urlscan.io logo urlscan.io
SecurityTrails logo

1win.sicklier.com Open in urlscan Pro
38.180.158.159  Public Scan

Go To Rescan Add Verdict Report
URL: https://1win.sicklier.com/
Submission: On May 14 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 57 HTTP transactions. The main IP is 38.180.158.159, located in Meppel, Netherlands and belongs to SCALAXY-AS, LV. The main domain is 1win.sicklier.com.
TLS certificate: Issued by R3 on May 13th 2024. Valid for: 3 months.
This is the only time 1win.sicklier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 38.180.158.159 58061 (SCALAXY-AS)
1 2a04:4e42:600... 54113 (FASTLY)
43 34.49.229.81 396982 (GOOGLE-CL...)
3 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 99.86.4.79 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.149.206.255 15169 (GOOGLE)
1 199.15.163.138 58182 (WIX_COM)
2 52.203.214.168 14618 (AMAZON-AES)
57 11
2    38.180.158.159 (Meppel, Netherlands)

ASN58061 (SCALAXY-AS, LV)
1win.sicklier.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
43    34.49.229.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.229.49.34.bc.googleusercontent.com
static.parastorage.com
siteassets.parastorage.com
3    2600:9000:2057:8c00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    2600:9000:2490:8a00:0:7dcd:9780:93a1 (United States)

ASN16509 (AMAZON-02, US)
www-sadepatisserie-com.filesusr.com
1    99.86.4.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-79.fra6.r.cloudfront.net
static.wixstatic.com
1    2a00:1450:4001:81c::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apps.wixrestaurants.com
2    34.149.206.255 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 255.206.149.34.bc.googleusercontent.com
engage.wixapps.net
ecom.wixapps.net
1    199.15.163.138 (United States)

ASN58182 (WIX_COM, IL)
PTR: unalocated.163.wixsite.com
ding.wix.com
2    52.203.214.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-214-168.compute-1.amazonaws.com
sentry-next.wixpress.com
Apex Domain
Subdomains		 Transfer
43 parastorage.com
static.parastorage.com — Cisco Umbrella Rank: 6365
siteassets.parastorage.com — Cisco Umbrella Rank: 6736
618 KB
4 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5790
113 KB
2 wixpress.com
sentry-next.wixpress.com — Cisco Umbrella Rank: 7567
919 B
2 wixapps.net
engage.wixapps.net — Cisco Umbrella Rank: 14913
ecom.wixapps.net — Cisco Umbrella Rank: 26018
2 sicklier.com
1win.sicklier.com
717 KB
1 wix.com
ding.wix.com — Cisco Umbrella Rank: 54572
1 wixrestaurants.com
apps.wixrestaurants.com — Cisco Umbrella Rank: 76330
1 filesusr.com
www-sadepatisserie-com.filesusr.com
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4448
20 KB
57 9
Domain Requested by
39 static.parastorage.com 1win.sicklier.com
4 siteassets.parastorage.com 1win.sicklier.com
4 static.wixstatic.com 1win.sicklier.com
2 sentry-next.wixpress.com browser.sentry-cdn.com
2 1win.sicklier.com 1win.sicklier.com
1 ecom.wixapps.net 1win.sicklier.com
1 ding.wix.com 1win.sicklier.com
1 engage.wixapps.net 1win.sicklier.com
1 apps.wixrestaurants.com 1win.sicklier.com
1 www-sadepatisserie-com.filesusr.com 1win.sicklier.com
1 browser.sentry-cdn.com 1win.sicklier.com
57 11

This site contains no links.

Subject Issuer Validity Valid
1win.sicklier.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.parastorage.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-11 -
2024-07-09		 6 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-01 -
2024-06-29		 6 months crt.sh
*.filesusr.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-25 -
2024-06-22		 6 months crt.sh
apps.wixrestaurants.com
GTS CA 1D4		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.wixapps.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-22 -
2024-06-19		 6 months crt.sh
*.wix.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-24 -
2024-09-20		 6 months crt.sh
*.wixpress.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-29 -
2024-06-26		 6 months crt.sh

This page contains 6 frames:

Primary Page: https://1win.sicklier.com/
Frame ID: B45FE0953CAFB17D690023CCDFBFDCF3
Requests: 53 HTTP requests in this frame

Frame: https://www-sadepatisserie-com.filesusr.com/html/b645b0_fee1343aa126e572af59637bc1b73c9d.html
Frame ID: 7691299625FE56A1521EE4CB966467C1
Requests: 1 HTTP requests in this frame

Frame: https://apps.wixrestaurants.com/?type=wixmenus.client&pageId=y7mdl&compId=TPASection_k8pkxkx8&viewerCompId=TPASection_k8pkxkx8&siteRevision=2&viewMode=site&deviceType=desktop&locale=tr&tz=Europe%2FIstanbul&regionalLanguage=tr&width=1594&height=3294&instance=Bk-hKJeMqR37dCPhibc1s1ezqpjrZsWCaojNaXgkhT0.eyJpbnN0YW5jZUlkIjoiZjA4ODg1MjctYjAyNS00ODhmLTg4ZTEtZmQ4NzExYjAzNWVmIiwiYXBwRGVmSWQiOiIxM2MxNDAyYy0yN2YyLWQ0YWItNzQ2My1lZTdjODllMDc1NzgiLCJtZXRhU2l0ZUlkIjoiNDZmZTFkMTMtYWYwYi00ZTYyLWFjZTAtYmMyZTJiODgyMDc3Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTEzVDA2OjE3OjEzLjMxNVoiLCJ2ZW5kb3JQcm9kdWN0SWQiOiJyZXN0X3BybyIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiOTY4ODBkM2QtYWIyYS00YzE3LTgzMTItZjM3M2QwNjExZDBjIiwiYmlUb2tlbiI6ImI2NzY5ODM0LTFmMmUtMDZlZC0yNDAxLTQxYTkzYTM4MTU5OCIsInNpdGVPd25lcklkIjoiYjY0NWIwMGYtZGUwOS00MDYzLTk0NmQtOTUzNmUzMjIzMmJkIn0&currency=TRY&currentCurrency=TRY&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3Anull%2C%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%2C%22BSI%22%3Anull%7D&currentRoute=.%2F&target=_top&section-url=https%3A%2F%2F1win.sicklier.com%2Fnelerimiz-var%2F&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=99b5f516-af75-416f-86e5-90f539d3e471
Frame ID: FE91526B3F2A920678CAD4CBA4C469A2
Requests: 1 HTTP requests in this frame

Frame: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?pageId=masterPage&compId=comp-jr0r6dn9&viewerCompId=comp-jr0r6dn9&siteRevision=2&viewMode=site&deviceType=desktop&locale=tr&tz=Europe%2FIstanbul&regionalLanguage=tr&width=0&height=0&instance=29S-GQbR6wKGs_IJuVcFtE8drVrR7tgKOE86NopnS04.eyJpbnN0YW5jZUlkIjoiNTkzODExYTEtOTc5NC00NjgxLTlkYzYtOWRkNWRkNDdjZGI0IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiNDZmZTFkMTMtYWYwYi00ZTYyLWFjZTAtYmMyZTJiODgyMDc3Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTEzVDA2OjE3OjEzLjMxNVoiLCJkZW1vTW9kZSI6ZmFsc2UsIm9yaWdpbkluc3RhbmNlSWQiOiJlZTkzZTQ0ZC0yMjc4LTQzN2QtYmI0Ni1iNmI3ODBiNjk1YzYiLCJhaWQiOiI5Njg4MGQzZC1hYjJhLTRjMTctODMxMi1mMzczZDA2MTFkMGMiLCJiaVRva2VuIjoiMWZjNjBjYjItMzg5Zi0wOGUzLTMxMjYtMjFmYmY2Y2ZlZGMzIiwic2l0ZU93bmVySWQiOiJiNjQ1YjAwZi1kZTA5LTQwNjMtOTQ2ZC05NTM2ZTMyMjMyYmQifQ&currency=TRY&currentCurrency=TRY&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3Anull%2C%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%2C%22BSI%22%3Anull%7D&currentRoute=.%2F&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=99b5f516-af75-416f-86e5-90f539d3e471
Frame ID: B629E347BEF1B9BC988902FBD95513A4
Requests: 1 HTTP requests in this frame

Frame: https://ding.wix.com/asdk/dispatcher.html?pageId=masterPage&compId=tpaWorker_2095&viewerCompId=tpaWorker_2095&siteRevision=2&viewMode=site&deviceType=desktop&locale=tr&tz=Europe%2FIstanbul&regionalLanguage=tr&endpointType=worker&instance=-sHHAq-2F8ZYcNyhBPrDwk-w6WJyu6kJ_FLIvd2G5sg.eyJpbnN0YW5jZUlkIjoiMjk4ZWVkYjUtZjA1MC00ZGFmLWFkOTItMmMwMGRmYjU4YjlhIiwiYXBwRGVmSWQiOiIxM2U4ZDAzNi01NTE2LTYxMDQtYjQ1Ni1jODQ2NmRiMzk1NDIiLCJtZXRhU2l0ZUlkIjoiNDZmZTFkMTMtYWYwYi00ZTYyLWFjZTAtYmMyZTJiODgyMDc3Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTEzVDA2OjE3OjEzLjMxNVoiLCJ2ZW5kb3JQcm9kdWN0SWQiOiJyZXN0X3BybyIsImRlbW9Nb2RlIjpmYWxzZSwib3JpZ2luSW5zdGFuY2VJZCI6IjhlMThhNjk0LTUxZjktNDcxOS1iYjZhLTViNmEwNjY2MzJlOSIsImFpZCI6Ijk2ODgwZDNkLWFiMmEtNGMxNy04MzEyLWYzNzNkMDYxMWQwYyIsImJpVG9rZW4iOiI2ZjcwZjBhNi01ZjViLTAzY2QtMDE3Mi05MDJlZjQzZGFiZWQiLCJzaXRlT3duZXJJZCI6ImI2NDViMDBmLWRlMDktNDA2My05NDZkLTk1MzZlMzIyMzJiZCJ9&currency=TRY&currentCurrency=TRY&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3Anull%2C%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%2C%22BSI%22%3Anull%7D&currentRoute=.%2F&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=99b5f516-af75-416f-86e5-90f539d3e471
Frame ID: F192770BDFB6AAB3D9AE4CB2DAEBB84C
Requests: 1 HTTP requests in this frame

Frame: https://ecom.wixapps.net/storefront/cartwidgetPopup?pageId=y7mdl&compId=tpapopup-1715581035793_rtby_comp-k8ihiolt&viewerCompId=tpapopup-1715581035793_rtby_comp-k8ihiolt&siteRevision=2&viewMode=site&deviceType=desktop&locale=tr&tz=Europe%2FIstanbul&regionalLanguage=tr&width=34&height=40&isInPopup=true&origCompId=comp-k8ihiolt&instance=DU21WoP9RFM-z3WgmAQRuXItKTC32S_M4s5kDzcqCX8.eyJpbnN0YW5jZUlkIjoiNjAyOTZiNGMtZGUzNi00NDgwLWIxOTUtNmI2ZTBjOTQ5M2ZmIiwiYXBwRGVmSWQiOiIxMzgwYjcwMy1jZTgxLWZmMDUtZjExNS0zOTU3MWQ5NGRmY2QiLCJtZXRhU2l0ZUlkIjoiNDZmZTFkMTMtYWYwYi00ZTYyLWFjZTAtYmMyZTJiODgyMDc3Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTEzVDA2OjE3OjEzLjMxNVoiLCJ2ZW5kb3JQcm9kdWN0SWQiOiJzdG9yZXNfc2lsdmVyIiwiZGVtb01vZGUiOmZhbHNlLCJhaWQiOiI5Njg4MGQzZC1hYjJhLTRjMTctODMxMi1mMzczZDA2MTFkMGMiLCJiaVRva2VuIjoiMjZkNzc2NWYtNzEzZC0wYWUyLTFkNzUtZDc0MDI3MWNiMzg4Iiwic2l0ZU93bmVySWQiOiJiNjQ1YjAwZi1kZTA5LTQwNjMtOTQ2ZC05NTM2ZTMyMjMyYmQifQ&currency=TRY&currentCurrency=TRY&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3Anull%2C%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%2C%22BSI%22%3Anull%7D&currentRoute=.%2F&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=99b5f516-af75-416f-86e5-90f539d3e471
Frame ID: E94670DA0C55E3ADB937B359B7A60DCF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win Nelerimiz var | Sade Patisserie

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.parastorage\.com
Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Page Statistics

57
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1469 kB
Transfer

2434 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1win.sicklier.com/ 		716 KB
717 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.180.158.159 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software
/
Resource Hash
e5368a57478721fabb95245e909f60af3eb3ae04b9309c0bb9c6b2bafbfeba40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000
cache-control
max-age=0
content-length
733371
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 00:56:41 GMT
etag
"sdfbywfpvf"
referrer-policy
same-origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bundle.min.js
browser.sentry-cdn.com/6.18.2/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.18.2/bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fc282ceb777458c14cd5a30ca54a0ba2b409136658b467c25bf929c185ad68f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:56:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 08 Mar 2022 14:01:18 GMT
server
Fastly
age
13809189
etag
"5b6773578af8dd5591339930c2b29024"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20626
expires
Wed, 08 Mar 2023 14:19:38 GMT
originTrials.41d7301a.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		559 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/originTrials.41d7301a.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
383a059190ebd0df27a579ff105625a45d17cda747180831abfa7fad7d61b592

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r4awuIH8ArkNhHOhD.THSk2Kq6RX27Pl
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 18 Apr 2024 04:12:22 GMT
x-gcp-cdn-pop
AMS-cba56054
age
2234659
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
423
x-wix-request-id
1713413542.1893390840180121021446
last-modified
Wed, 17 Apr 2024 16:24:54 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"9d1a493b511891ff2beb1359384eb679"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
546275891 488818317
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVcxXCkSrKbVttFv2SShbFg6m8ZDY613cHYLbuhNMgAom1
mobile-app-invite-banner.css
static.parastorage.com/unpkg-semver/mobile-app-invite-banner/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg-semver/mobile-app-invite-banner/mobile-app-invite-banner.css
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
4bdf2e1f58bc7dbd5d5c91f8e3d4c280ec6f53a1ad0a5aa7f0318876177796f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:37:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
1157
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1368
x-wix-request-id
1715647044.911160569258591872839
last-modified
Tue, 19 Mar 2024 13:04:43 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
"56e945abf41686a806ed364b66e433c8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
280151977 281649805
access-control-allow-origin
*
content-type
text/css
cache-control
public, max-age=1800
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
mobile-app-invite-banner.umd.min.js
static.parastorage.com/unpkg-semver/mobile-app-invite-banner/ 		131 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg-semver/mobile-app-invite-banner/mobile-app-invite-banner.umd.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
f1e43a908abc45d504866af363f70868fcafc37af47114b95f2dd0e0f9b6def7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:52:40 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
241
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40576
x-wix-request-id
1715647960.2121688445021412224745
last-modified
Tue, 19 Mar 2024 13:04:43 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
"2381cafcdd5c543c7470f36415bbffdd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
933209928 934091862
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=1800
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc/V2kPxJZPbYObVQrbu3zhQeGdLDLXwpLd0CTVHPbfOd
app.bundle.min.js
static.parastorage.com/services/cookie-consent-banner-for-uou/1.730.0// 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/cookie-consent-banner-for-uou/1.730.0//app.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
7d96130cedd2650a4c9db3aa1cc2148963cc3b90fb6a1ea6c25c5d4a0cd8bb5e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
4GR8kRjhfRxbDGTLuZLvU6hjsq8S84ao
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 21 Apr 2024 16:19:03 GMT
x-gcp-cdn-pop
AMS-cba56054
age
1931858
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15949
x-wix-request-id
1713716343.0383766093293121035934
last-modified
Thu, 08 Feb 2024 12:07:13 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"6a5f934f671aa54c438b866d0668977e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
598365158 360587401
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt_bootstrap.42731179.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap.42731179.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
b307573c0406ba22f89c31a59de65399559aa896686952cdab3308d60ca5e1b3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
0RBVJ2KNQlE0tXNP2ZEeEff0L7aV_QBN
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 06 May 2024 00:38:42 GMT
x-gcp-cdn-pop
AMS-cba56054
age
692279
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14245
x-wix-request-id
1714955922.71459887266921872840
last-modified
Sun, 05 May 2024 07:09:07 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"c536340333689cb3c1cb1fcbfdaf6ac2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
557693149 459366548
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt_bootstrap-responsive.f13e03d3.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap-responsive.f13e03d3.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
278140dc2893aafb59b8cfb8af43780dd69a2e83bc0592985ce90adef41fc501

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
4jyLBOjLjbRMSciWJpdUnsD.R7pmzcon
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 18 Apr 2024 04:12:38 GMT
x-gcp-cdn-pop
AMS-cba56054
age
2234643
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6647
x-wix-request-id
1713413558.754342383080751105749
last-modified
Tue, 16 Apr 2024 07:56:35 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"6c4df3492a84d84d00e3409ac49b7e2d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
546216522 319762403
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVcxXCkSrKbVttFv2SShbFg6m8ZDY613cHYLbuhNMgAom1
rb_wixui.thunderbolt[LoginSocialBar].cc97b85f.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[LoginSocialBar].cc97b85f.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
1cf39746811d5fc2cc1dfedba896db63c645c212a602d42561c444fb1387a27a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
7BvZfty3Tm8jJ4ftqerRBXyTjYRm4aAX
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 21 Apr 2024 05:05:37 GMT
x-gcp-cdn-pop
AMS-cba56054
age
1972264
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12229
x-wix-request-id
1713675937.5533687169171111035933
last-modified
Sat, 20 Apr 2024 22:52:12 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"79bdc65e86311cd36ef73c93c0cd8d1a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
504736367 487128012
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[VerticalMenu_VerticalMenuSolidColorSkin].ec2c06e9.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[VerticalMenu_VerticalMenuSolidColorSkin].ec2c06e9.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
8a6e2a7100360bdbe196260f2c6ab949ea90733cee71a83b790a511f04484bfa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9ApKwjklm7fcRT7H9FqHQHmJcBW3i8rb
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Wed, 01 May 2024 09:30:32 GMT
x-gcp-cdn-pop
AMS-cba56054
age
1092369
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4331
x-wix-request-id
1714555832.17854227670212224744
last-modified
Wed, 01 May 2024 06:17:37 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"1db416b30c7f7b9c5461b198302fd127"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
61370216 43936565
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc/V2kPxJZPbYObVQrbu3zhQeGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt_bootstrap-classic.3bf2ca42.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap-classic.3bf2ca42.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
afaf0e77cc1610dc85d9fc4ad092654d885183d172691f0cf9358448329da327

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
elbH.19s6uKICSeoqfRLXKOsIazAMleX
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 06 May 2024 00:38:42 GMT
x-gcp-cdn-pop
AMS-cba56054
age
692279
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12610
x-wix-request-id
1714955922.79862927056122224745
last-modified
Sun, 05 May 2024 07:09:07 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"e6c294bf7526e3500fc8ed97c9e8b6cf"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
992152353 856552905
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc1tQmS28JMtgHj+uYScAmBW8ZDY613cHYLbuhNMgAom1
rb_wixui.thunderbolt[TextInput].0eb017da.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[TextInput].0eb017da.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
143f73d141379120b0883a3d90c60e3f2c314c8e2112cc6000e597cff123d802

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
51_lfSNFnDRDDWeMYi_gasV19wt23vaH
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 09 May 2024 09:19:47 GMT
x-gcp-cdn-pop
AMS-cba56054
age
401814
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3968
x-wix-request-id
1715246387.0141077377028521872840
last-modified
Tue, 07 May 2024 13:01:43 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"8e770fe012356468a261c8fe345cea31"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
946221032 721646736
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[Container_DefaultAreaSkin].6e876b54.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[Container_DefaultAreaSkin].6e876b54.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
1a5a9f61774bd61206633b6ff75a52eff57ae90942a73cfb1fad47c88c533cab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BOB8KK2t3zU7tIgRwEojXvdb4y2c1xoc
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 02 May 2024 20:32:21 GMT
x-gcp-cdn-pop
AMS-cba56054
age
966260
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2250
x-wix-request-id
1714681941.93825568361322224750
last-modified
Wed, 01 May 2024 14:01:04 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"b4f4454353a017d632bde239bafc98f4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
524177539 305117528
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1
rb_wixui.thunderbolt[AppWidget_Classic].d3aba22a.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[AppWidget_Classic].d3aba22a.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
0050eddcfd9a23f9c1f9ed662dc2572845b5a2f8c0f189066ef60e37e218c514

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
lKeAKSvmrDQTGMlW.ktIe3JHRP3FvWVX
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 22 Apr 2024 16:00:10 GMT
x-gcp-cdn-pop
AMS-cba56054
age
1846591
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1393
x-wix-request-id
1713801610.5304124226270251182822
last-modified
Mon, 22 Apr 2024 15:57:00 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"cd5a02c88e932d8c35e92de9fbc27029"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
800244091 798845640
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[FormContainer_FormContainerSkin].659d3520.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[FormContainer_FormContainerSkin].659d3520.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
0b5116cdaf54fc80a3b104ef58fd869f9b16b3f73af139909b0d3f7dd03afdc3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
mRKGG_IsET1n604HoP9QkNqqVEgLKqO0
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 02 May 2024 21:45:41 GMT
x-gcp-cdn-pop
AMS-cba56054
age
961860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1513
x-wix-request-id
1714686341.905257017257491737046
last-modified
Wed, 01 May 2024 10:20:55 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"96f6fea5b377607c3c15d7c458845863"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
617696775 401451959
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[MeshGroup].b5c7f663.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[MeshGroup].b5c7f663.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
f17611d1a10edf6221f2017f265414707bca9d25a48ea914af0e4d55de346d48

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
us4nU7oIDighrC7lHi2bM6soTqoEHw29
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 22 Apr 2024 16:00:10 GMT
x-gcp-cdn-pop
AMS-cba56054
age
1846591
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1305
x-wix-request-id
1713801610.5363897597570201035932
last-modified
Mon, 22 Apr 2024 15:57:04 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"eb753b7c898987fe6340359043745452"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
57391250 24703076
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
63f71023f3b6b9f39f7133f47c40bac372024142a124856036eb4fdc44e7364f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
v9SbOYdCqG.ezl5yq82P8bTo.iDihG0I
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 06 May 2024 00:38:42 GMT
x-gcp-cdn-pop
AMS-cba56054
age
692279
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1228
x-wix-request-id
1714955922.77861524299531737044
last-modified
Sun, 05 May 2024 11:34:12 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"62bf38eeb5f26768463d6a50d5235f11"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
557693167 499822266
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[HtmlComponent].dffd4bd2.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[HtmlComponent].dffd4bd2.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
da0971e3fa55251074c4d58a9e7bc669683217da11cfe08a3a57cc47d02b60fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cBJk6uEuoAHBeqjQol_NVYeN4jmIjB0F
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 29 Apr 2024 02:38:52 GMT
x-gcp-cdn-pop
AMS-cba56054
age
1289869
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1723
x-wix-request-id
1714358332.132492707102311105747
last-modified
Sat, 27 Apr 2024 11:51:59 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"4b29f04b7fe33b7a5cd4bfaa1445f27e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
858694618 738860427
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[ClassicSection].cf7b0755.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[ClassicSection].cf7b0755.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
79dd94ed6ecbfe9301e3788b071edecad1d73f3d39b307e3f8dcdc1c3614146b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kvksxn86gyJu3JHDQQxfN1HT6o1Q2W8i
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 22 Apr 2024 16:00:10 GMT
x-gcp-cdn-pop
AMS-cba56054
age
1846591
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4849
x-wix-request-id
1713801610.5314124226274271182818
last-modified
Mon, 22 Apr 2024 15:57:01 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"5ce25d14d0de2e2ff87ab5742846b91b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
911990785 912024593
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1
rb_wixui.thunderbolt[SlideShowContainer].ccb521be.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[SlideShowContainer].ccb521be.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
a690ebd83235d5406b137b2082f75153338c9b84446e19a5645d0eb0effec4e4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
7PocEmOkTt6RivWttbAZBXgxQ6qnkAEz
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Tue, 16 Apr 2024 01:35:23 GMT
x-gcp-cdn-pop
AMS-cba56054
age
2416878
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7632
x-wix-request-id
1713231323.3263105614589241182824
last-modified
Mon, 15 Apr 2024 12:51:58 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"115115e390a1b3607a9a20f79df35d40"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
368259027 266361591
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[SlideShowSlide].77b09985.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[SlideShowSlide].77b09985.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
bec0809b652c90b6b0f2d2ed5e42ffdf1cee66ba99f9a485bc7090b89abbc785

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fjBZ_bj2Uy8O2LsEc4s8RH7dLt8kqIA9
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 22 Apr 2024 16:00:10 GMT
x-gcp-cdn-pop
AMS-cba56054
age
1846591
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4332
x-wix-request-id
1713801610.5363897670037141035930
last-modified
Mon, 22 Apr 2024 15:57:07 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"e6004dea22336f4d4461429c2d529fe9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
230519918 224418899
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
requirejs.min.js
static.parastorage.com/unpkg/requirejs-bolt@2.3.6/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 01:59:51 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
2501810
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6191
x-wix-request-id
1713146391.3212937239889151105744
last-modified
Thu, 24 Jan 2019 14:24:53 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"18823f6a6d208ee1e361bb266ab794d5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
183308278 69979008
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVcxXCkSrKbVttFv2SShbFg6m8ZDY613cHYLbuhNMgAom1
CartIconViewerWidgetNoCss.bundle.min.js
static.parastorage.com/services/ecom-platform-cart-icon/1.557.0/ 		171 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/ecom-platform-cart-icon/1.557.0/CartIconViewerWidgetNoCss.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
d300b005d41348ba3c0ae4e264b68fc956018f09b523193d27ce39401e55cc54

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
SKke2g4BbgGR5Cwv1XfwUQUw8rPqULeZ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 05 May 2024 09:05:23 GMT
x-gcp-cdn-pop
AMS-cba56054
age
748278
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45856
x-wix-request-id
1714899923.701523477356261737046
last-modified
Sat, 04 May 2024 21:07:22 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"1ce6b1914d00af963e8d2dc624d1d2da"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
524767695 447243610
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
TPAPopup.7e7f441d.chunk.min.css
static.parastorage.com/services/wix-thunderbolt/dist/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/TPAPopup.7e7f441d.chunk.min.css
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
ab4a32fd00a897169d17644838cf3e34123a60495b1d7623777b7d65e4321a32

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6xUwbPGxpdEesJ4FDBdlfEGslyVAA4Qk
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 18 Apr 2024 04:12:43 GMT
x-gcp-cdn-pop
AMS-5232d789
age
2234638
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2082
x-wix-request-id
1713413563.8033439409241171182825
last-modified
Wed, 17 Apr 2024 09:57:02 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"cb0886c55d9157dd5eeb5a0daf5e71f4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
953144828 658461129
access-control-allow-origin
*
content-type
text/css; charset=utf-8
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc1tQmS28JMtgHj+uYScAmBW8ZDY613cHYLbuhNMgAom1
b645b0_6c5b554892a046fdbfa730651643d966~mv2.jpg
static.wixstatic.com/media/b645b0_6c5b554892a046fdbfa730651643d966~mv2.jpg/v1/fill/w_1386,h_431,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/b645b0_6c5b554892a046fdbfa730651643d966~mv2.jpg/v1/fill/w_1386,h_431,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/b645b0_6c5b554892a046fdbfa730651643d966~mv2.jpg
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8c00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
224983af34f9bc6d11a5e58a4ee31ab334d6fac994436fd9197fab420edcb1da

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 14:14:03 GMT
via
1.1 google, 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
297758
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
87474
wix-tracer
2gHNG1kelM0CUKAeVwy7tIy2vkc
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
5M3c2ssM21ynCgfrmFkBbbv8IpHqNXPIxLogKKojWoWpAUVcMoXsAg==
x-seen-by
image-manipulator-57dfff6f95-x8nqd
logo_band_colored_1X.png
static.wixstatic.com/media/b645b0_5863a38e2ce448c292a2a2107b911066~mv2.png/v1/fill/w_429,h_32,al_c,q_85,enc_auto/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/b645b0_5863a38e2ce448c292a2a2107b911066~mv2.png/v1/fill/w_429,h_32,al_c,q_85,enc_auto/logo_band_colored_1X.png
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8c00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e8cffee0f9f2e9a03e3069e5cf0d3f49faa4603db5a87ca1cf51e14308cc4f13

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 23:03:49 GMT
via
1.1 google, 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
93172
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8328
wix-tracer
2gO3vigXv4c3ouOgYvnVaGrXGxd
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
GjxLNYM7mTQo-5gZJN0Ij0vwucf17yVsOtJKnIZ83nHzV-nIhqmwqg==
x-seen-by
image-manipulator-57dfff6f95-c7vg6
thunderbolt
siteassets.parastorage.com/pages/pages/ 		128 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221763%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.minWidthFromLayout%3Atrue%2Cspecs.thunderbolt.root_components_carmi%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.proGalleryMasterInfo%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.facebookVideoPlayerDimensions%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.fixVectorImageShouldScaleStroke%3Atrue%2Cspecs.thunderbolt.render_all_tabs%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.FontDisplaySwap%3Atrue%2Cspecs.thunderbolt.UseWixDataItemService%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.TPA3DGalleryEEUrl%3Atrue%2Cspecs.thunderbolt.allowWEBPTransformation%3Atrue%2Cspecs.thunderbolt.useNewImageParallax%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fixResponsiveBoxContainerLayoutClass%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue%2Cspecs.thunderbolt.TextInputAutoFillFix%3Atrue&commonConfig=%7B%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%7D&contentType=application%2Fjson&cssPerBreakpointWidgetIds=a63a5215-8aa6-42af-96b1-583bfd74cff5%2C13afb094-84f9-739f-44fd-78d036adb028%2C139a41fd-0b1d-975f-6f67-e8cbdf8ccc82%2C1380bba0-253e-a800-a235-88821cf3f8a4%2Cbda15dc1-816d-4ff3-8dcb-1172d5343cce%2C80a3bd56-82b4-4193-8bb4-b7cb0f3f1830%2C15293875-09d7-6913-a093-084a9b6ae7f4%2C47a7e7bb-f412-4093-9155-1ff5adbc4dae%2C8cce2b9e-8549-46c7-8ad2-f75bf28534ac%2Ca7dcdfcb-8abd-4008-af19-fed5fcd12b40%2C83b2af08-c021-40c8-a3a5-b329a959ec2b%2C0a9f687f-7e00-4576-a8e1-9415844b8f44%2C513a5d84-3ebb-4ca6-a5aa-83effd2123b9%2C14dd1af6-3e02-63db-0ef2-72fbc7cc3136%2C14cefc05-d163-dbb7-e4ec-cd4f2c4d6ddd&deviceType=Desktop&dfCk=6&dfVersion=1.3385.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_cancelMediaBackgroundDuplicationFixer%2Cdm_fixVectorImageModesOverridesProperties%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_onlyRerunWhenFixerRequiresReruns%2Cdm_screenInBehaviorsToEntranceEffectsFixer%2Cdm_stopMasterpageFixerLoop&externalBaseUrl=https%3A%2F%2F1win.sicklier.com&fileId=ea813feb.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=true&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=tr&languageResolutionMethod=QueryParam&metaSiteId=46fe1d13-af0b-4e62-ace0-bc2e2b882077&migratingToOoiWidgetIds=14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-features&originalLanguage=tr&pageId=b645b0_1b8d8eab0dc3edd030ae6770d5f4b562_2.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.12081.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.12081.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=a3d98076-73c5-40e5-a95c-9ee4b1831d1d&siteRevision=2&staticHTMLComponentUrl=https%3A%2F%2Fwww-sadepatisserie-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
a0fa83f0a2a5fd73e9ce5d7f9c22a23bc19c80fc7af5ec65b304481bcfb8986c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:56:41 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-5232d789
x-cache-status
HIT
x-cache
miss
x-cluster-self-is-next
false
x-cluster-node-role
proxy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27549
x-wix-request-id
1715648201.3331679947276102036539
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
etag
W/"200b4-uSbGCGXRpu5aIiETGFzCVvjGFf0"
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
x-varnish
826661314 424400093, 1059146460
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR374RQdxc2YkTyvjbAKeo4Sr7,ZUT6NeJ/NsDmQ9DMGnwT1DZe7saXJrqXI/cbJwRhqu4MWYddTfCMDD8HSURQA7Jw
thunderbolt
siteassets.parastorage.com/pages/pages/ 		41 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221763%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.minWidthFromLayout%3Atrue%2Cspecs.thunderbolt.root_components_carmi%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.proGalleryMasterInfo%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.facebookVideoPlayerDimensions%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.fixVectorImageShouldScaleStroke%3Atrue%2Cspecs.thunderbolt.render_all_tabs%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.FontDisplaySwap%3Atrue%2Cspecs.thunderbolt.UseWixDataItemService%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.TPA3DGalleryEEUrl%3Atrue%2Cspecs.thunderbolt.allowWEBPTransformation%3Atrue%2Cspecs.thunderbolt.useNewImageParallax%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fixResponsiveBoxContainerLayoutClass%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue%2Cspecs.thunderbolt.TextInputAutoFillFix%3Atrue&commonConfig=%7B%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%7D&contentType=application%2Fjson&cssPerBreakpointWidgetIds=a63a5215-8aa6-42af-96b1-583bfd74cff5%2C13afb094-84f9-739f-44fd-78d036adb028%2C139a41fd-0b1d-975f-6f67-e8cbdf8ccc82%2C1380bba0-253e-a800-a235-88821cf3f8a4%2Cbda15dc1-816d-4ff3-8dcb-1172d5343cce%2C80a3bd56-82b4-4193-8bb4-b7cb0f3f1830%2C15293875-09d7-6913-a093-084a9b6ae7f4%2C47a7e7bb-f412-4093-9155-1ff5adbc4dae%2C8cce2b9e-8549-46c7-8ad2-f75bf28534ac%2Ca7dcdfcb-8abd-4008-af19-fed5fcd12b40%2C83b2af08-c021-40c8-a3a5-b329a959ec2b%2C0a9f687f-7e00-4576-a8e1-9415844b8f44%2C513a5d84-3ebb-4ca6-a5aa-83effd2123b9%2C14dd1af6-3e02-63db-0ef2-72fbc7cc3136%2C14cefc05-d163-dbb7-e4ec-cd4f2c4d6ddd&deviceType=Desktop&dfCk=6&dfVersion=1.3385.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_cancelMediaBackgroundDuplicationFixer%2Cdm_fixVectorImageModesOverridesProperties%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_onlyRerunWhenFixerRequiresReruns%2Cdm_screenInBehaviorsToEntranceEffectsFixer%2Cdm_stopMasterpageFixerLoop&externalBaseUrl=https%3A%2F%2F1win.sicklier.com&fileId=ea813feb.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=true&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=tr&languageResolutionMethod=QueryParam&metaSiteId=46fe1d13-af0b-4e62-ace0-bc2e2b882077&migratingToOoiWidgetIds=14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-features&originalLanguage=tr&pageId=b645b0_560a6786c049acfe736e56a675624ba0_221.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.12081.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.12081.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=a3d98076-73c5-40e5-a95c-9ee4b1831d1d&siteRevision=2&staticHTMLComponentUrl=https%3A%2F%2Fwww-sadepatisserie-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
7d83f84a2df9ac06f62cf9be8b95c878d64a107062e1eb8f63cd9c568a5fd336

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:56:41 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-5232d789
x-cache-status
HIT
x-cache
miss
x-cluster-self-is-next
false
x-cluster-node-role
proxy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9731
x-wix-request-id
1715648201.3481606751972151872842
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
etag
W/"a2a1-dHPR/Vw6T7nXv9hPawQLwxm3Fuo"
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
x-varnish
1052541495 644406817, 842310825
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377Z/xN1Ng9tGxBj4ASlBXYq,ZUT6NeJ/NsDmQ9DMGnwT1IZznndW0TCF2d09XsbxCxvjGtI0uXX56slJq/a7KOoh
thunderbolt
siteassets.parastorage.com/pages/pages/ 		18 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221763%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.minWidthFromLayout%3Atrue%2Cspecs.thunderbolt.root_components_carmi%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.proGalleryMasterInfo%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.facebookVideoPlayerDimensions%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.fixVectorImageShouldScaleStroke%3Atrue%2Cspecs.thunderbolt.render_all_tabs%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.FontDisplaySwap%3Atrue%2Cspecs.thunderbolt.UseWixDataItemService%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.TPA3DGalleryEEUrl%3Atrue%2Cspecs.thunderbolt.allowWEBPTransformation%3Atrue%2Cspecs.thunderbolt.useNewImageParallax%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fixResponsiveBoxContainerLayoutClass%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue%2Cspecs.thunderbolt.TextInputAutoFillFix%3Atrue&commonConfig=%7B%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%7D&contentType=application%2Fjson&cssPerBreakpointWidgetIds=a63a5215-8aa6-42af-96b1-583bfd74cff5%2C13afb094-84f9-739f-44fd-78d036adb028%2C139a41fd-0b1d-975f-6f67-e8cbdf8ccc82%2C1380bba0-253e-a800-a235-88821cf3f8a4%2Cbda15dc1-816d-4ff3-8dcb-1172d5343cce%2C80a3bd56-82b4-4193-8bb4-b7cb0f3f1830%2C15293875-09d7-6913-a093-084a9b6ae7f4%2C47a7e7bb-f412-4093-9155-1ff5adbc4dae%2C8cce2b9e-8549-46c7-8ad2-f75bf28534ac%2Ca7dcdfcb-8abd-4008-af19-fed5fcd12b40%2C83b2af08-c021-40c8-a3a5-b329a959ec2b%2C0a9f687f-7e00-4576-a8e1-9415844b8f44%2C513a5d84-3ebb-4ca6-a5aa-83effd2123b9%2C14dd1af6-3e02-63db-0ef2-72fbc7cc3136%2C14cefc05-d163-dbb7-e4ec-cd4f2c4d6ddd&dfCk=6&dfVersion=1.3385.0&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_cancelMediaBackgroundDuplicationFixer%2Cdm_fixVectorImageModesOverridesProperties%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_onlyRerunWhenFixerRequiresReruns%2Cdm_screenInBehaviorsToEntranceEffectsFixer%2Cdm_stopMasterpageFixerLoop&externalBaseUrl=https%3A%2F%2F1win.sicklier.com&fileId=f10b19d7.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=true&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=tr&metaSiteId=46fe1d13-af0b-4e62-ace0-bc2e2b882077&migratingToOoiWidgetIds=14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-platform&originalLanguage=tr&pageId=b645b0_1b8d8eab0dc3edd030ae6770d5f4b562_2.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.12081.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.12081.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=a3d98076-73c5-40e5-a95c-9ee4b1831d1d&siteRevision=2&staticHTMLComponentUrl=https%3A%2F%2Fwww-sadepatisserie-com.filesusr.com%2F&viewMode=desktop
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
1a493aa7478f138d1d1433e17ea9eccafeb7775ca7530c8a800a35a9c04d4d95

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:56:41 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-5232d789
x-cache-status
HIT
x-cache
miss
x-cluster-self-is-next
false
x-cluster-node-role
proxy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4798
x-wix-request-id
1715648201.330160685661621872844
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
etag
W/"47b7-m2JfokoXV/BVpsE+riXnYzd4TwU"
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
x-varnish
1047829915 638119012, 315282971
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377Z/xN1Ng9tGxBj4ASlBXYq,ZUT6NeJ/NsDmQ9DMGnwT1CIjmOzmapZydGfiqJCxYjxxkI1ht9YEGVGzw2flU8cr
thunderbolt
siteassets.parastorage.com/pages/pages/ 		7 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221763%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.minWidthFromLayout%3Atrue%2Cspecs.thunderbolt.root_components_carmi%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.proGalleryMasterInfo%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.facebookVideoPlayerDimensions%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.fixVectorImageShouldScaleStroke%3Atrue%2Cspecs.thunderbolt.render_all_tabs%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.FontDisplaySwap%3Atrue%2Cspecs.thunderbolt.UseWixDataItemService%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.TPA3DGalleryEEUrl%3Atrue%2Cspecs.thunderbolt.allowWEBPTransformation%3Atrue%2Cspecs.thunderbolt.useNewImageParallax%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fixResponsiveBoxContainerLayoutClass%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue%2Cspecs.thunderbolt.TextInputAutoFillFix%3Atrue&commonConfig=%7B%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%7D&contentType=application%2Fjson&cssPerBreakpointWidgetIds=a63a5215-8aa6-42af-96b1-583bfd74cff5%2C13afb094-84f9-739f-44fd-78d036adb028%2C139a41fd-0b1d-975f-6f67-e8cbdf8ccc82%2C1380bba0-253e-a800-a235-88821cf3f8a4%2Cbda15dc1-816d-4ff3-8dcb-1172d5343cce%2C80a3bd56-82b4-4193-8bb4-b7cb0f3f1830%2C15293875-09d7-6913-a093-084a9b6ae7f4%2C47a7e7bb-f412-4093-9155-1ff5adbc4dae%2C8cce2b9e-8549-46c7-8ad2-f75bf28534ac%2Ca7dcdfcb-8abd-4008-af19-fed5fcd12b40%2C83b2af08-c021-40c8-a3a5-b329a959ec2b%2C0a9f687f-7e00-4576-a8e1-9415844b8f44%2C513a5d84-3ebb-4ca6-a5aa-83effd2123b9%2C14dd1af6-3e02-63db-0ef2-72fbc7cc3136%2C14cefc05-d163-dbb7-e4ec-cd4f2c4d6ddd&dfCk=6&dfVersion=1.3385.0&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_cancelMediaBackgroundDuplicationFixer%2Cdm_fixVectorImageModesOverridesProperties%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_onlyRerunWhenFixerRequiresReruns%2Cdm_screenInBehaviorsToEntranceEffectsFixer%2Cdm_stopMasterpageFixerLoop&externalBaseUrl=https%3A%2F%2F1win.sicklier.com&fileId=f10b19d7.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=true&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=tr&metaSiteId=46fe1d13-af0b-4e62-ace0-bc2e2b882077&migratingToOoiWidgetIds=14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-platform&originalLanguage=tr&pageId=b645b0_560a6786c049acfe736e56a675624ba0_221.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.12081.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.12081.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=a3d98076-73c5-40e5-a95c-9ee4b1831d1d&siteRevision=2&staticHTMLComponentUrl=https%3A%2F%2Fwww-sadepatisserie-com.filesusr.com%2F&viewMode=desktop
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
b28c6f459147477fadb4d7865c042c18ad2d595db5e5bb94c8595e4c78706298

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:56:41 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-5232d789
x-cache-status
HIT
x-cache
miss
x-cluster-self-is-next
false
x-cluster-node-role
proxy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1396
x-wix-request-id
1715648201.3311650624177271737049
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
etag
W/"1b00-X6DBextC7k5FusVwLheSfkHaibw"
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
x-varnish
726345528 313317233, 1070536395
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR376EQ5C9RS90jE84toW0dAhJ,ZUT6NeJ/NsDmQ9DMGnwT1DZe7saXJrqXI/cbJwRhqu4MWYddTfCMDD8HSURQA7Jw
thunderbolt-commons.f07ad842.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-commons.f07ad842.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
5d8529196164ae83d61fedbacfe281477f3b9509ad35f85c9063d1e880d6ccec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5JiHZ4JfnU4A1NXv.UbDRTF86FmERITn
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Tue, 07 May 2024 11:39:33 GMT
x-gcp-cdn-pop
AMS-cba56054
age
566228
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26739
x-wix-request-id
1715081973.44083366740792036538
last-modified
Tue, 07 May 2024 11:24:16 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"d4d374f72618f0f8ce931b8a0e68262e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
316964745 310597688
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1
main.ceaab929.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		199 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/main.ceaab929.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
728d4a2107fb55b1f4d260fadad9ed5487f3cc10e3d75cb42695d4b0f509699e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
OBTDGk8e2Fg1kousb7Kva97OGYlDQ9bb
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 09 May 2024 11:10:45 GMT
x-gcp-cdn-pop
AMS-cba56054
age
395156
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55051
x-wix-request-id
1715253045.3841141326665142036534
last-modified
Thu, 09 May 2024 08:30:13 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"2882a6de6ea338d91e965344a6805bb2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
698291463 663325633
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
main.renderer.1d21f023.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		166 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/main.renderer.1d21f023.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
226680fb3c87df3d0b412f199089f4022314de5b6809ad148b460340b8bb70b9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jVVb8.X9MAsT9YnyXiUo0WidkwqSf_uN
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
date
Fri, 10 May 2024 14:46:39 GMT
age
295802
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
x-wix-request-id
1715352399.1441234640753281872839
last-modified
Wed, 08 May 2024 19:39:57 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
"7276034de396f62e15b7cc118d61c360"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
467352004 210323034
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc/V2kPxJZPbYObVQrbu3zhQeGdLDLXwpLd0CTVHPbfOd
lodash.min.js
static.parastorage.com/unpkg/lodash@4.17.21/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/lodash@4.17.21/lodash.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 02:32:14 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
685467
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25102
x-wix-request-id
1714962734.83260548639841872840
last-modified
Wed, 01 May 2024 16:29:07 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"9becc40fb1d85d21d0ca38e2f7069511"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
683263800 366896542
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
react.production.min.js
static.parastorage.com/unpkg/react@18.2.0/umd/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/react@18.2.0/umd/react.production.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 02:31:58 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-5232d789
age
685483
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4111
x-wix-request-id
1714962718.319621793945181737046
last-modified
Sat, 04 May 2024 01:45:11 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"d86dcdbfed4c273c4742744941259902"
access-control-max-age
3000
access-control-allow-methods
GET,GET, OPTIONS, POST
x-varnish
1011166236 768964744
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1
react-dom.production.min.js
static.parastorage.com/unpkg/react-dom@18.2.0/umd/ 		129 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/react-dom@18.2.0/umd/react-dom.production.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 00:38:29 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-5232d789
age
692292
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40789
x-wix-request-id
1714955909.72662924756862224744
last-modified
Fri, 03 May 2024 02:23:53 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"64141792105ea4861f9f33294d65ab81"
access-control-max-age
3000
access-control-allow-methods
GET,GET, OPTIONS, POST
x-varnish
45159072 1056874591
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd
siteTags.bundle.min.js
static.parastorage.com/services/tag-manager-client/1.827.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/tag-manager-client/1.827.0/siteTags.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
86e9b3587c8419756abe19dac3aa42a054d28b11f56d27912acfb2053781df82

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
x8S3djfKGKU12oNJLLPX_mInfKaFhg6j
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 06 May 2024 02:32:14 GMT
x-gcp-cdn-pop
AMS-cba56054
age
685467
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2890
x-wix-request-id
1714962734.87663206739512036540
last-modified
Wed, 14 Feb 2024 15:52:53 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"a76f370ea20b812382ebe915671e3e24"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
563989779 499798267
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
wix-perf-measure.umd.min.js
static.parastorage.com/services/wix-perf-measure/1.1095.0/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-perf-measure/1.1095.0/wix-perf-measure.umd.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
d0e6054d7b47b8de059e88c419a16a3e745e038b05b75af9d57c2e8593bd1d78

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
d_65nj5pIwn6CoD0aRGfXMjjwX8shxmq
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 06 May 2024 02:32:14 GMT
x-gcp-cdn-pop
AMS-cba56054
age
685467
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
hit
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11261
x-wix-request-id
1714962734.83363200602672036533
last-modified
Mon, 02 Oct 2023 07:39:57 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
W/"5e646fa090a760653cfa56c727bb5a13"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1010280739 769919784
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1
b645b0_fee1343aa126e572af59637bc1b73c9d.html
www-sadepatisserie-com.filesusr.com/html/ Frame 7691 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www-sadepatisserie-com.filesusr.com/html/b645b0_fee1343aa126e572af59637bc1b73c9d.html
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8a00:0:7dcd:9780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3073284
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=15552000, immutable
content-length
962
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 11:15:17 GMT
etag
"fee1343aa126e572af59637bc1b73c9d"
expires
Mon, 08 Apr 2024 12:15:17 GMT
last-modified
Wed, 01 Mar 2023 10:33:11 GMT
server
openresty/1.21.4.1
timing-allow-origin
*
via
1.1 google, 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
x-amz-cf-id
AtCUNQF8RCbpB7sk88hszTTXnkssjjnLekGlsmP2RfgrSOJTAYgnCw==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
x-seen-by
gcp.us-central-1.media-router-6fb99f9c5-h6nq6
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/raleway/v26/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/raleway/v26/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:46:31 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
2135410
x-cache-status
HIT
x-cache
hit
x-envoy-upstream-service-time
121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42336
x-wix-request-id
1713512791.7893640542416121105747
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
271624955 100041676
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1
0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ZJhEgw5338rDGW18OcyggGHIv4bi5qCO
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
date
Wed, 24 Apr 2024 05:09:46 GMT
age
1712815
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17216
x-wix-request-id
1713935386.0914328683322191182825
last-modified
Tue, 17 Apr 2018 11:11:01 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
"ef4257ccfa0fce4d914b23a28aa6fdf4-1"
access-control-max-age
3000
access-control-allow-methods
GET,GET, OPTIONS, POST
x-varnish
302729429 3014759
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
3c5beda8-45cc-4f76-abca-8eccfeb6220c.woff2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/3c5beda8-45cc-4f76-abca-8eccfeb6220c.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
6e6f337413b44c01fee1c784c594d050a845e8711a4d336b70d5bd18843a6f15

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BepBj8oblz.BZIQ0I0_5sCEbnkn7gp1.
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
date
Sun, 21 Apr 2024 14:25:45 GMT
age
1938656
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66360
x-wix-request-id
1713709545.293390889556421021446
last-modified
Tue, 17 Apr 2018 11:10:54 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
"6902f5e9f502da5fec65e0be8572aedd-1"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
611777517 455075408
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
6aey4Ky-Vb8Ew8IROpI43XnS.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/forum/v10/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/forum/v10/6aey4Ky-Vb8Ew8IROpI43XnS.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
273c7f94bc4710ef23bb03636727c7dbf2fbedcf5a1fa397d75c53ca1ee1077d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 14:18:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
1939064
x-cache-status
HIT
x-cache
hit
x-envoy-upstream-service-time
97
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13632
x-wix-request-id
1713709137.2923752873267191035930
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
578947635 362056350
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd
1Ptug8zYS_SKggPNyCMIT4ttDfCmxA.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/raleway/v26/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/raleway/v26/1Ptug8zYS_SKggPNyCMIT4ttDfCmxA.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
71b127cc16a7cf00290350c2cf3387744e3081b55c1dacee1f1c5e5e81378731

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 19:15:06 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
1921295
x-cache-status
HIT
x-cache
hit
x-envoy-upstream-service-time
109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25548
x-wix-request-id
1713726906.8663784621211101035932
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
642719703 994392843
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVcxXCkSrKbVttFv2SShbFg6m8ZDY613cHYLbuhNMgAom1
file.woff2
static.wixstatic.com/ufonts/b645b0_987873ca7a07461aa441c70b104e26de/woff2/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wixstatic.com/ufonts/b645b0_987873ca7a07461aa441c70b104e26de/woff2/file.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
3a889dbc5d22e05a64ea3a3314a7fc67847b734bc079dd2753bb60d4009a9a95

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-seen-by
gcp.us-central-1.media-router-6fb99f9c5-b65cv
date
Tue, 19 Mar 2024 15:05:00 GMT
via
1.1 google, 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
age
4787501
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16852
last-modified
Tue, 31 Mar 2020 08:16:28 GMT
server
openresty/1.21.4.1
etag
"9ca3a2c5ad7e2ba09cfa69d4e062247f"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hKG_NMWmGnswVqxJC3Zct692WMxSRUphkA6aflHcof3jknHkd2i4Wg==
expires
Tue, 19 Mar 2024 15:05:00 GMT
6aey4Ky-Vb8Ew8IfOpI43XnSBTM.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/forum/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/forum/v10/6aey4Ky-Vb8Ew8IfOpI43XnSBTM.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
c6179473f21d328f2cc345eff24524d058491d9db1f9881c2d45ffcb5426f2b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 21:06:26 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
1914615
x-cache-status
HIT
x-cache
hit
x-envoy-upstream-service-time
236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9764
x-wix-request-id
1713733586.6993795643786241035937
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
41585080 1006120102
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc1tQmS28JMtgHj+uYScAmBW8ZDY613cHYLbuhNMgAom1
/
apps.wixrestaurants.com/ Frame FE91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.wixrestaurants.com/?type=wixmenus.client&pageId=y7mdl&compId=TPASection_k8pkxkx8&viewerCompId=TPASection_k8pkxkx8&siteRevision=2&viewMode=site&deviceType=desktop&locale=tr&tz=Europe%2FIstanbul&regionalLanguage=tr&width=1594&height=3294&instance=Bk-hKJeMqR37dCPhibc1s1ezqpjrZsWCaojNaXgkhT0.eyJpbnN0YW5jZUlkIjoiZjA4ODg1MjctYjAyNS00ODhmLTg4ZTEtZmQ4NzExYjAzNWVmIiwiYXBwRGVmSWQiOiIxM2MxNDAyYy0yN2YyLWQ0YWItNzQ2My1lZTdjODllMDc1NzgiLCJtZXRhU2l0ZUlkIjoiNDZmZTFkMTMtYWYwYi00ZTYyLWFjZTAtYmMyZTJiODgyMDc3Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTEzVDA2OjE3OjEzLjMxNVoiLCJ2ZW5kb3JQcm9kdWN0SWQiOiJyZXN0X3BybyIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiOTY4ODBkM2QtYWIyYS00YzE3LTgzMTItZjM3M2QwNjExZDBjIiwiYmlUb2tlbiI6ImI2NzY5ODM0LTFmMmUtMDZlZC0yNDAxLTQxYTkzYTM4MTU5OCIsInNpdGVPd25lcklkIjoiYjY0NWIwMGYtZGUwOS00MDYzLTk0NmQtOTUzNmUzMjIzMmJkIn0&currency=TRY&currentCurrency=TRY&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3Anull%2C%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%2C%22BSI%22%3Anull%7D&currentRoute=.%2F&target=_top&section-url=https%3A%2F%2F1win.sicklier.com%2Fnelerimiz-var%2F&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=99b5f516-af75-416f-86e5-90f539d3e471
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Cache-Control, Content-Language, Content-Type, Last-Modified, Expires, Pragma, X-Requested-With, Accept-Encoding, x-xsrf-token
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
31536000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 00:56:42 GMT
etag
W/"1a3b4c-BJwBV+k+qDCDZqMnlF41Sw"
vary
Accept-Encoding
via
1.1 google
x-powered-by
Express
x-request-id
ceedf7b5-2071-4805-b145-76b6b2b54773
index
engage.wixapps.net/chat-widget-server/renderChatWidget/ Frame B629 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?pageId=masterPage&compId=comp-jr0r6dn9&viewerCompId=comp-jr0r6dn9&siteRevision=2&viewMode=site&deviceType=desktop&locale=tr&tz=Europe%2FIstanbul&regionalLanguage=tr&width=0&height=0&instance=29S-GQbR6wKGs_IJuVcFtE8drVrR7tgKOE86NopnS04.eyJpbnN0YW5jZUlkIjoiNTkzODExYTEtOTc5NC00NjgxLTlkYzYtOWRkNWRkNDdjZGI0IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiNDZmZTFkMTMtYWYwYi00ZTYyLWFjZTAtYmMyZTJiODgyMDc3Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTEzVDA2OjE3OjEzLjMxNVoiLCJkZW1vTW9kZSI6ZmFsc2UsIm9yaWdpbkluc3RhbmNlSWQiOiJlZTkzZTQ0ZC0yMjc4LTQzN2QtYmI0Ni1iNmI3ODBiNjk1YzYiLCJhaWQiOiI5Njg4MGQzZC1hYjJhLTRjMTctODMxMi1mMzczZDA2MTFkMGMiLCJiaVRva2VuIjoiMWZjNjBjYjItMzg5Zi0wOGUzLTMxMjYtMjFmYmY2Y2ZlZGMzIiwic2l0ZU93bmVySWQiOiJiNjQ1YjAwZi1kZTA5LTQwNjMtOTQ2ZC05NTM2ZTMyMjMyYmQifQ&currency=TRY&currentCurrency=TRY&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3Anull%2C%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%2C%22BSI%22%3Anull%7D&currentRoute=.%2F&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=99b5f516-af75-416f-86e5-90f539d3e471
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.206.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
255.206.149.34.bc.googleusercontent.com
Software
Pepyaka /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 00:56:41 GMT
etag
W/"5eb6-64x/EDj3CcK8oiNWkBf4KqojT5M"
glb-x-seen-by
wMMTADooq5AJ3cFomJ/MuXOQWGce7NCZXKms1ErOpBs=
pragma
no-cache
server
Pepyaka
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-recruiting
Want to build world class business chat product that's used by millions of users? Join our AMAZING team! Visit us at https://www.wix.com/jobs/search?val=crm
x-seen-by
REmTqJKTo7BM/eF7JdTbUrxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLpVzD+l333M6lfGKaM9eV4iWWveFEnegpnkLxzZh8fhS,qYxvFa0bBL43z6b6TutC4aPYZmjjoFKvr33I+ybmtyCqIXnHwzry/fRu1OrE4paFud1KYtqXLEJZTkwRXMQePw==,r6yY0ta7bIKrqK70x072lVyUwC6JL0xypy5xDeflzcE=,Odrt8F1EDvjOxRVUPESA54LRG8vOkd41yWAAQwLPBlQtiauyuE2CoTApiLwoqVEox19QBqln6ZKrM6Z7qJM6+A==,ha2BjfnpoaWsa89DnyiXUHFCTT2qBbA1smt5STLTn5E=,ha2BjfnpoaWsa89DnyiXUG2/tD5SrROv+71NVJC5DxE=,Tj5BxVkCjhX6S7vFNevVZY8T4V4rjNgLatucz7q8RD8Ny1dYt75FVuSyzm8TQfi4QQSH157uI+S42amlqBb5P1iB5QmpRe2J37zq9nDD6cs=,mvxQ9qSAmY38asKjFCcmG/R3hT9DhbpyYnKoJtulyPbinD9gixhwGuzj3g8u6OVk2hGm3C7YgS9hnCV6MF7Z8R9slopJdhD+WySraMrpIY8=,ha2BjfnpoaWsa89DnyiXULBjE9Vv7WNRYZjxlk9bEm5YgeUJqUXtid+86vZww+nL,ha2BjfnpoaWsa89DnyiXUKDbO2pWQaXRtaARKBkocgMI41TNktt7GlLc8RlpQX3q,LlHHrtdZwfqSTe7u8ayFI5IT474+17kOf88nhtPpHnmVQl6/JnOoZBMblGHRSWMHHoczVOuAuB/1u7DyQK2n7RZR38rKovk+jJlpOQ2/wHw=,ha2BjfnpoaWsa89DnyiXUCW5vgBFu/G76yBXiDHxk6ZYgeUJqUXtid+86vZww+nL,54sIEWKMiveDgi8EJdej70IlciC47jf1QEfQ6pZlmvY/fN8eJlx2Bw7j9BFI4mjpBFhVPaaDZWdtYLwlD+I0rw==,ha2BjfnpoaWsa89DnyiXUFkMHCxo60LIymPjmfZU9fhYgeUJqUXtid+86vZww+nL,54sIEWKMiveDgi8EJdej77sTX94LlVBhsQ8cKJ9FMeelDnpc+oS2PuE1UBcC3UJ/4FY6IF0N07wiMH5daUCcbA==,ha2BjfnpoaWsa89DnyiXUGQB2ljHkRFivIBmcc/sQdaLL1EM3nTI0Ni4xGOkWCVG,VP8XL+khWGqSTwVfJtEDU4b5Nr5tBI4V/dK21aYuajUPtfaiPOXWHXUZ0VQ2o2lUnwfRa2fyq+LL1lKR1bRPzg==,ha2BjfnpoaWsa89DnyiXUJJRbCsCJLAq/oiBf8rZZFSIuY4EIlf0/A+rQUU1+Hlz,NrLb3i/xpYXJ2OAS5Ls5Wg/GAvRSw5FLDyq1aXfo6LOB6RitwoO4Urk8QQcEvg4TKFbul3uq6LeQufjc1HmZ+SzcDZJAcOsgCi4ImAIrEIg=,ha2BjfnpoaWsa89DnyiXUHZPL3e3avde9bRH3FjW80FYgeUJqUXtid+86vZww+nL,xyDs8lRxScsatwnhQNE9m1+MiBXHTcaaYn1RbQ24+kx6EbSyNX4StbFJ332fQ7rD+sOPjjS4zT84gvJyJEkQvQ==,ha2BjfnpoaWsa89DnyiXUKWivXjWlf2kqUMAEQEBvIpYgeUJqUXtid+86vZww+nL,tznMqpp3e1oucszW+OT1FESyXQvs+xS8UC7ISeYwao+Gua1E+B4ZSv13cqm5cV2jHoczVOuAuB/1u7DyQK2n7c+7nGXMV47+sZ7/LeQi/v0=,J1YhAWlcwZX0sh0bHV0MaGerxxuqOGjzEvNGZg/iVFQ=
x-wix-request-id
1715648201.59461713561889818586
dispatcher.html
ding.wix.com/asdk/ Frame F192 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ding.wix.com/asdk/dispatcher.html?pageId=masterPage&compId=tpaWorker_2095&viewerCompId=tpaWorker_2095&siteRevision=2&viewMode=site&deviceType=desktop&locale=tr&tz=Europe%2FIstanbul&regionalLanguage=tr&endpointType=worker&instance=-sHHAq-2F8ZYcNyhBPrDwk-w6WJyu6kJ_FLIvd2G5sg.eyJpbnN0YW5jZUlkIjoiMjk4ZWVkYjUtZjA1MC00ZGFmLWFkOTItMmMwMGRmYjU4YjlhIiwiYXBwRGVmSWQiOiIxM2U4ZDAzNi01NTE2LTYxMDQtYjQ1Ni1jODQ2NmRiMzk1NDIiLCJtZXRhU2l0ZUlkIjoiNDZmZTFkMTMtYWYwYi00ZTYyLWFjZTAtYmMyZTJiODgyMDc3Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTEzVDA2OjE3OjEzLjMxNVoiLCJ2ZW5kb3JQcm9kdWN0SWQiOiJyZXN0X3BybyIsImRlbW9Nb2RlIjpmYWxzZSwib3JpZ2luSW5zdGFuY2VJZCI6IjhlMThhNjk0LTUxZjktNDcxOS1iYjZhLTViNmEwNjY2MzJlOSIsImFpZCI6Ijk2ODgwZDNkLWFiMmEtNGMxNy04MzEyLWYzNzNkMDYxMWQwYyIsImJpVG9rZW4iOiI2ZjcwZjBhNi01ZjViLTAzY2QtMDE3Mi05MDJlZjQzZGFiZWQiLCJzaXRlT3duZXJJZCI6ImI2NDViMDBmLWRlMDktNDA2My05NDZkLTk1MzZlMzIyMzJiZCJ9&currency=TRY&currentCurrency=TRY&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3Anull%2C%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%2C%22BSI%22%3Anull%7D&currentRoute=.%2F&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=99b5f516-af75-416f-86e5-90f539d3e471
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.15.163.138 , United States, ASN58182 (WIX_COM, IL),
Reverse DNS
unalocated.163.wixsite.com
Software
Pepyaka/1.19.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=120 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache
content-length
281
content-type
text/html;charset=utf-8
date
Tue, 14 May 2024 00:56:41 GMT
server
Pepyaka/1.19.10
strict-transport-security
max-age=120 ; includeSubDomains
x-content-type-options
nosniff
x-seen-by
wmgbEcS9zOENaefw7bU4YRPnIabCQWJW461ERvTuE+U=,yI4PPEXc3bvXNWfpzSkUarxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLvuBOHNZffAxbwTL99txlorJftmKrOReD3ukbbas4YDo,++r5XCRb/6cYf+PEtyYPdOlb6Onf3nwTgiZ855ExMf6KVSLb1yy2VnCXysV/KbIBbtCzSoTiAGqjPwOOKPehWA==,RE3zeycImnB0BocjhRAQoaXhVyuOdM3Wc1DlEMZ//VM=,Dyf7cwm9MRPORTJ3K6U85IN+DaUkJP6Rw8ajcHqefVI=,9a/WyoAUtNgHtENJ2vGqlhovbY8rxGhSLcQIZYhoM8vsrr3u4BrLTvXfTpwaNg1MLvGXwDz7dfvlLWP/OZ6arg==
x-wix-request-id
1715648201.58056618882117304
cartwidgetPopup
ecom.wixapps.net/storefront/ Frame E946 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ecom.wixapps.net/storefront/cartwidgetPopup?pageId=y7mdl&compId=tpapopup-1715581035793_rtby_comp-k8ihiolt&viewerCompId=tpapopup-1715581035793_rtby_comp-k8ihiolt&siteRevision=2&viewMode=site&deviceType=desktop&locale=tr&tz=Europe%2FIstanbul&regionalLanguage=tr&width=34&height=40&isInPopup=true&origCompId=comp-k8ihiolt&instance=DU21WoP9RFM-z3WgmAQRuXItKTC32S_M4s5kDzcqCX8.eyJpbnN0YW5jZUlkIjoiNjAyOTZiNGMtZGUzNi00NDgwLWIxOTUtNmI2ZTBjOTQ5M2ZmIiwiYXBwRGVmSWQiOiIxMzgwYjcwMy1jZTgxLWZmMDUtZjExNS0zOTU3MWQ5NGRmY2QiLCJtZXRhU2l0ZUlkIjoiNDZmZTFkMTMtYWYwYi00ZTYyLWFjZTAtYmMyZTJiODgyMDc3Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTEzVDA2OjE3OjEzLjMxNVoiLCJ2ZW5kb3JQcm9kdWN0SWQiOiJzdG9yZXNfc2lsdmVyIiwiZGVtb01vZGUiOmZhbHNlLCJhaWQiOiI5Njg4MGQzZC1hYjJhLTRjMTctODMxMi1mMzczZDA2MTFkMGMiLCJiaVRva2VuIjoiMjZkNzc2NWYtNzEzZC0wYWUyLTFkNzUtZDc0MDI3MWNiMzg4Iiwic2l0ZU93bmVySWQiOiJiNjQ1YjAwZi1kZTA5LTQwNjMtOTQ2ZC05NTM2ZTMyMjMyYmQifQ&currency=TRY&currentCurrency=TRY&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3Anull%2C%22siteRevision%22%3A%222%22%2C%22branchId%22%3A%226fb8c632-6772-4084-9ee4-21b9168e5365%22%2C%22BSI%22%3Anull%7D&currentRoute=.%2F&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=99b5f516-af75-416f-86e5-90f539d3e471
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.206.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
255.206.149.34.bc.googleusercontent.com
Software
Pepyaka /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 14 May 2024 00:56:41 GMT
glb-x-seen-by
wMMTADooq5AJ3cFomJ/MuXOQWGce7NCZXKms1ErOpBs=
server
Pepyaka
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-seen-by
W1c2/pqHBqplxcWufHCkILxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLjZOEqMmz/G4vNEAxC2PllCWWveFEnegpnkLxzZh8fhS,qYxvFa0bBL43z6b6TutC4XWl+xoXVd3i0N6GuJ0c/mKqIXnHwzry/fRu1OrE4paFNiiJFFtm9u9Ipt5eFpgsfQ==,r6yY0ta7bIKrqK70x072leNKJwoMV94H/RNCTpq2TmM=,ha2BjfnpoaWsa89DnyiXUEpWERHDvPtBMfqUVSFAuRoqMJYpql10WU4QQPFwajBr
x-wix-request-id
1715648201.595617150731981746
DtVjJx26TKEr37c9aBVJn3YO5gg.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/sarabun/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/sarabun/v8/DtVjJx26TKEr37c9aBVJn3YO5gg.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
47b62f883121ee8d0accfd0cb69f2d3ba6ba0ee29c10c49565dca72bf52cd210

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 15:23:35 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
1935186
x-cache-status
HIT
x-cache
hit
x-envoy-upstream-service-time
163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10412
x-wix-request-id
1713713015.271397848440711182824
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
621943048 529487425
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
DtVjJx26TKEr37c9aBtJn3YO5gjupg.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/sarabun/v8/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/sarabun/v8/DtVjJx26TKEr37c9aBtJn3YO5gjupg.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
c212e028c5b170b65a5117be2908eaf40534adffd0d46420830d8d25e16f3ab9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:55:34 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
age
1861267
x-cache-status
HIT
x-cache
hit
x-envoy-upstream-service-time
211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8832
x-wix-request-id
1713786934.969409394179081182823
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
server
Pepyaka/1.21.6
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
869363533 586628226
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1
AvenirLTW05-35Light.woff2
static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/fonts/Avenir_Family_Pack/v1/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/fonts/Avenir_Family_Pack/v1/AvenirLTW05-35Light.woff2
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.229.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.229.49.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
8f0df435bfdc31c4ae406019c9d872754028b5ecb2125dc9322890f42af1a308

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Origin
https://1win.sicklier.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5gDO2e1MScBABnXoDejVaW1AFh11iwu3
via
1.1 varnish (Varnish/6.0), 1.1 google
x-gcp-cdn-pop
AMS-cba56054
date
Fri, 19 Apr 2024 07:33:27 GMT
age
2136194
x-cache-status
HIT
x-cache
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24560
x-wix-request-id
1713512007.0713457236768321035932
last-modified
Fri, 22 Jul 2022 10:32:30 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=
etag
"cfd0e9c0e3047cda5f6ddd9948b5a59f-1"
access-control-max-age
3000
access-control-allow-methods
GET,GET, OPTIONS, POST
x-varnish
957459531 651677937
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa8a111d012ecb365aae3aefe58a59f41c2dd0a6b64c69c5f5b059409d15ad87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
clientWorker.08daff62.bundle.min.js
1win.sicklier.com/_partials/wix-thunderbolt/dist/ 		0
19 B 		Other
General
Check archive.org
Download Go to
Full URL
https://1win.sicklier.com/_partials/wix-thunderbolt/dist/clientWorker.08daff62.bundle.min.js
Requested by
Host: 1win.sicklier.com
URL: https://1win.sicklier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.180.158.159 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1win.sicklier.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:56:41 GMT
cache-control
max-age=0
referrer-policy
same-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
/
sentry-next.wixpress.com/api/68/store/ 		198 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry-next.wixpress.com/api/68/store/?sentry_key=605a7baede844d278b89dc95ae0a9123&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.18.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.214.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-214-168.compute-1.amazonaws.com
Software
nginx/1.13.7 /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://1win.sicklier.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 May 2024 00:56:41 GMT
server
nginx/1.13.7
vary
Origin
content-type
application/json
access-control-allow-origin
https://1win.sicklier.com
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
content-length
198
x-sentry-rate-limits
53:default;error;security:key:key_quota
retry-after
53
/
sentry-next.wixpress.com/api/68/store/ 		198 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry-next.wixpress.com/api/68/store/?sentry_key=605a7baede844d278b89dc95ae0a9123&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.18.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.214.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-214-168.compute-1.amazonaws.com
Software
nginx/1.13.7 /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://1win.sicklier.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 May 2024 00:56:41 GMT
server
nginx/1.13.7
vary
Origin
content-type
application/json
access-control-allow-origin
https://1win.sicklier.com
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
content-length
198
x-sentry-rate-limits
53:default;error;security:key:key_quota
retry-after
53
b645b0_9eeb6a4ca5cf48988796a1b359b69681%7Emv2.jpeg
static.wixstatic.com/media/b645b0_9eeb6a4ca5cf48988796a1b359b69681%7Emv2.jpeg/v1/fill/w_32%2Ch_32%2Clg_1%2Cusm_0.66_1.00_0.01/ 		898 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.wixstatic.com/media/b645b0_9eeb6a4ca5cf48988796a1b359b69681%7Emv2.jpeg/v1/fill/w_32%2Ch_32%2Clg_1%2Cusm_0.66_1.00_0.01/b645b0_9eeb6a4ca5cf48988796a1b359b69681%7Emv2.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8c00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
fe047e79bad65198994acaf48e9aaf73003c899b6736969ac78c6215eee892c4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-seen-by
image-manipulator-57dfff6f95-hqrkn
date
Sat, 11 May 2024 05:12:19 GMT
via
1.1 google, 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
FRA6-C1
age
243864
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
XzY10b6LvhOIMD25Bc3GQVLh65Dy99TfQpfKQOlPaaK8XLdx00AGNw==
content-length
898
wix-tracer
2gJ8V18otTRB4W0bFgFGNp7M1rU

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| Sentry object| __SENTRY__ object| initialTimestamps string| thunderboltTag string| thunderboltVersion object| fedops object| viewerModel function| fetchDynamicModel object| commonConfig object| fastdom object| rb_wixui.thunderbolt[SkipToContentButton] function| requirejs function| require function| define boolean| bodyCacheable object| exclusionReason object| ssrInfo object| webpackJsonp__wix_thunderbolt_app object| customElementNamespace object| wixCustomElements object| __imageClientApi__ function| resolveExternalsRegistryPromise function| resolveExternalsRegistryModule object| externalsRegistry object| ReactDOM object| reactDOMReference object| React object| reactReference object| reactAndReactDOMLoaded function| _addWindowMessageHandler boolean| clientSideRender string| firstPageId object| webpackJsonp__wix_cookie_consent_banner_for_uou function| _

5 Cookies

Domain/Path Name / Value
.wix.com/ Name: XSRF-TOKEN
Value: 1715648201|yElfin9DyGql
ding.wix.com/ Name: TS01e85bed
Value: 01d72e6d16e56410340a91d71d96f1fc164f97d09bb1e980e8b4473da0d8c97f53b6768f7f53058498b80bf7160d5977be9b44f34e
.wix.com/ Name: TS01de44c0
Value: 01d72e6d16e56410340a91d71d96f1fc164f97d09bb1e980e8b4473da0d8c97f53b6768f7f53058498b80bf7160d5977be9b44f34e
.ecom.wixapps.net/ Name: XSRF-TOKEN
Value: 1715648201|_oEDPd3f4qnn
.engage.wixapps.net/ Name: XSRF-TOKEN
Value: 1715648202|EbCJDQeBwpzL

32 Console Messages

Source Level URL
Text
other warning URL: https://1win.sicklier.com/(Line 971)
Message:
Unrecognized feature: 'vr'.
network error URL: https://1win.sicklier.com/_partials/wix-thunderbolt/dist/clientWorker.08daff62.bundle.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://sentry-next.wixpress.com/api/68/store/?sentry_key=605a7baede844d278b89dc95ae0a9123&sentry_version=7
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://sentry-next.wixpress.com/api/68/store/?sentry_key=605a7baede844d278b89dc95ae0a9123&sentry_version=7
Message:
Failed to load resource: the server responded with a status of 429 ()
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1win.sicklier.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win.sicklier.com
apps.wixrestaurants.com
browser.sentry-cdn.com
ding.wix.com
ecom.wixapps.net
engage.wixapps.net
sentry-next.wixpress.com
siteassets.parastorage.com
static.parastorage.com
static.wixstatic.com
www-sadepatisserie-com.filesusr.com
199.15.163.138
2600:9000:2057:8c00:1e:5c56:d400:93a1
2600:9000:2490:8a00:0:7dcd:9780:93a1
2a00:1450:4001:81c::2013
2a04:4e42:600::729
34.149.206.255
34.49.229.81
38.180.158.159
52.203.214.168
99.86.4.79
0050eddcfd9a23f9c1f9ed662dc2572845b5a2f8c0f189066ef60e37e218c514
0b5116cdaf54fc80a3b104ef58fd869f9b16b3f73af139909b0d3f7dd03afdc3
0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3
143f73d141379120b0883a3d90c60e3f2c314c8e2112cc6000e597cff123d802
1a493aa7478f138d1d1433e17ea9eccafeb7775ca7530c8a800a35a9c04d4d95
1a5a9f61774bd61206633b6ff75a52eff57ae90942a73cfb1fad47c88c533cab
1cf39746811d5fc2cc1dfedba896db63c645c212a602d42561c444fb1387a27a
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
224983af34f9bc6d11a5e58a4ee31ab334d6fac994436fd9197fab420edcb1da
226680fb3c87df3d0b412f199089f4022314de5b6809ad148b460340b8bb70b9
273c7f94bc4710ef23bb03636727c7dbf2fbedcf5a1fa397d75c53ca1ee1077d
278140dc2893aafb59b8cfb8af43780dd69a2e83bc0592985ce90adef41fc501
383a059190ebd0df27a579ff105625a45d17cda747180831abfa7fad7d61b592
3a889dbc5d22e05a64ea3a3314a7fc67847b734bc079dd2753bb60d4009a9a95
47b62f883121ee8d0accfd0cb69f2d3ba6ba0ee29c10c49565dca72bf52cd210
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4bdf2e1f58bc7dbd5d5c91f8e3d4c280ec6f53a1ad0a5aa7f0318876177796f1
5d8529196164ae83d61fedbacfe281477f3b9509ad35f85c9063d1e880d6ccec
63f71023f3b6b9f39f7133f47c40bac372024142a124856036eb4fdc44e7364f
6e6f337413b44c01fee1c784c594d050a845e8711a4d336b70d5bd18843a6f15
71b127cc16a7cf00290350c2cf3387744e3081b55c1dacee1f1c5e5e81378731
728d4a2107fb55b1f4d260fadad9ed5487f3cc10e3d75cb42695d4b0f509699e
79dd94ed6ecbfe9301e3788b071edecad1d73f3d39b307e3f8dcdc1c3614146b
7d83f84a2df9ac06f62cf9be8b95c878d64a107062e1eb8f63cd9c568a5fd336
7d96130cedd2650a4c9db3aa1cc2148963cc3b90fb6a1ea6c25c5d4a0cd8bb5e
86e9b3587c8419756abe19dac3aa42a054d28b11f56d27912acfb2053781df82
8a6e2a7100360bdbe196260f2c6ab949ea90733cee71a83b790a511f04484bfa
8f0df435bfdc31c4ae406019c9d872754028b5ecb2125dc9322890f42af1a308
a0fa83f0a2a5fd73e9ce5d7f9c22a23bc19c80fc7af5ec65b304481bcfb8986c
a690ebd83235d5406b137b2082f75153338c9b84446e19a5645d0eb0effec4e4
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
ab4a32fd00a897169d17644838cf3e34123a60495b1d7623777b7d65e4321a32
afaf0e77cc1610dc85d9fc4ad092654d885183d172691f0cf9358448329da327
b28c6f459147477fadb4d7865c042c18ad2d595db5e5bb94c8595e4c78706298
b307573c0406ba22f89c31a59de65399559aa896686952cdab3308d60ca5e1b3
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bec0809b652c90b6b0f2d2ed5e42ffdf1cee66ba99f9a485bc7090b89abbc785
c212e028c5b170b65a5117be2908eaf40534adffd0d46420830d8d25e16f3ab9
c6179473f21d328f2cc345eff24524d058491d9db1f9881c2d45ffcb5426f2b4
c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55
d0e6054d7b47b8de059e88c419a16a3e745e038b05b75af9d57c2e8593bd1d78
d300b005d41348ba3c0ae4e264b68fc956018f09b523193d27ce39401e55cc54
d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8
da0971e3fa55251074c4d58a9e7bc669683217da11cfe08a3a57cc47d02b60fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5368a57478721fabb95245e909f60af3eb3ae04b9309c0bb9c6b2bafbfeba40
e8cffee0f9f2e9a03e3069e5cf0d3f49faa4603db5a87ca1cf51e14308cc4f13
f17611d1a10edf6221f2017f265414707bca9d25a48ea914af0e4d55de346d48
f1e43a908abc45d504866af363f70868fcafc37af47114b95f2dd0e0f9b6def7
fa8a111d012ecb365aae3aefe58a59f41c2dd0a6b64c69c5f5b059409d15ad87
fc282ceb777458c14cd5a30ca54a0ba2b409136658b467c25bf929c185ad68f4
fe047e79bad65198994acaf48e9aaf73003c899b6736969ac78c6215eee892c4