce351f3d8fa5531699db9f1c4b067b6a11c90
1c405ff0ae6416ee74aa1d5445ac2dd799fc4f315e8a8e4ad873ee2e3bf3bd15
1e4914b265bf1a2b4c3384e3f2f0eba89591a2fd50a9a99abc2f879a7f9bde59
1fdbbac8014bac11b55e9f5f9dddca50dad01b73c8f6f62921b08648b5021660
200dc3768626faebf0a4603e112e5759eebbc829b495e3c977bafacd9c7fbb1f
21299413aed21d28c88fd039bcc6c8fb8ad6e4a4666c63ed16fd1e0d35fc47ca
3056170837a9901a81cc806bb07c5c289f43f3d30ffb79913dd9202305781e05
30941d992278e5ca354e58489fe02a375c967be94338b5e8d4355a1bb89f3268
368ce7500b4216c48120615a6f7c289c2b7a5c101d385d5f4198827d475d6623
376afdb89c1830fe3ada92dbe4969d099a07b1aff245b639ed289661b9255eb0
423454068c2e5bb08f9053a5ff1d890d05953fd918a12e2a445b9c9886575345
4362aa346d3ede0f4af2db4301f8e2ed7325c133d5d80b79565130cd1a9cae44
43de54aa9b78cb5595bcc645ae37b7212fb2baa0a07857c620c96943ec4e95e4
4486e5bf5b483da8e984ad5641c069473ba01f734f927603aed5e18e4b140ae5
45be4547e2ca26f8d5d44fcb9d37f291ac6426124e23313df32256d0c7cb1c57
4687766e1bf6379997215933c0b4a558e24f9c2160bf0f7c7c9f67f8921656dc
4caefc145658ba351ab27466ae3f8cf17cfffecb8c2d9a1cf0dfbe6d2be2ba0e
53d7cb0929d5d614adf6f9be52b758f2b35fed00e3680277ea7dfaad254c6253
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a98da761aefe00c837ce063a2e698233ff7a8c1fbcf20b29f993b699de936a8
5edc7ef63af93b70faaa84c0a76bdec7f18cdfbc8714734cca2d27f6b019627f
614ba69cc45e1d7f36150f778fe53f5ad76ad857df5c5ac9c762a6978086b09c
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
671bba079b49592f13aa2e5b3957e69a143fa05ac9af8ad2d6a077d4b5adb618
6d062386679d54648d1f2ad09c6aff67933248c4468da9e1e57b8d29e8b7952f
6da3a181fd0b3ad68b62394b2efd52840ddf31ce4d086a42e14e7f71f9597709
728a3171df7c18f48d4bb4ce328fcdea3fb592e491aa3a81499a292d10d491e5
74f64fbbdf5c074cc1ee9b5bc20898e23a8229be29317a8e41ca42a4062a288f
7903979d7dc22c07c7a529fb08b8fb2278ff6c2415575465fb635bf27de4fb80
79fc6b6150541fc97306b3105e5aa95f6cefe7b44d9634c4b5f3865cf786c2c4
7d7d70bd726ace5583dad54e078742f0feecaaf831dcc755d0b3d13aeb412eed
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
804a4383bdc438f4bc6a25db601e09ac8be34ba449df58646657aa4abd609e0f
8051740e36337bb1bb25145a513395f24bb0229249aa963df5cef322ca6262c9
81cd36940e703345deb91f03066fadde5735b3dc3be29ac38542313f966738d6
8580c34e186194ad3c072296cf8c3c2cb3092aba3d97fd575f4038f55261b3f5
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89a12126a18e4308ed673dc50c3d4cd20732555178516b5998d6d109025c7bc6
8b2d6ff250aba36a02490b6da9702de143b31b476fd6f82e363618699dc367c7
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9371b4d932a782347a4f1a90dcde2a9e9e56cb15aa50585b9293311d0cd2131a
9a0426f9b4eb73d386ad6744f283ddab1a4f662601b51eea31d28c45564f4af0
9c4fc00c00ecc767449088c573a6a2d3d9124feea2b4d5d53376c85c2dd0d691
a0bd271303c0afec1093c44c649e746dfbf0977563eb9b6b46ce71dc23c9c364
a3739dd14847399e879621ab63e490f61b94b61b0dd496364cf931fe8eb9d668
a53a3c2e30ba71f2c349eb4690940a21ba77b8321ce9b966349c603b84489f3a
a7ba1d7de42ddd19db7876273ec0b356fd439b6137f511a6a84fa14e692994b7
a84399e8a0a6e70117f71fc5c2314ab565962cd5d8130c7393baf77772389e18
ac68583fd59cdd0799c40885e3533afc197bd38ceac9307028b41b9e8e5a36a8
ae8c3f6c04c6459eaa7bd954659b54dbd2cc34d6d10c4d47019c64085ee9a506
b0326e9648dbe2b26c68f52e2a5ae5cb1c8f60c1fb5f6bb80264a24ca584f528
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0c7685bfa304fe29e1f0fd7418be70d1f15f8775963ca50ed9560652df373bb
c366dbc04a1bd0c1538ca89fffb9800732dc5ca7b76afe636a10792150df4c8a
c4d000fd911d0fd6df5c0377d686d7282b35fd953cc984fcd41aadd77cdf8cc6
c5b93b9ac8988b202007fd63ec6c8281bec5740e50bf3420ef540dfe9078e5e5
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cbef360bfb2dcc64b1957603cff9a074e4a426443114301c88993fe1110411a4
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ceccc70413f05561aa46cac4705006e3ea7fa4c67df36f444f1bfc3f6b39297e
cffeee3a56b86d41f63367e3075bfc8cb5bd2256cb461dbafae9c77eb8edcd7d
d0bf3900195e480db2218832820d5692b100d64fac833e23f42a66c73f3d68eb
d20cb5692b29adfe0d6f9d99fd36bcbc229e5fcf18e9ad0df65841fe73ce98fb
d3184dfa0fcf994a19e5a40487055636f8eed1202abcb1a246b5091f81accd07
d6b700f13243d3049cb3abbe3f41572badba823a00b53ee71e542df9827a919d
d88b91db9e19326e4a0fe864edf2b83715ae7ff10c6b5578908431205f499e77
d971d16e8384b019c2ae0aafc6db6c371a11f503a263e57f066731c29d60d7e5
dcb88f847acf7448d0b634e8f56082ef961d0f91f073f865ae75cb750ebf64e5
def01f20585c7d00ba20efa335f49445cc9d882b6e269edafe8a2fa5ab2fb93a
dfa61e04da9bb4e158d48fe17f4710bcdc1b1b2f11b9af67bde4b70046f4052f
e35f7ac829c218c19cf0c36cb1f2bfe487fdf2d37b75584abd48c24d2c9c05c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67ff02573646a3c57f7502c408488052ab66bf416d078a83a13323faf9ae7be
eee291b412992dc09c34efc50ec24ea539d9d22e1d80d44d92ece7a92135a7bd
f02996e1bc86c13d165aa55deb6b2b0e3d5bbb941ceeb593cbb17fe539470241
f3070a8d8df472f9adbd7a78c915fa9345fd4ea39324998c269dd937d090f1d8
f45e7908c8d166954db8d7fb9c67e7a14b344682a988b5181c5c368625ea0dff
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
ff774d0fa3e50c4bfa95451f7a01f43d917ce2f429ac090948d9f052a14ab331