one-win.in Open in urlscan Pro
2606:4700:3034::6815:380b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://one-win.in/
Effective URL:
https://one-win.in/
Submission Tags: @phish_report
Submission: On December 13 via api (December 13th 2023, 1:15:53 am UTC) from FI — Scanned from NZ

Summary HTTP 65 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 17 domains to perform 65 HTTP transactions. The main IP is 2606:4700:3034::6815:380b, located in United States and belongs to CLOUDFLARENET, US. The main domain is one-win.in.
TLS certificate: Issued by GTS CA 1P5 on October 21st 2023. Valid for: 3 months.

This is the only time one-win.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:afac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:303... 2606:4700:3034::6815:380b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:303... 2606:4700:3036::6815:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.147.197.96 45.147.197.96	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	2606:4700:303... 2606:4700:3031::6815:4b40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.233.15.5 193.233.15.5	42745 (SAFEVALUE-AS) (SAFEVALUE-AS)
1	2606:4700:303... 2606:4700:3037::6815:a4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:88d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:1e5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:935c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2404:6800:400... 2404:6800:4006:80a::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4006:814::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:814::2006	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:814::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:812::2016	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:811::2001	15169 (GOOGLE) (GOOGLE)
65	19

1 2606:4700:3034::ac43:afac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

one-win.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:3034::6815:380b (United States)

ASN13335 (CLOUDFLARENET, US)

one-win.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

1-win.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.147.197.96 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: 1winb.ru

1winaz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:4b40 (United States)

ASN13335 (CLOUDFLARENET, US)

1win-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.233.15.5 (Russian Federation)

ASN42745 (SAFEVALUE-AS, SC)

1win-bet.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:a4f (United States)

ASN13335 (CLOUDFLARENET, US)

1-winuz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:88d1 (United States)

ASN13335 (CLOUDFLARENET, US)

1win-pl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:1e5a (United States)

ASN13335 (CLOUDFLARENET, US)

1win-tr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:935c (United States)

ASN13335 (CLOUDFLARENET, US)

1winkz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4006:80a::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:814::2002 (Sydney, Australia) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::2006 (Sydney, Australia)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:80a::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::2004 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:812::2016 (Sydney, Australia)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:811::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	one-win.in 1 redirects one-win.in	1 MB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	967 KB
7	w.org s.w.org — Cisco Umbrella Rank: 3043	6 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	40 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	1 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	1-win.es 1-win.es	29 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	28 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	1winkz.com 1winkz.com	2 KB
1	1win-tr.net 1win-tr.net	2 KB
1	1win-pl.com 1win-pl.com	1 KB
1	1-winuz.com 1-winuz.com	2 KB
1	1win-bet.com.br 1win-bet.com.br	2 KB
1	1win-it.com 1win-it.com	2 KB
1	1winaz.com 1winaz.com	21 KB
65	17

	Domain	Requested by
28	one-win.in	1 redirects one-win.in
7	www.youtube.com	one-win.in www.youtube.com
7	s.w.org	one-win.in
4	jnn-pa.googleapis.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	1-win.es	one-win.in
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	1winkz.com	one-win.in
1	1win-tr.net	one-win.in
1	1win-pl.com	one-win.in
1	1-winuz.com	one-win.in
1	1win-bet.com.br	one-win.in
1	1win-it.com	one-win.in
1	1winaz.com	one-win.in
65	18

This site contains links to these domains. Also see Links.

Domain
activityedu.ru
visitkyiv.com.ua
1-win.es
1win-fr.com
1winaz.com
1win-it.com
1win-bet.com.br
1-winuz.com
1win-pl.com
1win-tr.net
1winkz.com

Subject Issuer	Validity	Valid
one-win.in GTS CA 1P5	`2023-10-21` - `2024-01-19`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
1-win.es E1	`2023-11-04` - `2024-02-02`	3 months	crt.sh
1winaz.com R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
1win-it.com GTS CA 1P5	`2023-12-09` - `2024-03-08`	3 months	crt.sh
1win-bet.com.br R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-26`	a year	crt.sh
1win-pl.com GTS CA 1P5	`2023-10-22` - `2024-01-20`	3 months	crt.sh
1win-tr.net E1	`2023-12-10` - `2024-03-09`	3 months	crt.sh
1winkz.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://one-win.in/
Frame ID: 6D169E6246A8C4E2A627A5E3DFE9A49C
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jRj4ctKIHjc
Frame ID: 928967A0256E181FBB015B287D0F546D
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1WIN 🎰 Betting and Casino official online website ᐈ Registration Bonus ₹75000

Page URL History Show full URLs

http://one-win.in/ HTTP 301
https://one-win.in/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Basket

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Wink (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:_base/js/base|wink).*\.js

Page Statistics

65
Requests

92 %
HTTPS

84 %
IPv6

17
Domains

18
Subdomains

19
IPs

4
Countries

2322 kB
Transfer

4832 kB
Size

4
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://activityedu.ru/
Title: 1WIN Россия

Search URL Search Domain Scan URL

URL: https://visitkyiv.com.ua/
Title: 1WIN Україна

Search URL Search Domain Scan URL

URL: https://1-win.es/
Title: 1WIN España

Search URL Search Domain Scan URL

URL: https://1win-fr.com/
Title: 1WIN France

Search URL Search Domain Scan URL

URL: https://1winaz.com/
Title: 1WIN Azərbaycan

Search URL Search Domain Scan URL

URL: https://1win-it.com/
Title: 1WIN Italy

Search URL Search Domain Scan URL

URL: https://1win-bet.com.br/
Title: 1WIN Brasil

Search URL Search Domain Scan URL

URL: https://1-winuz.com/
Title: 1WIN O'zbekiston

Search URL Search Domain Scan URL

URL: https://1win-pl.com/
Title: 1WIN Polska

Search URL Search Domain Scan URL

URL: https://1win-tr.net/
Title: 1WIN Türkiye

Search URL Search Domain Scan URL

URL: https://1winkz.com/
Title: 1WIN Қазақстан

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://one-win.in/ HTTP 301
https://one-win.in/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://one-win.in/engine/classes/min/index.php?charset=utf-8&f=engine/editor/css/default.css&v=26 HTTP 0
http://one-win.in/?charset=utf-8&f=engine/editor/css/default.css&v=26

Request Chain 2

https://one-win.in/engine/classes/min/index.php?charset=utf-8&g=general&v=26 HTTP 0
http://one-win.in/?charset=utf-8&g=general&v=26

Request Chain 3

https://one-win.in/engine/classes/min/index.php?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26 HTTP 0
http://one-win.in/?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26

Request Chain 54

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

65 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
one-win.in/
Redirect Chain

http://one-win.in/
https://one-win.in/

86 KB
18 KB

1304ms
1224ms

Document
text/html

2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

027dece1dedf1c96f34ce54433bc08ccf537e2ae099f865d02bb064e31a474a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 834a5b90cd9950c5-AKL
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 01:15:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpgR187uzwl0XieHw%2B0fNR2GDZZdPsQd4EJxSUdxrxoD63pEy98mSQeyCUYtfnIgXeSINL6wlWpyKdC0xe4z%2BR4yhMcUd%2BkP0g7vS3omBRX4ohHtoetJBGXIC%2Bx2eEada6iM48rgShHd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.6.40

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 834a5b8bede77256-AKL
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 13 Dec 2023 01:15:44 GMT
Location: https://one-win.in/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofHDC0ToMm3wwJJPzr1Of63BBswpZn1knt4avzB1qhqLIBR28ZJYRh2UICQ%2BNwm%2BBme9cp8Tpsv%2Bg9IeYS0sy2T5ggOI4wlzERun2vc9FPSekWtE7qGVeZLsEmCRRd0Oro%2B%2FF7x0fBWL"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET index.php
one-win.in/engine/classes/min/ 0
0

GET

/
one-win.in/
Redirect Chain

https://one-win.in/engine/classes/min/index.php?charset=utf-8&f=engine/editor/css/default.css&v=26
http://one-win.in/?charset=utf-8&f=engine/editor/css/default.css&v=26

0
0

GET

/
one-win.in/
Redirect Chain

https://one-win.in/engine/classes/min/index.php?charset=utf-8&g=general&v=26
http://one-win.in/?charset=utf-8&g=general&v=26

0
0

GET

/
one-win.in/
Redirect Chain

https://one-win.in/engine/classes/min/index.php?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26
http://one-win.in/?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26

0
0

GET
H2 200 engine.css
one-win.in/templates/Red/css/ 59 KB
23 KB 1562ms
1560ms Stylesheet
text/css 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/css/engine.css

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

943af0ef87a2dcc449d195254c7dcb2bbfd270e3dd11ae8310f2dcad1d49646a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:46 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ed35-5f443f6831ab5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zM844xTIl2deuScpfJ5G4%2BnNzThRyM2LT0nMUaUhIVnIrsPyE1Zy6tl%2FASsPvyQzxhpUWpwAIfAofGNdSDz9%2BpFVySy%2Ba9GNOhNev9QB6%2BFM8SkQLzx0u%2F35hoCoC5E1TWfud1d2eDmK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 834a5b988b8150c5-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.css
one-win.in/templates/Red/css/ 59 KB
13 KB 932ms
930ms Stylesheet
text/css 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/css/styles.css

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a098f9759e4c5523b6e8e1097729744a217510b73470072f2b7a2f51005574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:46 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"eb9d-5f443f6831ab5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSUYnoZNx59zEQJ6ryR6qQTOhfgSI5RL5s070N5S1DYGxldS2YobKyaeSHKdowqVj6%2BPHUCznwqMCwK8sGN%2FzKZrfsH5SUQBU%2Fss8rMBLlf3wo%2FNSlsNjNVcHLGUjQtieVpz83%2FV3xyu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 834a5b988b8550c5-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 font.css
one-win.in/templates/Red/fonts/ 2 KB
544 B 943ms
942ms Stylesheet
text/css 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/fonts/font.css

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428e5ab72bba707703166878ea9a2008be0ed4d89bf0602f17612cef2f0a3c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:46 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"694-5f443f6846e8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juBWs6MnQTO%2FU3Oc9E72NOasWAVmz9pyxIjcV5jO7kHQZRrCIvHWoxthKgKvBJOBq6JFD7Khp44XAHhwhmmUqU7wO06A6M0iSIu8HHbqNGTMQS6LVXqY38EwaNhCBbgArRNCicqdnF1n"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 834a5b988b8750c5-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo1.png
one-win.in/templates/Red/images/ 14 KB
15 KB 1011ms
1009ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/logo1.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e802074f521bef709e7fc0b1e2f141832316c0e67d8278ec31ee38ad1ddc585f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:46 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "392d-5f443f683266d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3L7PNtsxRQfR8iLkxdNa5TgksEv4hmwFharcWBK0bQUl7t9J2lRW3fPyMUoeI7K1Fvw2Sd14v1Pmy5W0rB038h3pOrBN8e2lCblKvxX6kCTIn6L5ilD%2FcVlgmtoaRIygAt7%2BxxBsgHw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b988b9050c5-AKL
alt-svc: h3=":443"; ma=86400
content-length: 14637

GET
H2 200 1f3b0.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
899 B 211ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f3b0.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

87eea51e11f1301207f08c548815bf770dfdf6f48ab6177095d2a4c2a74fb4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Wed, 13 Dec 2023 01:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2757.svg
s.w.org/images/core/emoji/14.0.0/svg/ 231 B
541 B 69ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2757.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e2e68e97593beb78225af7f9edc7624c19cd84ebfeb07dcbc4b06fb9f49d0526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Wed, 13 Dec 2023 01:15:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2696.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
857 B 69ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2696.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

12a52e8b4b0dfe911d87a2ecf7da2f1e64236430ee2e17b8f25a64a1e1a512a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Wed, 13 Dec 2023 01:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f91d.svg
s.w.org/images/core/emoji/14.0.0/svg/ 3 KB
1 KB 69ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f91d.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41fabf139814bb8c223b4b2c45187ad55c92515cc4c63659deaaf7f8775e4a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Wed, 13 Dec 2023 01:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 23f3.svg
s.w.org/images/core/emoji/14.0.0/svg/ 548 B
596 B 165ms
161ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/23f3.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2a7a5ec4c9338fb81c3ea9026463b56c4efda965b915d30341944691f0023370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Wed, 13 Dec 2023 01:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f3f3.svg
s.w.org/images/core/emoji/14.0.0/svg/ 997 B
714 B 166ms
161ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f3f3.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e5f1c198a1fda0174af0620a13dac9c73fb44849c9ffd1320ffdba3984178986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Wed, 13 Dec 2023 01:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f198.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
781 B 166ms
161ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f198.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

8ff03fd944d242f544d320b8427a94006d55cd8ed015786c0e4b6cf099a12f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Wed, 13 Dec 2023 01:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1628698060_bonuses-and-loyalty.jpg
one-win.in/uploads/posts/2021-08/medium/ 57 KB
57 KB 1538ms
1533ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628698060_bonuses-and-loyalty.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c390a9c13d4d49df5d0cc703284e856f2ae0c89e0e4bd7758c66415ac7303ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e3c5-5f443f68aa06f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEGau7x1B7TWo5Z65sRu0jinvkjs0MT%2BSc%2F0Q6b6n8HK85y8SwrAo4IAwIyHTj3U7BY6jIQTWrgR%2FF9RvFRqk18faSofviWWlsbPqXjDpRtLJi6ezrUp0YuzAhGbziOstrFwDJ2gVzcx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b9eaab81c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 58309

GET
H3 200 1628697488_complete-registration.jpg
one-win.in/uploads/posts/2021-08/medium/ 83 KB
84 KB 1642ms
1638ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628697488_complete-registration.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f49de01c31e6f61bc046690f830238485de89653b8225327457fb69da9bc12df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "14c60-5f443f68a7d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP%2FIlLJIZV2MvSt8VGgtRq6nXSrlZWoNMwZGnOLkGYGwddjhqD3%2FhvYWCmkImKv3CQZfSgYeDz1WhJodFiPDENdv3FgWtJU2MuCcbFvMSANMZjS1eCAFvy9P7yXuz64PlPRESgWNeY1a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b9eaaba1c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 85088

GET
H3 200 1628697314_download-application.png
one-win.in/uploads/posts/2021-08/medium/ 141 KB
141 KB 1669ms
1665ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628697314_download-application.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2416d0e716f332126a402ba9ae028da7b40b110752c7d95c3762630c99dc653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "23325-5f443f68a7d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oOGTmTvDC6fmiyk90I2gnvVqqVJdAHqUpJZZlHfY3SJJLObGeSbfj%2F1A6vKECKvpWeqTXaG23O4J4N9zJ%2BCafTq0hzYMTSGS9qAEa2bt1CnvseUlBtr5o8wyzzA2yHzc5YgR1RCiqk%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b9eaabd1c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 144165

GET
H3 200 1628697261_1win-main-page.jpg
one-win.in/uploads/posts/2021-08/medium/ 86 KB
87 KB 1573ms
1569ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628697261_1win-main-page.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88d2d786c15264587f527b067e334465febd01327e66190839533340624dbcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "15924-5f443f68a7960"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47OzDOpf0fIkc4Ats2oVFrxFT1iuRUxFMy7A0nF15p9HM7%2BCsxRwcESSWepJ%2BiQ2abq4PNdCb3FXVe%2BU8D%2FKPyw2P0MSyKl%2FUacXBClVKz3CRDVVuScJnHA0et9AHqvNnYVSg5c50OHZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b9eaac01c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 88356

GET
H3 200 1628697049_casino.jpg
one-win.in/uploads/posts/2021-08/medium/ 100 KB
100 KB 1574ms
1570ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628697049_casino.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c87900417b85a75688d9477306f3917a414f95e7c6be9cb3b26fb28a95dc95fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "18fd8-5f443f68a7578"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgJw%2Fz87LhwfGCZu8Yq26qcRXdHxTRzWHXJoxZn9bSaPUxO4dgI6RbHLKxh5nF%2FksuhyomFZ0ocHJeGtZb4Abi5X2fN83Sm4JitJPhp3SvIapOG5gHLUCC%2BzL1XbN8NJu%2FNyrvwK4D4%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b9eaac11c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 102360

GET
H3 200 1574107825_kaper.jpg
one-win.in/uploads/posts/2019-11/ 81 KB
82 KB 1593ms
1589ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2019-11/1574107825_kaper.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c0804c5085dde1f4bbadbc0e6266b9d34e057aa0f6a8ee9b0bac02df0f32be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "145c7-5f443f685ed58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov1%2FPJNr%2Fi5XVWlm%2F%2BbawHm85qbhLAXzXYipMngSAxREQAOsPX1UyOJ5zGEnuvz6Bn4NHa%2BpVWYBXYUOvbHtXmf8BH4UoWLrg7bNtWWHx1mUJ3to0XTVJbBnd4LGrcF0M24jm9PFMt9h"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b9eaac21c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 83399

GET
H3 200 1628696899_odds.png
one-win.in/uploads/posts/2021-08/medium/ 329 KB
329 KB 1638ms
1633ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628696899_odds.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801b9d74938e5978883d16550e8dca65fdc65fa4ab62da036d32ed5ea683e6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "523bf-5f443f68a7190"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qN1GNlzpHW65OOCFEsqxHRDUmkx0vEfIaSx8o7Ihq4Wh3Ee%2FZt2NSyBRYOmht3iF%2BAnfb25Y%2BIhf6TuR4Uy4qSbQaWpRcVq7WJbfSM2qVGXNpjwyjAaf%2BUyJOZP3xDXLePgQA2dFbiuU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b9eaac41c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 336831

GET
H3 200 1628695838_types-of-bets.jpg
one-win.in/uploads/posts/2021-08/medium/ 91 KB
91 KB 979ms
975ms Image
image/jpeg 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/uploads/posts/2021-08/medium/1628695838_types-of-bets.jpg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0908a00905c6bb685cd6b03f8c920044f2ac1a01f16578296b18c467aa9f7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "16b5a-5f443f68a69c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUfszHg4%2BaduAoUdzgwRtRMrZOEUhqlaytIPRKaNjxec5AdH8suOitPqqajSdj%2BMUlJRINm2b%2Bf9nfvWKhhv5w9mt7H74jN2s701amg6DkruppYsP5o3zVlP346Q7oenD6YGO0%2BJ%2Fo9U"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5b9eaac91c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 93018

GET
H3 200 email-decode.min.js Show response
one-win.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 38ms
38ms Script
application/javascript 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6569f5f8-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXQkUQyCMKSQA5IY7EugUiOZCs8aZEwRLQ7fLPj0YPv4zBcY4%2B3cfe72NkSby0fJXx0vGiGYz1SndSQfOPE3yTremA7XXkARnPybTqBwTagv%2FmnZioGxBq0b7uRaerw3fk48s8IuDZ%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 834a5b9b2c751c5e-AKL
expires: Fri, 15 Dec 2023 01:15:45 GMT

GET
H3 200 ru_language.svg
one-win.in/templates/Red/images/ 926 B
959 B 1085ms
1081ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/ru_language.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f98019b7aee345b81a07cabfae056cbbda99fa46fc0fcc15e77fc6bc94b597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"39e-5f443f683842c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfZnwrqeyeabhINoEWle3sTEsTNRqCQ9P13IYUYTqvPp3SOOBcS06H%2FiyrQXTo0LtKZCXas4qMEszn%2Fzk0%2BR8JVEZ8BWXBR%2FEf8Kbirk%2Ba9uCjCXR9oK2ze8R113IY4K%2BEq0NxcleX9C"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 834a5b9eaaca1c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 uk_language.svg
one-win.in/templates/Red/images/ 678 B
828 B 967ms
963ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/uk_language.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcbd015c85ac3ffcb7ae7b9d7f7fb9824f77470f06d2b142a347a605c1f5ceaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a6-5f443f6838814"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ldpo6MxO59kmBwb4zqsepTPwoovsLSFw3%2FUcC6T4iz0%2B6FY0xGdJNJNhEN7RcTrUQ2Lzs3R1QCQ%2Bz1VTkDVHOF7PIZvY1rV4zgIHGrtYtQGMksCtQMGaCgXtts6W3ex%2Bx0vCKBMYvuIW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 834a5b9eaacc1c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 in_language.svg
one-win.in/templates/Red/images/ 7 KB
3 KB 1086ms
1081ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/in_language.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ba8eb0910ee1169898e0e7bbedd01118af84e5a25e5a9ed4aac6205962e9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b69-5f443f683842c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FXc%2Fls7AgoJqwA5xUZyydh5QZvQGinoJkZONajlt4qJVAPYVDBTLLcQr9a2z6DlHbglUmzlGGJ274HD0j9rZYKqC54%2B1nolr8UCqjLIsXynUiZcVOPQZq4On106m7IGybub7Z7HB7dj"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 834a5b9eaacf1c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 es_language.png
1-win.es/templates/Red/images/ 12 KB
13 KB 1074ms
978ms Image
image/png 2606:4700:3036::6815:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1-win.es/templates/Red/images/es_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
cf-cache-status: BYPASS
last-modified: Fri, 10 Sep 2021 10:56:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "613b39cd-3123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMV8sqdHWqIqFPy8oEwId7XNVcsLezO2KJAkoMLtJjYJJJWbehaeQccTgbp6iwNoXbxaoLcNrPl4t2ZMtxmVpmk7yYVxI0lCGtnVIsTVN%2BIGd5%2FwPwchFpvsRzSJO442pOTXkZoobg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 834a5b9f3bfd50aa-AKL
alt-svc: h3=":443"; ma=86400
content-length: 12579

GET
H2 200 fr_language.png
1-win.es/templates/Red/images/ 16 KB
16 KB 1313ms
1217ms Image
image/png 2606:4700:3036::6815:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1-win.es/templates/Red/images/fr_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
cf-cache-status: BYPASS
last-modified: Mon, 13 Dec 2021 17:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b780a4-401b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2B0Y%2BJEcRZbaKhZ7fcNqOAtsbzRFrY%2F%2Fg3z6EQ5ZxDJSgxR7MZAHGWyEdwvY%2FtpsQx%2BEwA4s8HUZFQ7eWGlTW6G46o0WSdGqcvIOFcbtn7nkaJzSc8CPOuO8mJXuoP1F71HEvWb8aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 834a5b9f3c0250aa-AKL
alt-svc: h3=":443"; ma=86400
content-length: 16411

GET
H2 200 az_language.png
1winaz.com/templates/Red/images/ 21 KB
21 KB 2096ms
1127ms Image
image/png 45.147.197.96
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1winaz.com/templates/Red/images/az_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.96 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 1winb.ru
Software: ddos-guard /
Resource Hash: 1ce963ca389462fe6f31b0e8ca39901e7517308518f841e16d57ea014cc52d29

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
last-modified: Thu, 16 Dec 2021 14:00:06 GMT
server: ddos-guard
accept-ranges: bytes
etag: "61bb4666-5494"
content-length: 21652
content-type: image/png

GET
H2 200 it_language.png
1win-it.com/templates/Red/images/ 969 B
2 KB 1276ms
957ms Image
image/png 2606:4700:3031::6815:4b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-it.com/templates/Red/images/it_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6cc412740f053235819c682454b1fa6ca2450b60998e9fe279542981bfe632a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
cf-cache-status: BYPASS
last-modified: Wed, 19 Jan 2022 16:28:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61e83c36-3c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aQuLurbOKsOQGyYfMenPl%2BzkySC8VinodP%2FeN9sa58ij7e%2BvGm8UruC7YJuFQhVCALZhxt%2FBUzEonx6s10trytN8i5ARbQgbKjMggBonvvUT8DoHecvepS49QSk6MYdrGd%2Ffwmmnq4DQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 834a5ba0bc84a817-SYD
alt-svc: h3=":443"; ma=86400
content-length: 969

GET
H2 200 br_language.png
1win-bet.com.br/templates/Red/images/ 1 KB
2 KB 3686ms
708ms Image
image/png 193.233.15.5
SAFEVALUE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-bet.com.br/templates/Red/images/br_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.233.15.5 , Russian Federation, ASN42745 (SAFEVALUE-AS, SC),
Reverse DNS
Software: nginx /
Resource Hash: c5432f0e90740abb8554bcb28c9fe4a163792f85cc977706f092feb4e5a1f1b5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:49 GMT
last-modified: Tue, 21 Jun 2022 10:06:06 GMT
server: nginx
accept-ranges: bytes
etag: "62b1980e-5f0"
content-length: 1520
content-type: image/png

GET
H2 200 uz_language.png
1-winuz.com/templates/Red/images/ 1 KB
2 KB 1184ms
947ms Image
image/png 2606:4700:3037::6815:a4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1-winuz.com/templates/Red/images/uz_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7215d44838c531a3c8ef5b279ced07a14d7c5fb8f2da0d454d646e6576252a54

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
cf-cache-status: BYPASS
last-modified: Tue, 29 Mar 2022 14:08:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624312ce-441"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYFmxHz%2FoikbsjOYVjhofQkTzf%2FcthQvYES3PI8GGzstB22PQn1DEh2Hvhd%2B6YuUsWbrxDncv%2FP7b71Tjs8sffrkp8SL6b5b7neNrPjoGeIY4eH6zBLi8aVJsfuBweiobmxC3C4HZ3y69A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 834a5ba02f53aaed-SYD
alt-svc: h3=":443"; ma=86400
content-length: 1089

GET
H2 200 pl_language.png
1win-pl.com/templates/Red/images/ 868 B
1 KB 1045ms
955ms Image
image/png 2606:4700:3035::ac43:88d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-pl.com/templates/Red/images/pl_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:88d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09b2539ecd69cd2e7def2d40d335e7645e2443083c0854d715a05974fc335a7b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
cf-cache-status: BYPASS
last-modified: Tue, 24 May 2022 12:17:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "628cccde-364"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2M7KPA9W3nn0GPHO92caaXx6%2B5SfZY8QtjQ6BPIUulg%2Fl6XFFVA9F6LtgJ%2F95mIyCqnkCoPRPLNPaFTdj4%2BCQhMyObtnoPOHOrhvXvARD%2BkrXAxEKAZPPuK6tah6nwGDcEwuXm7fN4PdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 834a5b9f3bf350aa-AKL
alt-svc: h3=":443"; ma=86400
content-length: 868

GET
H2 200 tr_language.png
1win-tr.net/templates/Red/images/ 1 KB
2 KB 1116ms
936ms Image
image/png 2606:4700:3030::6815:1e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-tr.net/templates/Red/images/tr_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 392ac239809c0d958800989e3bff5311fb1ad198fee5cb837f1bdff18f5a80b5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
cf-cache-status: BYPASS
last-modified: Tue, 24 May 2022 12:12:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "628ccbbd-4cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9V0QubxUhtEdBBPjVEIB3nYt4rpN48DvWqRA3XWR%2BZf2TgJ4zEEW9Qx%2FJCiajl9si8CR7%2F9J0XsoO38Ni%2FfcQpkpt%2BCNIHxnYWkDaKDqBqf5Oam3wU5zpqX8CfFMx2hE1aJolc5EUcG1Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 834a5b9fcd961c54-AKL
alt-svc: h3=":443"; ma=86400
content-length: 1229

GET
H2 200 kz_language.png
1winkz.com/templates/Red/images/ 2 KB
2 KB 1117ms
930ms Image
image/png 2606:4700:3030::ac43:935c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1winkz.com/templates/Red/images/kz_language.png
Requested by: Host: one-win.in
URL: https://one-win.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:935c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772d2de3f63e8199a32fd98df9c9ff67f42bd9de364d93bac3cc73336d6f841d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
cf-cache-status: BYPASS
last-modified: Tue, 23 Aug 2022 22:37:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "630556a9-792"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfFkj2PTjGVHZ%2FSrpCocv7%2BhQ7WsKpx9cmvmZBIfbgRqhrvQ1z1d4sh2t5xKQhz9s%2B4wteTGQbbPOlx52ad3XS3nYWqqvmoTYcihQKeMHjTKK0AsJ2QBULGgNB03%2BT6tgau8%2B7idP1z%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 834a5b9fc8ad1c5a-AKL
alt-svc: h3=":443"; ma=86400
content-length: 1938

GET
H3 200 lib.js Show response
one-win.in/templates/Red/js/ 10 KB
4 KB 928ms
928ms Script
application/javascript 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/js/lib.js

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

583707b59618d1e2736b0d34c36b6cd4e1fd0e3e9b5cb6d7081a279c829f6a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:46 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"27a2-5f443f68408fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53Lp8ySDPjqfRT45s4inI6qNaydx80tukujkOCSNttTFM3vzByJqH0rez5aqUpUJQMRYoqvndYjb2bQSasiHXbi%2B8t2bGpoAvHXZJih%2F6WWiKPj5M0zMK2qlke5qpHxIQYk3jxnF4w1N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 834a5b9b6ce91c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 svgxuse.min.js Show response
one-win.in/templates/Red/js/ 2 KB
1 KB 952ms
951ms Script
application/javascript 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one-win.in/templates/Red/js/svgxuse.min.js

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e98232b17afe22e277834d378523c76acb889f464a31d5595e03a821fcb6dae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"73c-5f443f68408fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8ya%2Bv4AnoV4U%2FsSC%2FmB1HhJqbHecgNDK2766XJMrbBYx3Z2Aa%2BTCLP36y0a7uSzYY9kCPvuVg10slaWLOgn1p52%2FyIYy7sMOahSaoni1Ia7P5xhQVBztdzBykqxoZ1xJDKiRrM%2BDPvq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 834a5b9e9aa81c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 jRj4ctKIHjc Show response
www.youtube.com/embed/ Frame 9289 90 KB
39 KB 830ms
363ms Document
text/html 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jRj4ctKIHjc

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb3714efd3a9c56872820b840503c97512d561f2f9fb1e273ad4db6f712eb7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-win.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:15:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bg.webp
one-win.in/templates/Red/images/ 81 KB
81 KB 1635ms
1635ms Image
image/webp 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/bg.webp

Requested by

Host: one-win.in
URL: https://one-win.in/templates/Red/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08cc9ee7c62f032f5e0d84b3a57b8fa6c4a95a06ef4cb7a97b11b704682d5908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/templates/Red/css/styles.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:48 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1420a-5f443f6839b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eie0oNGWPEQ1UQZaJ1f80oYQeulh8Ca0ETrSXLzH%2FXStSPr7hIf80XOljFRrV%2BXBPWTLcuqfWcG6u6gHq%2BBSUsE75HN6V8ozRx3QgAofLOj12B3WjjyQH%2FEhbG9%2FJp4uEeGNUuFkDsl8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5ba249161c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 82442

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3900b5971fa63da5abbbfaa7cf3dd2c80a286116463f2ca626fe4df2c18af942

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H3 404 /
one-win.in/templates/Red/images/promoblock/ 27 KB
27 KB 566ms
565ms Image
text/html 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

a7357c6a5ba7f6dab375b9eadab5038920c4b92544366536d47d305bf2c888bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:15:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKDfMp1lSoCGFW4wbr3k761Z%2Fjmt%2BoatRLPWrC%2FSY%2B18J58U22twHxhiqwVIzDCpIOEW13imptNUH3U7bica%2BASkjYS9z3%2BH9DlKY3tsCpWQCOp56KrTYD3Lq6H6xTEmgL1vFVkK9VOK"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 834a5ba249241c5e-AKL
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 home-coin1.d4c8e93a-105.png
one-win.in/templates/Red/images/promoblock/ 7 KB
7 KB 961ms
961ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/home-coin1.d4c8e93a-105.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c0894320dbd9a6b1b81551a4695808f4645a25f2f3f39eaa701ce12220a46d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1c1d-5f443f683e1eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmGYSVWmc3SxB48cWuDDW%2B2%2FvJtBtt0Jy7b5U9UsLDIEn9T9CTNTH0KlCDz1Mh5xH%2BRX8HQCGV%2BzxXx8dwKlw%2B71ABRe0mLniT0ZNB7c9mFKspdh%2BGeqvwF47qhvX03IM4SY2SDCbLB%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5ba279881c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 7197

GET
H3 200 home-coin2.46f26b73-95.png
one-win.in/templates/Red/images/promoblock/ 5 KB
5 KB 994ms
993ms Image
image/png 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/home-coin2.46f26b73-95.png

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6e0a8c491cbc5f563cdc974777d0b8b2ff8b6e3118ba52dbaf1a05e862825e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12c0-5f443f683e1eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2B6wcMNsF26imbDy8EK8fnqwln68XP10oYy%2BrAxjZw7aKvqMvjKI1qGNkI9pAvZpWjtax0Ha9jQ5tpD8day96w%2Fhunror6gL3CpG3ezvZ2Lb%2BI8meinens3bGRxyfl%2F1grx%2BUVSNedhq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a5ba279891c5e-AKL
alt-svc: h3=":443"; ma=86400
content-length: 4800

GET
H3 200 arrow.432a5f97.svg
one-win.in/templates/Red/images/promoblock/ 231 B
650 B 961ms
961ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/arrow.432a5f97.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3abc1eae93fc3a9676e3c7afc9b3cacb22f449c05cc36701219e9fa364def01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e7-5f443f683de03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ%2FpuMtfqsyuiiyij8WT6Zx1dUSF9jR5KNTuhpRRlqW%2FqhcfHOfBhMvHyrNlHF1aQt7diHmDDnV2saNXvV21C7DS4CnJyOytl1j4FGDA78yXuwW9M2gFC4Csh0WYW%2F0tnA48ADwayG7q"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 834a5ba2798a1c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 bottom.14decf5c.svg
one-win.in/templates/Red/images/promoblock/ 461 B
791 B 962ms
961ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/bottom.14decf5c.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5389dded398cc3a7556f05f42b9c6f19fa7b6dbcabf0457e222137c7caeac104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1cd-5f443f683de03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIWPhEt7XHjMJ16lduvIly9mkF9XRdb2QwfgSoMqXFciYVTu%2FjRTBP31pfxlH%2FJxqhse%2BNJDydY03uqtFkfn%2B5dBLG%2BKG2R2xuGf6%2B4V8LtoOgykO05qEmqO566owsmetgmtA0Vgc7A%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 834a5ba2798e1c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 gradient.69b8b4ad.svg
one-win.in/templates/Red/images/promoblock/ 970 B
995 B 962ms
961ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/gradient.69b8b4ad.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02cd0359ae57aea36e1a176bb722646c31ca84df3b6ce8b90d040c756c7cd798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3ca-5f443f683e1eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7%2F0ls7HTdnlkw5UvOI5xgLDrRsJRilCSZKHn%2BJgTrxJF%2FA%2FxwazZOV2rAwKbwCTzoBWPMv0Z0%2F8ueyof2XOMUGqEPkHNjBcxcX5BK1CE2cxKRkbVKD3KwrmzBKbbWvbLnnYmySaKjIU"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 834a5ba279911c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 200 arrow-yellow.1cc072c7.svg
one-win.in/templates/Red/images/promoblock/ 1 KB
990 B 962ms
962ms Image
image/svg+xml 2606:4700:3034::6815:380b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://one-win.in/templates/Red/images/promoblock/arrow-yellow.1cc072c7.svg

Requested by

Host: one-win.in
URL: https://one-win.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:380b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1dcb4cdf5b33c02d4b050a561c0a3ec763f864a121621326767b40f0621ea97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-win.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 13:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"404-5f443f683de03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLdyOQ0X1LS%2BoAulXEgRy4lrwVfc6hos0aEddQ5BxxpEOeVsbdqy4eQr0F20ePVq48Q1wLoNQ9oJhGFuei1Bd39codNjKQY9Ewh9a6W6ayXfeu9EQhwWgZJXKDgwgCbHUvmHPOQCK2e%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 834a5ba279921c5e-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 www-player.css
www.youtube.com/s/player/0d02ada0/ Frame 9289 365 KB
47 KB 222ms
221ms Stylesheet
text/css 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Dec 2023 08:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 08:24:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9289 10 KB
11 KB 678ms
213ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 08 Dec 2023 03:47:46 GMT
x-content-type-options: nosniff
age: 422881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10748
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 03:47:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9289 11 KB
11 KB 650ms
185ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Dec 2023 23:16:57 GMT
x-content-type-options: nosniff
age: 439130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10788
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:16:57 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/0d02ada0/player_ias.vflset/en_US/ Frame 9289 52 KB
16 KB 186ms
185ms Script
text/javascript 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48332e610b63233a2e51f23af73eb0804caf344914079ac70b2feeafd22a318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Dec 2023 08:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16614
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 08:29:53 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/ Frame 9289 322 KB
96 KB 223ms
223ms Script
text/javascript 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b62944ae46b000da9a535a63ae0072ec5fa688c15c5fb5aee2fc385dc1361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Dec 2023 08:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98651
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 08:24:47 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/0d02ada0/player_ias.vflset/en_US/ Frame 9289 2 MB
768 KB 292ms
292ms Script
text/javascript 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f6615b5ba1c477fc9bd3d5309e985a133275a8072025632f0a87c62c272d275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Dec 2023 08:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785520
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 08:26:45 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9289
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

281ms
281ms

XHR
application/json

2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44c25f6cdcbb7e85d29110bb0871ad8a0b8924cae791aacac205aa1a133ff4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 01:15:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9289 29 B
495 B 649ms
185ms Script
text/javascript 2404:6800:4006:814::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2006 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:09:31 GMT
x-content-type-options: nosniff
age: 377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 01:24:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 750ms
282ms Preflight
text/html 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 13 Dec 2023 01:15:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9289 87 KB
40 KB 289ms
288ms XHR
application/json+protobuf 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b29891c8dd6208850d641e12142f82b84482cb2879edbfc5a2e196364ed48e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: application/json+protobuf

Response headers

date: Wed, 13 Dec 2023 01:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40876
x-xss-protection: 0

GET
H2 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 9289 51 KB
20 KB 651ms
186ms Script
text/javascript 2404:6800:4006:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2004 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 12 Dec 2023 01:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 01:26:22 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/jRj4ctKIHjc/ Frame 9289 27 KB
28 KB 1147ms
683ms Image
image/jpeg 2404:6800:4006:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jRj4ctKIHjc/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2016 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2a3de04ddeb444f03fe8b3449c7743e3cd5ccc6b7a4284e25306df24af0e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27988
x-xss-protection: 0
server: sffe
etag: "1660305367"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 13 Dec 2023 03:15:49 GMT

GET
DATA 200
OK truncated
/ Frame 9289 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 tTaDBDwWahX27Cf_23g9Z-5uGAU0zBPZr4xF9Sw1TEE5An5pHmalzsPPbpGwy9S71YmJUoHAD-M=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 9289 3 KB
3 KB 986ms
523ms Image
image/jpeg 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/tTaDBDwWahX27Cf_23g9Z-5uGAU0zBPZr4xF9Sw1TEE5An5pHmalzsPPbpGwy9S71YmJUoHAD-M=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac6a52aa87188ecc54bde0c6e237703e834a843dd0fe0ba9b4fa8e66fdefc042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:49 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2827
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 14 Dec 2023 01:15:49 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9289 0
10 B 185ms
185ms Image
text/plain 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?K3GJpA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jRj4ctKIHjc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 01:15:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 278ms
278ms Preflight
text/html 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 13 Dec 2023 01:15:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9289 98 B
142 B 284ms
283ms XHR
application/json+protobuf 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abefa007e303fc469e187890c322d6e6f133067623307556b9dc0d1ba023f0f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: application/json+protobuf

Response headers

date: Wed, 13 Dec 2023 01:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9289 28 B
50 B 296ms
285ms XHR
application/json 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
X-Goog-Request-Time: 1702430151672
Content-Type: application/json
X-YouTube-Utc-Offset: 780
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jRj4ctKIHjc
X-YouTube-Client-Version: 1.20231210.00.00
X-YouTube-Time-Zone: Pacific/Auckland
X-Goog-Visitor-Id: CgtQMVAtTE9QSGF4YyjCi-SrBjIICgJOWhICGgA%3D
X-YouTube-Ad-Signals: dt=1702430147884&flash=0&frm=2&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 13 Dec 2023 01:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: one-win.in
URL: https://one-win.in/engine/classes/min/index.php

Domain: one-win.in
URL: http://one-win.in/?charset=utf-8&f=engine/editor/css/default.css&v=26

Domain: one-win.in
URL: http://one-win.in/?charset=utf-8&g=general&v=26

Domain: one-win.in
URL: http://one-win.in/?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.one-win.in/	1970-01-21 01:39:26	Name: __ddg1_ Value: aYVlJlLAvTKgHxcth1nP
one-win.in/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7lfdanl50jdspv7ades6eelde0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: sxpsGBBXeJo
.youtube.com/	1970-01-20 21:13:02	Name: VISITOR_INFO1_LIVE Value: P1P-LOPHaxc

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://one-win.in/ Message: Mixed Content: The page at 'https://one-win.in/' was loaded over HTTPS, but requested an insecure script 'http://one-win.in/?charset=utf-8&g=general&v=26'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://one-win.in/ Message: Mixed Content: The page at 'https://one-win.in/' was loaded over HTTPS, but requested an insecure stylesheet 'http://one-win.in/?charset=utf-8&f=engine/editor/css/default.css&v=26'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://one-win.in/ Message: Mixed Content: The page at 'https://one-win.in/' was loaded over HTTPS, but requested an insecure script 'http://one-win.in/?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js&v=26'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://one-win.in/templates/Red/images/promoblock/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1-win.es
1-winuz.com
1win-bet.com.br
1win-it.com
1win-pl.com
1win-tr.net
1winaz.com
1winkz.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
one-win.in
s.w.org
static.doubleclick.net
www.google.com
www.youtube.com
yt3.ggpht.com
one-win.in
192.0.77.48
193.233.15.5
2404:6800:4006:809::2003
2404:6800:4006:80a::200a
2404:6800:4006:80a::200e
2404:6800:4006:811::2001
2404:6800:4006:812::2016
2404:6800:4006:814::2002
2404:6800:4006:814::2004
2404:6800:4006:814::2006
2606:4700:3030::6815:1e5a
2606:4700:3030::ac43:935c
2606:4700:3031::6815:4b40
2606:4700:3034::6815:380b
2606:4700:3034::ac43:afac
2606:4700:3035::ac43:88d1
2606:4700:3036::6815:9d2
2606:4700:3037::6815:a4f
45.147.197.96
027dece1dedf1c96f34ce54433bc08ccf537e2ae099f865d02bb064e31a474a8
02cd0359ae57aea36e1a176bb722646c31ca84df3b6ce8b90d040c756c7cd798
05a098f9759e4c5523b6e8e1097729744a217510b73470072f2b7a2f51005574
08cc9ee7c62f032f5e0d84b3a57b8fa6c4a95a06ef4cb7a97b11b704682d5908
09b2539ecd69cd2e7def2d40d335e7645e2443083c0854d715a05974fc335a7b
0c0894320dbd9a6b1b81551a4695808f4645a25f2f3f39eaa701ce12220a46d4
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826
0f6615b5ba1c477fc9bd3d5309e985a133275a8072025632f0a87c62c272d275
12a52e8b4b0dfe911d87a2ecf7da2f1e64236430ee2e17b8f25a64a1e1a512a0
1ce963ca389462fe6f31b0e8ca39901e7517308518f841e16d57ea014cc52d29
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a7a5ec4c9338fb81c3ea9026463b56c4efda965b915d30341944691f0023370
3900b5971fa63da5abbbfaa7cf3dd2c80a286116463f2ca626fe4df2c18af942
392ac239809c0d958800989e3bff5311fb1ad198fee5cb837f1bdff18f5a80b5
39f98019b7aee345b81a07cabfae056cbbda99fa46fc0fcc15e77fc6bc94b597
3abc1eae93fc3a9676e3c7afc9b3cacb22f449c05cc36701219e9fa364def01c
3f2a3de04ddeb444f03fe8b3449c7743e3cd5ccc6b7a4284e25306df24af0e03
41fabf139814bb8c223b4b2c45187ad55c92515cc4c63659deaaf7f8775e4a0c
428e5ab72bba707703166878ea9a2008be0ed4d89bf0602f17612cef2f0a3c4f
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
44c25f6cdcbb7e85d29110bb0871ad8a0b8924cae791aacac205aa1a133ff4e5
48c0804c5085dde1f4bbadbc0e6266b9d34e057aa0f6a8ee9b0bac02df0f32be
5389dded398cc3a7556f05f42b9c6f19fa7b6dbcabf0457e222137c7caeac104
583707b59618d1e2736b0d34c36b6cd4e1fd0e3e9b5cb6d7081a279c829f6a5e
60ba8eb0910ee1169898e0e7bbedd01118af84e5a25e5a9ed4aac6205962e9a1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7215d44838c531a3c8ef5b279ced07a14d7c5fb8f2da0d454d646e6576252a54
772d2de3f63e8199a32fd98df9c9ff67f42bd9de364d93bac3cc73336d6f841d
7b6e0a8c491cbc5f563cdc974777d0b8b2ff8b6e3118ba52dbaf1a05e862825e
801b9d74938e5978883d16550e8dca65fdc65fa4ab62da036d32ed5ea683e6a7
87eea51e11f1301207f08c548815bf770dfdf6f48ab6177095d2a4c2a74fb4b7
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf
8ff03fd944d242f544d320b8427a94006d55cd8ed015786c0e4b6cf099a12f0c
943af0ef87a2dcc449d195254c7dcb2bbfd270e3dd11ae8310f2dcad1d49646a
a0908a00905c6bb685cd6b03f8c920044f2ac1a01f16578296b18c467aa9f7ec
a7357c6a5ba7f6dab375b9eadab5038920c4b92544366536d47d305bf2c888bd
abefa007e303fc469e187890c322d6e6f133067623307556b9dc0d1ba023f0f9
ac6a52aa87188ecc54bde0c6e237703e834a843dd0fe0ba9b4fa8e66fdefc042
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
b29891c8dd6208850d641e12142f82b84482cb2879edbfc5a2e196364ed48e55
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
bb3714efd3a9c56872820b840503c97512d561f2f9fb1e273ad4db6f712eb7dc
c390a9c13d4d49df5d0cc703284e856f2ae0c89e0e4bd7758c66415ac7303ef2
c5432f0e90740abb8554bcb28c9fe4a163792f85cc977706f092feb4e5a1f1b5
c61b62944ae46b000da9a535a63ae0072ec5fa688c15c5fb5aee2fc385dc1361
c87900417b85a75688d9477306f3917a414f95e7c6be9cb3b26fb28a95dc95fb
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
d1dcb4cdf5b33c02d4b050a561c0a3ec763f864a121621326767b40f0621ea97
d2416d0e716f332126a402ba9ae028da7b40b110752c7d95c3762630c99dc653
d48332e610b63233a2e51f23af73eb0804caf344914079ac70b2feeafd22a318
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d88d2d786c15264587f527b067e334465febd01327e66190839533340624dbcf
dcbd015c85ac3ffcb7ae7b9d7f7fb9824f77470f06d2b142a347a605c1f5ceaa
e2e68e97593beb78225af7f9edc7624c19cd84ebfeb07dcbc4b06fb9f49d0526
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f1c198a1fda0174af0620a13dac9c73fb44849c9ffd1320ffdba3984178986
e6cc412740f053235819c682454b1fa6ca2450b60998e9fe279542981bfe632a
e802074f521bef709e7fc0b1e2f141832316c0e67d8278ec31ee38ad1ddc585f
e98232b17afe22e277834d378523c76acb889f464a31d5595e03a821fcb6dae1
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f49de01c31e6f61bc046690f830238485de89653b8225327457fb69da9bc12df

one-win.in Open in urlscan Pro 2606:4700:3034::6815:380b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

92 %HTTPS

84 %IPv6

17 Domains

18 Subdomains

19 IPs

4 Countries

2322 kBTransfer

4832 kBSize

4 Cookies

11 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

one-win.in Open in urlscan Pro
2606:4700:3034::6815:380b Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

92 %
HTTPS

84 %
IPv6

17
Domains

18
Subdomains

19
IPs

4
Countries

2322 kB
Transfer

4832 kB
Size

4
Cookies

65 HTTP transactions
2 data transactions