Submitted URL: http://1wincasino.xyz/
Effective URL: https://1win-430.ru/
Submission: On November 17 via api from BY — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 15 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::ac43:b640, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-430.ru.
TLS certificate: Issued by E1 on October 1st 2023. Valid for: 3 months.
This is the only time 1win-430.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
16 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 9 2a02:6b8::1:119 208722 (GLOBAL_DC)
27 4
Apex Domain
Subdomains
Transfer
16 1win-430.ru
1win-430.ru
621 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8755
3 KB
4 gstatic.com
fonts.gstatic.com
51 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4034
70 KB
2 1wincasino10.top
1wincasino10.top
795 B
2 1wincasino9.top
1wincasino9.top
808 B
2 1wincasino8.top
1wincasino8.top
805 B
2 1wincasino7.top
1wincasino7.top
809 B
2 1wincasino6.top
1wincasino6.top
804 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 1wincasino5.top
1wincasino5.top
451 B
1 1wincasino4.top
1wincasino4.top
441 B
1 1wincasino3.top
1wincasino3.top
446 B
1 1wincasino1.top
1wincasino1.top
450 B
1 1wincasino.xyz
1wincasino.xyz
655 B
27 15
Domain Requested by
16 1win-430.ru 1win-430.ru
7 mc.yandex.com 2 redirects 1win-430.ru
mc.yandex.ru
4 fonts.gstatic.com fonts.googleapis.com
2 mc.yandex.ru 1 redirects 1win-430.ru
2 1wincasino10.top 2 redirects
2 1wincasino9.top 2 redirects
2 1wincasino8.top 2 redirects
2 1wincasino7.top 2 redirects
2 1wincasino6.top 2 redirects
1 fonts.googleapis.com 1win-430.ru
1 1wincasino5.top 1 redirects
1 1wincasino4.top 1 redirects
1 1wincasino3.top 1 redirects
1 1wincasino1.top 1 redirects
1 1wincasino.xyz 1 redirects
27 15

This site contains no links.

Subject Issuer Validity Valid
1win-430.ru
E1
2023-10-01 -
2023-12-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-08-14 -
2024-01-24
5 months crt.sh

This page contains 1 frames:

Primary Page: https://1win-430.ru/
Frame ID: 264F7789951A026356325924D4FBAE12
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

1WIN официальный сайт букмекерской конторы 1ВИН

Page URL History Show full URLs

  1. http://1wincasino.xyz/ HTTP 301
    https://1wincasino1.top/ HTTP 301
    https://1wincasino3.top/ HTTP 301
    https://1wincasino4.top/ HTTP 301
    https://1wincasino5.top/ HTTP 301
    https://1wincasino6.top/ HTTP 301
    https://1wincasino7.top/ HTTP 301
    https://1wincasino8.top/ HTTP 301
    https://1wincasino9.top/ HTTP 301
    https://1wincasino10.top/ HTTP 301
    https://1win-430.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

27
Requests

89 %
HTTPS

100 %
IPv6

15
Domains

15
Subdomains

4
IPs

3
Countries

745 kB
Transfer

1204 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1wincasino.xyz/ HTTP 301
    https://1wincasino1.top/ HTTP 301
    https://1wincasino3.top/ HTTP 301
    https://1wincasino4.top/ HTTP 301
    https://1wincasino5.top/ HTTP 301
    https://1wincasino6.top/ HTTP 301
    https://1wincasino7.top/ HTTP 301
    https://1wincasino8.top/ HTTP 301
    https://1wincasino9.top/ HTTP 301
    https://1wincasino10.top/ HTTP 301
    https://1win-430.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://1wincasino6.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1wincasino7.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1wincasino8.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1wincasino9.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1wincasino10.top/wp-content/uploads/2022/07/bggg.png HTTP 301
  • https://1win-430.ru/wp-content/uploads/2022/07/bggg.png
Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10189.wj8-pWcLvvY_UVPr-AErPBYHcPs4Isz87zu2swelZgfqDS5XNq137-orRGbk8VCi.HHStj4jmuiwBs-beY3AaPbaqDG8%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10189.Myl9HmAdrJX0spF0sbSsZMI4rzkqEJ0BqH-FK_IKKNGf0gW6aWHe1sg_h3Vu3PkUXeFR_nY5s8wFDKhJJ_4VIW2smJX4beNeeNXHGa4YW8BxBtbtn-rL7yDAfh4oiBM-XroQ6IIr33QmqUjal2a-w0yv0wx-Ivj1G3X-aL3rSLRj2LdcI0hNW5lT0ZMGpRMCNUSypK7GGYLMyJLg8rPTL8FdHRBQBm1gG0z09S1ADUI%2C.KUm-GFvhfpdicr4sWUIByVsPb9A%2C
Request Chain 23
  • https://mc.yandex.com/watch/94534150?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A9363%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A663859052200%3Ahid%3A174175039%3Az%3A60%3Ai%3A20231117010033%3Aet%3A1700179233%3Ac%3A1%3Arn%3A778094458%3Arqn%3A1%3Au%3A1700179233330982839%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C197%2C516%2C6%2C7665%2C0%2C%2C976%2C6%2C%2C%2C%2C9439%3Aco%3A0%3Acpf%3A1%3Ans%3A1700179223253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700179233%3At%3A1WIN%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%201%D0%92%D0%98%D0%9D&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/94534150/1?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A9363%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A663859052200%3Ahid%3A174175039%3Az%3A60%3Ai%3A20231117010033%3Aet%3A1700179233%3Ac%3A1%3Arn%3A778094458%3Arqn%3A1%3Au%3A1700179233330982839%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C197%2C516%2C6%2C7665%2C0%2C%2C976%2C6%2C%2C%2C%2C9439%3Aco%3A0%3Acpf%3A1%3Ans%3A1700179223253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700179233%3At%3A1WIN%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%201%D0%92%D0%98%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
1win-430.ru/
Redirect Chain
  • http://1wincasino.xyz/
  • https://1wincasino1.top/
  • https://1wincasino3.top/
  • https://1wincasino4.top/
  • https://1wincasino5.top/
  • https://1wincasino6.top/
  • https://1wincasino7.top/
  • https://1wincasino8.top/
  • https://1wincasino9.top/
  • https://1wincasino10.top/
  • https://1win-430.ru/
51 KB
13 KB
Document
General
Full URL
https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
761ce8eb29a745bb871ad1e4741d91dc644ed4adecb7bf34df7a989af0849f1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8273b1a33c9f81e5-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 00:00:31 GMT
link
<https://1win-430.ru/wp-json/>; rel="https://api.w.org/", <https://1win-430.ru/wp-json/wp/v2/pages/20>; rel="alternate"; type="application/json", <https://1win-430.ru/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCgr1MWyCfeiHiSmJk9lbzlDkJ%2FIlIn%2FRce4ihI5fmkVk%2BibTxwyN8kgE%2BtyDjtpwX5CIrbvGjGzrLHMnFNDvo%2FQxAWm21tLp%2BfUv0VwN9m%2B7oQ0Mt30ZdXNr9RFDHUBGoCqtuq5tNyg2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8273b1a0deb03623-FRA
content-type
text/html; charset=iso-8859-1
date
Fri, 17 Nov 2023 00:00:30 GMT
location
https://1win-430.ru/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBZDgbkOqUtDZaKt389y7GB469DA9EsDAz6BVQNDH8y%2FWxjMVt75UiXlgTzLQUmPrPA3jj%2Bq4eMKu3jvoLuHSjriXRAI%2BghAecavBqaikTHa8B1iWhKQYpLUy9kNUukBaUGwJNoaLBN13pQCYn2s"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.min.css
1win-430.ru/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
https://1win-430.ru/wp-includes/css/dist/block-library/style.min.css?ver=f1d3c45f27568959111ee293b37725be
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-17ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzxU69Hm0y56%2B2JNhgZZLes5zTOvBr9Dvkx73EGMR%2BinQ6wbUi5T%2FqLNu55UdRtr2QaPc83p42BGm%2FI8czD46NC33Et4i8vD8u19ZgV4jeEq%2Fk%2FIaHi8G3vKd3DuLy5xDLGExmtm6ayN8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8273b1a7099c81e5-IAD
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 Nov 2023 00:00:32 GMT
classic-themes.min.css
1win-430.ru/wp-includes/css/
291 B
563 B
Stylesheet
General
Full URL
https://1win-430.ru/wp-includes/css/classic-themes.min.css?ver=f1d3c45f27568959111ee293b37725be
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIrS23bDoHm0F4CWF7hnMIcr5iIbFs17koYla%2F3BCMbOGAcNtwlhHjc7O46ailcfPWg3g2lEg4H%2FtrYdUKNst5rguBlv2%2BrLWGJjmHeaXPyszuuwTRqw8yJWv%2Bn2vUsjbABkbHrv24pSaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8273b1a7099f81e5-IAD
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 Nov 2023 00:00:32 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd610a9d43528d79b2afe2cd7ae2fde0bef9ea4ffb66f36d24868cea612efed1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 00:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 00:00:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 00:00:31 GMT
style.min.css
1win-430.ru/wp-content/themes/root/css/
147 KB
29 KB
Stylesheet
General
Full URL
https://1win-430.ru/wp-content/themes/root/css/style.min.css?ver=2.4.1
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d562f64de28b3c975ada07a8ec399ba128df2ebb971289dea81a91b0ad17fb5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-24cc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZlG0xsRlWU1GgM%2FDBZZSGgBy20gMZy6jn9A0bDGIDl3geX63XwGGuYCP7PXlVxVUu2MOnCI8cK%2BPeIMSw%2FMFqj2zAiS6M6pKIC8O6xKXJQecPOGXADEZPcuHxkarAYUJJq5ERpEVWpIsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8273b1a719a181e5-IAD
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 Nov 2023 00:00:32 GMT
jquery.min.js
1win-430.ru/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://1win-430.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-15ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1ulf%2FASc9uKZzP2smHWJHpxJlgucazwh%2FgWF6xXIXDRosxU9MmJ4yljRc2Ct%2FRmAchPMfmtiP4kiSNEsvsNl8yQyBJ2CUqhatQPj1KVxG4D8Ysz4%2BkmiOcCqFRzGv6exrtEc34GnQjHiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8273b1a719a281e5-IAD
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 Nov 2023 00:00:32 GMT
jquery-migrate.min.js
1win-430.ru/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://1win-430.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-3470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnZSHDcO9UVNGkIcchExmIuLBOTaM6NmVb6UDEww3ao887jSk7USEwRGBDo2lDOdLoqy%2B3yntHHlkWUS0OMNAwhzkWmyLX3%2F3HneU0ocNp7Xzu201b%2BFgsL8dJmZFJSuS3xgzNLOHfW6Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8273b1a719a481e5-IAD
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 Nov 2023 00:00:32 GMT
1win-header.png
1win-430.ru/wp-content/uploads/2022/07/
36 KB
36 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/1win-header.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07f60e24e4361a59fb6467c72d0993c4bf1cf58261043fa2fe5ff85ff311383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-8eb8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dm2WuWHlEodexKBK8rMhb%2FDPdFRTx935CiPEW3VkdVbshYOgY7k9hmY5EAoWlzbswB%2B05kqQsKzG%2BUU8tjwD1IvAc32H13mU962gIysBwrq3Epm3B6loBAsewA7JDMOTVVU4awHFTTyu8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8273b1a719a681e5-IAD
alt-svc
h3=":443"; ma=86400
content-length
36536
expires
Sat, 18 Nov 2023 00:00:32 GMT
freespin-deposit.png
1win-430.ru/wp-content/uploads/2022/07/
117 KB
118 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/freespin-deposit.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4b36e5ce0c6a40bb316e63f0614ca9195f655381f16033a7ec10124a787afc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-1d4ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PRm8E4fUT3EroKugTiWovgvXNGJ7eICFa10E9hTtObUbko1nGKfS8GcBEsb191FdAO0O5ZTTYVAc0P6ZAWfqgQ15LDw%2BFwHhXkpDCf8wdq3Dmm1VtcoVcAo3ZV0RM%2BP7lwGU6oa2EnA2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8273b1a719a981e5-IAD
alt-svc
h3=":443"; ma=86400
content-length
120063
expires
Sat, 18 Nov 2023 00:00:32 GMT
lightbox.js
1win-430.ru/wp-content/themes/root/js/
3 KB
1 KB
Script
General
Full URL
https://1win-430.ru/wp-content/themes/root/js/lightbox.js?ver=2.4.1
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6689da9de439659c81141876190f91117e80885025c04d63ff41915efda4a6f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
27056
etag
W/"64ccc74d-a9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeWjzhtaMr%2B9Lsb9vryNJu23ZSomNNj8ffCd5AeZfgV61h%2BxhjeyhPBm5mu9AlN%2FiLzsD4OFvLKTzBW7CuZSRuhW3yeAoBhUOJpEJwXxYqzS76RcdS7Gey4fpW%2FsIIPeq8CSgUIEI5Tviw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8273b1ab8c16f11c-CDG
alt-svc
h3=":443"; ma=86400
expires
Fri, 17 Nov 2023 16:29:36 GMT
scripts.min.js
1win-430.ru/wp-content/themes/root/js/
7 KB
3 KB
Script
General
Full URL
https://1win-430.ru/wp-content/themes/root/js/scripts.min.js?ver=2.4.1
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8fef484ac8a107d5c1d4592fc8dbcdd63232b32794b86d33ed9a646ba8b0abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-1d19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaP3rNezIdKqeQ07W1BMfxKm1hUf55Rf5uIQ%2Bow%2FTWHX8Qzvl4PlUzNh2jbK4u9gwKAphAMtkD1taxd2N16lRp%2FtYsib%2B37NzRxsRHpKk4a2qmYmXXci%2BWCgyfKIzCA5yQLRJYUrVRBumQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8273b1ab9c28f11c-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 Nov 2023 00:00:32 GMT
wp-emoji-release.min.js
1win-430.ru/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://1win-430.ru/wp-includes/js/wp-emoji-release.min.js?ver=f1d3c45f27568959111ee293b37725be
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ccc74d-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VCwMagXsdAXJ9q3kxCA%2BEt3xaS%2BdCzQpJtu7cGiXt05uEmZ3dD%2F00DWpfFGQtjtw3Krt3m%2BJGKJM%2Fqtl4fhN9DSI6qV%2F4Hc2TkC7qEQUH67GHpXvX51RsIUGTuLT0PLehR8vTML1qlQKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8273b1ab9c29f11c-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 Nov 2023 00:00:32 GMT
bggg.png
1win-430.ru/wp-content/uploads/2022/07/
Redirect Chain
  • https://1wincasino6.top/wp-content/uploads/2022/07/bggg.png
  • https://1wincasino7.top/wp-content/uploads/2022/07/bggg.png
  • https://1wincasino8.top/wp-content/uploads/2022/07/bggg.png
  • https://1wincasino9.top/wp-content/uploads/2022/07/bggg.png
  • https://1wincasino10.top/wp-content/uploads/2022/07/bggg.png
  • https://1win-430.ru/wp-content/uploads/2022/07/bggg.png
4 KB
4 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/bggg.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac0d40d1bb25272ca52ef80b777b01675942d002c1cacfa5c7eeca0cab39a6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:33 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-fbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmHayRtJNK%2B0iF90zq06YklwcMw5OZnp%2FhsA8NT2NSewCwZ4s%2BsJsJJ6NqiBjlU1R80Vvz16XD9wOLR30Ssq3Xm0hi9N5QVI%2B%2FtzaAiBjLRkBpBdUV0a3nnn65KP%2FlB%2FIJpg%2FKch5scGrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8273b1adfd7af11c-CDG
alt-svc
h3=":443"; ma=86400
content-length
4029
expires
Sat, 18 Nov 2023 00:00:33 GMT

Redirect headers

date
Fri, 17 Nov 2023 00:00:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15ePvZVcANIYgmcntZCeorEhdKXeVacQfxR8YCgAG8tZoxpprBOf9VjDaWdGjJW%2FklGuxfh5nGdnOoyardwEvplXBx%2FQjsKrj32sRlrfSEBFJCiHDiHgwh3%2BEe%2FvMTXghfDV9qEIyUAdKSJfRkOT"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://1win-430.ru/wp-content/uploads/2022/07/bggg.png
cache-control
max-age=14400
cf-ray
8273b1ad9f1d3623-FRA
alt-svc
h3=":443"; ma=86400
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1win-430.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:05:38 GMT
x-content-type-options
nosniff
age
60894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 07:05:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1win-430.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:31:44 GMT
x-content-type-options
nosniff
age
329328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:31:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1win-430.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options
nosniff
age
261021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 23:30:11 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7COpen+Sans%3A400%2C400i%2C700&subset=cyrillic&ver=f1d3c45f27568959111ee293b37725be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1win-430.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:30:13 GMT
x-content-type-options
nosniff
age
34219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 14:30:13 GMT
w2-2.jpg
1win-430.ru/wp-content/uploads/2023/02/
117 KB
118 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2023/02/w2-2.jpg
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
486da58f25c9271f6ff7a2acb406c1aa30f373ee3555134bf2d8c6482231dff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-1d51a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3WdHZ9IOrJR4w0IrggeoLy0Q9%2B5b24f%2FZXXqIbws%2FEGxK3mGN6u%2B7MTYoHJkLoyl2sjTgaCViBelnjzTBAia6SN7Af2TmwR55rgnnkNkbDz8BZ0T7kS4A4In9O3zbHK6AMXWTdwVUT8uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8273b1abac30f11c-CDG
alt-svc
h3=":443"; ma=86400
content-length
120090
expires
Sat, 18 Nov 2023 00:00:32 GMT
1WINN2.jpg
1win-430.ru/wp-content/uploads/2023/02/
112 KB
112 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2023/02/1WINN2.jpg
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d84205aa1e8d9ae87bc8655bc354f796e58d92d05503603b48fbd90b6eb2fb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-1bf80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Is4PCejZ3chOwplFaP7K8wA9k9AjNBHfcQtYgo3ynQZ0Eb4t8qJs6U3ZVK643EKcKO9PTxMYfJVkeKT%2FnhhixqqNJ3%2BkKI5V2HLL7K0aMjdUxozmJx8djiPHJvc4wx1S3LmIlSBAltHBaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8273b1abac37f11c-CDG
alt-svc
h3=":443"; ma=86400
content-length
114560
expires
Sat, 18 Nov 2023 00:00:32 GMT
bonus-1win2.png
1win-430.ru/wp-content/uploads/2022/07/
88 KB
89 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/bonus-1win2.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fbaefce87b6e9885e772074ae271ffb04f66f7d63d3de508c3fa587bedeae44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-160fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsahcfWmQsT0CWvsdZPVwItBUii07HdUm%2FktMYcezrE7relJhkMaILY7vQ2ZxjQ94BkH4iy4rW6SH9zD9R4G485z0Y6ipwAWXo%2BfQ96vfyEMJccgjxtMMGwsbcN3YihQcIs5HDjEvwR5qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8273b1abac39f11c-CDG
alt-svc
h3=":443"; ma=86400
content-length
90365
expires
Sat, 18 Nov 2023 00:00:32 GMT
1win-line.png
1win-430.ru/wp-content/uploads/2022/07/
42 KB
42 KB
Image
General
Full URL
https://1win-430.ru/wp-content/uploads/2022/07/1win-line.png
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6109d7aeb869271f55f5eeed17096b63f21e04e0b3cc61a7549ff1ae1caf46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 09:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64ccc74d-a73b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDdCs3Up1HCxL%2BH0hy%2B568hPbZAEudvBJlBE2ikJCk%2BJQmdBtcoisN9Q8WhIgrCCheXBUGFvOXHn0pCc7p%2FMtWeuIm5%2BADUkMIgXs6FxwRiEy2saU%2BZ44KTVgK%2FUIlBcjTVNoxMmgDWVMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8273b1abac3bf11c-CDG
alt-svc
h3=":443"; ma=86400
content-length
42811
expires
Sat, 18 Nov 2023 00:00:32 GMT
tag.js
mc.yandex.ru/metrika/
200 KB
70 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Nov 2023 10:50:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6553510e-11399"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70553
expires
Fri, 17 Nov 2023 01:00:32 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10189.wj8-pWcLvvY_UVPr-AErPBYHcPs4Isz87zu2swelZgfqDS5XNq137-orRGbk8VCi.HHStj4jmuiwBs-beY3AaPbaqDG8%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10189.Myl9HmAdrJX0spF0sbSsZMI4rzkqEJ0BqH-FK_IKKNGf0gW6aWHe1sg_h3Vu3PkUXeFR_nY5s8wFDKhJJ_4VIW2smJX4beNeeNXHGa4YW8BxBtbtn-rL7yDAfh4oiBM-XroQ6IIr33...
43 B
672 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10189.Myl9HmAdrJX0spF0sbSsZMI4rzkqEJ0BqH-FK_IKKNGf0gW6aWHe1sg_h3Vu3PkUXeFR_nY5s8wFDKhJJ_4VIW2smJX4beNeeNXHGa4YW8BxBtbtn-rL7yDAfh4oiBM-XroQ6IIr33QmqUjal2a-w0yv0wx-Ivj1G3X-aL3rSLRj2LdcI0hNW5lT0ZMGpRMCNUSypK7GGYLMyJLg8rPTL8FdHRBQBm1gG0z09S1ADUI%2C.KUm-GFvhfpdicr4sWUIByVsPb9A%2C
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:33 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10189.Myl9HmAdrJX0spF0sbSsZMI4rzkqEJ0BqH-FK_IKKNGf0gW6aWHe1sg_h3Vu3PkUXeFR_nY5s8wFDKhJJ_4VIW2smJX4beNeeNXHGa4YW8BxBtbtn-rL7yDAfh4oiBM-XroQ6IIr33QmqUjal2a-w0yv0wx-Ivj1G3X-aL3rSLRj2LdcI0hNW5lT0ZMGpRMCNUSypK7GGYLMyJLg8rPTL8FdHRBQBm1gG0z09S1ADUI%2C.KUm-GFvhfpdicr4sWUIByVsPb9A%2C
date
Fri, 17 Nov 2023 00:00:33 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
524 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: 1win-430.ru
URL: https://1win-430.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:00:33 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Nov 2023 10:50:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6553510e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 17 Nov 2023 01:00:33 GMT
1
mc.yandex.com/watch/94534150/
Redirect Chain
  • https://mc.yandex.com/watch/94534150?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A9363%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/94534150/1?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A9363%3Afu%3A0%3Aen%3Autf...
427 B
570 B
Fetch
General
Full URL
https://mc.yandex.com/watch/94534150/1?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A9363%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A663859052200%3Ahid%3A174175039%3Az%3A60%3Ai%3A20231117010033%3Aet%3A1700179233%3Ac%3A1%3Arn%3A778094458%3Arqn%3A1%3Au%3A1700179233330982839%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C197%2C516%2C6%2C7665%2C0%2C%2C976%2C6%2C%2C%2C%2C9439%3Aco%3A0%3Acpf%3A1%3Ans%3A1700179223253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700179233%3At%3A1WIN%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%201%D0%92%D0%98%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6491144324f6c439d3b58ea11c51e4ec008a0e435a7ae87c6983a9d515120ade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1win-430.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 00:00:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 17-Nov-2023 00:00:33 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1win-430.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Fri, 17-Nov-2023 00:00:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 00:00:33 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 17-Nov-2023 00:00:33 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/94534150/1?wmode=7&page-url=https%3A%2F%2F1win-430.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A9363%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A663859052200%3Ahid%3A174175039%3Az%3A60%3Ai%3A20231117010033%3Aet%3A1700179233%3Ac%3A1%3Arn%3A778094458%3Arqn%3A1%3Au%3A1700179233330982839%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C197%2C516%2C6%2C7665%2C0%2C%2C976%2C6%2C%2C%2C%2C9439%3Aco%3A0%3Acpf%3A1%3Ans%3A1700179223253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700179233%3At%3A1WIN%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%201%D0%92%D0%98%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://1win-430.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 17-Nov-2023 00:00:33 GMT
94534150
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/94534150?wv-part=1&wmode=0&wv-hit=174175039&page-url=https%3A%2F%2F1win-430.ru%2F&rn=447997094&wv-type=7&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1700179236%3Aw%3A1600x1200%3Av%3A1161%3Az%3A60%3Ai%3A20231117010035%3Au%3A1700179233330982839%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1700179236&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1win-430.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 00:00:35 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 17-Nov-2023 00:00:35 GMT
content-type
image/gif
access-control-allow-origin
https://1win-430.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 17-Nov-2023 00:00:35 GMT
94534150
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/94534150?wv-part=1&wmode=0&wv-hit=174175039&page-url=https%3A%2F%2F1win-430.ru%2F&rn=315418812&wv-type=7&browser-info=we%3A1%3Aet%3A1700179236%3Aw%3A1600x1200%3Av%3A1161%3Az%3A60%3Ai%3A20231117010036%3Au%3A1700179233330982839%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1700179236&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1win-430.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 00:00:36 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 17-Nov-2023 00:00:36 GMT
content-type
image/gif
access-control-allow-origin
https://1win-430.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 17-Nov-2023 00:00:36 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery string| fixed_main_menu object| settings_array object| wps_ajax function| GoTo function| base64_decode function| createCookie function| readCookie function| eraseCookie function| ym object| twemoji object| wp object| Ya object| yaCounter94534150

16 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: cC7yYVZjzyQrbbx7wN6MTQ+51o9crVPB1vIi2voKAfc1KTQtXkSu4IEd2BYI+Vvu763kSvWXUzAgSt1VvoB3qamG8kQ=
.yandex.ru/ Name: yandexuid
Value: 5173128621700179232
.1win-430.ru/ Name: _ym_uid
Value: 1700179233330982839
.1win-430.ru/ Name: _ym_d
Value: 1700179233
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4166898611fake
.1win-430.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1553747636fake
.yandex.com/ Name: yandexuid
Value: 5173128621700179232
.yandex.com/ Name: yuidss
Value: 5173128621700179232
.yandex.com/ Name: i
Value: cC7yYVZjzyQrbbx7wN6MTQ+51o9crVPB1vIi2voKAfc1KTQtXkSu4IEd2BYI+Vvu763kSvWXUzAgSt1VvoB3qamG8kQ=
.yandex.com/ Name: yp
Value: 1700265633.yu.3303109361700179233
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1528433731700179233
.yandex.com/ Name: ymex
Value: 1702771233.oyu.3303109361700179233#1731715233.yrts.1700179233
.yandex.com/ Name: bh
Value: KgI/MA==
.1win-430.ru/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-430.ru
1wincasino.xyz
1wincasino1.top
1wincasino10.top
1wincasino3.top
1wincasino4.top
1wincasino5.top
1wincasino6.top
1wincasino7.top
1wincasino8.top
1wincasino9.top
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
2606:4700:3031::6815:4881
2606:4700:3031::ac43:950d
2606:4700:3032::ac43:88fe
2606:4700:3033::ac43:9430
2606:4700:3033::ac43:bc50
2606:4700:3034::ac43:dd6e
2606:4700:3037::6815:236d
2606:4700:3037::6815:5ff7
2606:4700:3037::ac43:b640
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a02:6b8::1:119
2a06:98c1:3121::3
0d84205aa1e8d9ae87bc8655bc354f796e58d92d05503603b48fbd90b6eb2fb2
486da58f25c9271f6ff7a2acb406c1aa30f373ee3555134bf2d8c6482231dff4
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6491144324f6c439d3b58ea11c51e4ec008a0e435a7ae87c6983a9d515120ade
6689da9de439659c81141876190f91117e80885025c04d63ff41915efda4a6f2
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
761ce8eb29a745bb871ad1e4741d91dc644ed4adecb7bf34df7a989af0849f1e
7e6109d7aeb869271f55f5eeed17096b63f21e04e0b3cc61a7549ff1ae1caf46
8fbaefce87b6e9885e772074ae271ffb04f66f7d63d3de508c3fa587bedeae44
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a8fef484ac8a107d5c1d4592fc8dbcdd63232b32794b86d33ed9a646ba8b0abf
ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
bc4b36e5ce0c6a40bb316e63f0614ca9195f655381f16033a7ec10124a787afc
d07f60e24e4361a59fb6467c72d0993c4bf1cf58261043fa2fe5ff85ff311383
d562f64de28b3c975ada07a8ec399ba128df2ebb971289dea81a91b0ad17fb5b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
eac0d40d1bb25272ca52ef80b777b01675942d002c1cacfa5c7eeca0cab39a6b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd610a9d43528d79b2afe2cd7ae2fde0bef9ea4ffb66f36d24868cea612efed1