urlscan.io logo urlscan.io
SecurityTrails logo

1wgos.pro Open in urlscan Pro
190.115.24.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gofirmware.com/loading-page
Effective URL: https://1wgos.pro/casino/list?open=register
Submission: On July 11 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 75 HTTP transactions. The main IP is 190.115.24.78, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is 1wgos.pro.
TLS certificate: Issued by R3 on May 17th 2023. Valid for: 3 months.
This is the only time 1wgos.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3030::6815:5488 (United States)

ASN13335 (CLOUDFLARENET, US)
gofirmware.com
19    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
5    190.115.24.78 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
1wgos.pro
33    190.115.24.75 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
1win-cdn.com
2    151.101.130.132 (None, )

ASN- ()
api.lab.amplitude.com
2    2a00:1450:4001:830::2008 (None, )

ASN- ()
www.googletagmanager.com
8    142.250.74.198 (None, )

ASN- ()
12688802.fls.doubleclick.net
12572451.fls.doubleclick.net
1    52.222.139.53 (None, )

ASN- ()
static.hotjar.com
1    2001:4860:4802:34::36 (None, )

ASN- ()
region1.google-analytics.com
1    52.222.236.74 (None, )

ASN- ()
script.hotjar.com
4    2a00:1450:4001:831::2002 (None, )

ASN- ()
adservice.google.com
4    2a00:1450:4001:800::2002 (None, )

ASN- ()
adservice.google.de
Apex Domain
Subdomains		 Transfer
33 1win-cdn.com
1win-cdn.com — Cisco Umbrella Rank: 406520
2 MB
13 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9422
4 KB
8 doubleclick.net
12688802.fls.doubleclick.net
12572451.fls.doubleclick.net
3 KB
6 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3245
134 KB
5 1wgos.pro
1wgos.pro
117 KB
4 google.de
adservice.google.de
965 B
4 google.com
adservice.google.com
2 KB
2 hotjar.com
static.hotjar.com
script.hotjar.com
74 KB
2 googletagmanager.com
www.googletagmanager.com
157 KB
2 amplitude.com
api.lab.amplitude.com
128 B
2 gofirmware.com
gofirmware.com — Cisco Umbrella Rank: 540656
38 KB
1 google-analytics.com
region1.google-analytics.com
241 B
75 12
Domain Requested by
33 1win-cdn.com 1wgos.pro
1win-cdn.com
13 mc.yandex.com 5 redirects gofirmware.com
mc.yandex.ru
1wgos.pro
6 mc.yandex.ru 3 redirects gofirmware.com
1wgos.pro
5 1wgos.pro 1win-cdn.com
1wgos.pro
4 adservice.google.de adservice.google.com
4 adservice.google.com 12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
4 12572451.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 12688802.fls.doubleclick.net 2 redirects www.googletagmanager.com
2 www.googletagmanager.com gofirmware.com
www.googletagmanager.com
2 api.lab.amplitude.com 1win-cdn.com
2 gofirmware.com gofirmware.com
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.hotjar.com gofirmware.com
75 14

This site contains no links.

Subject Issuer Validity Valid
gofirmware.com
GTS CA 1P5		 2023-06-19 -
2023-09-17		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
1wgos.pro
R3		 2023-05-17 -
2023-08-15		 3 months crt.sh
1win-cdn.com
R3		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.lab.amplitude.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-25 -
2024-03-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://1wgos.pro/casino/list?open=register
Frame ID: 76F3651056657C49AB1A3FABFB3D5198
Requests: 63 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Frame ID: C9E957B34B8AABF9E3D12DD5FDED7BE5
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704
Frame ID: E87E8245C4EE91A1BA17D778033C638A
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Frame ID: C6E481B7958AAB50D314A6ED7F9341F4
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901
Frame ID: F1D8C7C50A9D0BEC0022E459EED2FB48
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704;~oref=https://1wgos.pro/
Frame ID: D37F28BC880F5280F1498BAA5557E1B9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Frame ID: 76477DDF18CF1182A900199977A03055
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Frame ID: EDD4C83A3543A72F4C95BB06F8903975
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901;~oref=https://1wgos.pro/
Frame ID: 128CB6EA5654ED953700C09B7EC35612
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704;~oref=https://1wgos.pro/
Frame ID: F3A09C9FAEB7429F28B6CCCA8566E90E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Frame ID: 22753223BD622B5B28538A58D9FBF620
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901;~oref=https://1wgos.pro/
Frame ID: CFAC5F4149D9E52FE9205156FCA59B71
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Frame ID: 5334133490FC10834DFA7C7AD34A8669
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win

Page URL History Show full URLs

  1. https://gofirmware.com/loading-page Page URL
  2. https://1wgos.pro/casino/list?open=register Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

75
Requests

88 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

2592 kB
Transfer

3613 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gofirmware.com/loading-page Page URL
  2. https://1wgos.pro/casino/list?open=register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10061.2ELDH2hv_B01dsYOKkIOt_YUHQKBPAtAy56tSYz3swzswOZT1fB-4tL-asHb81XM.rEDMe-SaGTX7MdyTehlJKqqsOQc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10061.FFGmGAx0Yd40NC2rVltMB3Vo3lHtHhvhnkYvJSi7VQxk-zivK5L93zloyPdzLRh0wBSNTvuUpSUC8ZxdB27IoNjjYwJ07TMrN_NCCmUumYE%2C.gfHgMbVxfzrjrnRtRK15vwqYRaE%2C
Request Chain 5
  • https://mc.yandex.com/watch/45969072?wmode=7&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Afp%3A482%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A86062689252%3Ahid%3A606216194%3Az%3A0%3Ai%3A20230711101140%3Aet%3A1689070301%3Ac%3A1%3Arn%3A1040107189%3Arqn%3A1%3Au%3A1689070301273526066%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A19%2C45%2C361%2C1%2C0%2C0%2C%2C21%2C0%2C%2C%2C%2C448%3Aco%3A0%3Acpf%3A1%3Ans%3A1689070299798%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689070301%3At%3ALoading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/45969072/1?wmode=7&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Afp%3A482%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A86062689252%3Ahid%3A606216194%3Az%3A0%3Ai%3A20230711101140%3Aet%3A1689070301%3Ac%3A1%3Arn%3A1040107189%3Arqn%3A1%3Au%3A1689070301273526066%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A19%2C45%2C361%2C1%2C0%2C0%2C%2C21%2C0%2C%2C%2C%2C448%3Aco%3A0%3Acpf%3A1%3Ans%3A1689070299798%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689070301%3At%3ALoading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 6
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10061.oTTNp4tP0PmjffqVK8_9krO0SJ75I-mW6YFsusQbGrvMyqOqBZbkgNf2xa27cMbl.fNwgVklnenSSZp7qX9gPJkcidnY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10061.jUs-WLx6yCn4uMetKR4tERjpivVnLh7MLPH4yy7a8XF1Uu_TifdTpqwHE63Sp4nUjyuV2k172aSBMTsWnf-mx9IQR2h5CbDiAu7At2yJihU%2C.KrcI2tbR1yfVv1VdyjaUdynWotY%2C
Request Chain 49
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister HTTP 302
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Request Chain 50
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704
Request Chain 55
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister HTTP 302
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Request Chain 56
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901
Request Chain 63
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10061.z4NAv7vUSOWHPkE0RoS2PjxxyV_MxdJR4tPZ2iZOHA5BYewOlsWQd4uJeozZkgMS.E5s_638S9AVo5eK_vkA8tLprK8c%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10061.0RNXagHBou-EKWVkfcw-uJyJRuoihmfMaFEDhyx3fmPjmmbNwgj1SL7E8mZQRS7AXrqszNtlPWVLlQb3PWZD4Yo1iwftL_BjfxkrBEGTqAk%2C.x-Jx4vlWoCVoRnk9ZrWM1az8ff8%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10061.P9YweZo_6F3rTipnrzFVi7GNZRyJs530Pq-9NqYP7mbGwuCgyHPEgpWBila7uVVR2nn8wrEbOlH-Z1iI5DhNOK-mpIM0640iMaotxrSqTJ7_5rJ5M5rdE5kfbtM_bHSyqwDJLStF1wMUaLNaYP3JrVUH5Bmw5WYjy-qI8nx7j8jHmHo42Tr3-uqp5P8iTQtMHhd7qDM6Ifx7yQXABw42iQ%2C%2C.SsnfuUWLC5xTnItUVHEt2g8qFhM%2C

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
loading-page
gofirmware.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gofirmware.com/loading-page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf3fea1861317e287a28ee7a70fd6e89f58d2e1d437ca79e2f32a5eb5cd80f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e50437e3de43a61-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Jul 2023 10:11:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in4PrKGVeNpNrmYGn6ddOw5xHR%2BCklKzSGdJYrP4Pv5XN7NKV4RZt%2BTsxYxdn%2BXG9jCLa57OSNH6BxyXK%2Fgb0FT6jvffMr3zxEMEFW4noo3ct5CbSrdWHmq%2Fk08F0zfrTs7xTbTSavNAH36X3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
load.gif
gofirmware.com/images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofirmware.com/images/load.gif
Requested by
Host: gofirmware.com
URL: https://gofirmware.com/loading-page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d57b8a6acb8fb878c06384b2daafb90712113ef9fe586a17ef5ebb1d9649e3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofirmware.com/loading-page
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:40 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Feb 2020 05:54:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7119
etag
"9399-59f601fa03c5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OSunMdpZCpQb5mrkJLrKDQ%2B0kH8z2fLqHiyl5sVHjjuG9BqwJ2BzmdfPcseGeLY3rURGRioiE36V4NT7KjqjHClyy88yi2eVfDJ7t9D5SqXss8je9%2FzcSEDgQ3P0xkStmiDVfL%2BP7gfbhyiTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e50438078933a61-FRA
alt-svc
h3=":443"; ma=86400
content-length
37785
watch.js
mc.yandex.ru/metrika/ 		167 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: gofirmware.com
URL: https://gofirmware.com/loading-page
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
cd6251a8161e58126db9368b890526f421ffc35cc7e29279f43bd970fdabc98c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofirmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 05 Jul 2023 16:40:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64a572cc-ea44"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
59972
expires
Tue, 11 Jul 2023 11:11:40 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10061.2ELDH2hv_B01dsYOKkIOt_YUHQKBPAtAy56tSYz3swzswOZT1fB-4tL-asHb81XM.rEDMe-SaGTX7MdyTehlJKqqsOQc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10061.FFGmGAx0Yd40NC2rVltMB3Vo3lHtHhvhnkYvJSi7VQxk-zivK5L93zloyPdzLRh0wBSNTvuUpSUC8ZxdB27IoNjjYwJ07TMrN_NCCmUumYE%2C.gfHgMbVxfzrjrnRtRK15vwqYRaE%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10061.FFGmGAx0Yd40NC2rVltMB3Vo3lHtHhvhnkYvJSi7VQxk-zivK5L93zloyPdzLRh0wBSNTvuUpSUC8ZxdB27IoNjjYwJ07TMrN_NCCmUumYE%2C.gfHgMbVxfzrjrnRtRK15vwqYRaE%2C
Requested by
Host: gofirmware.com
URL: https://gofirmware.com/loading-page
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofirmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:40 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10061.FFGmGAx0Yd40NC2rVltMB3Vo3lHtHhvhnkYvJSi7VQxk-zivK5L93zloyPdzLRh0wBSNTvuUpSUC8ZxdB27IoNjjYwJ07TMrN_NCCmUumYE%2C.gfHgMbVxfzrjrnRtRK15vwqYRaE%2C
date
Tue, 11 Jul 2023 10:11:40 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: gofirmware.com
URL: https://gofirmware.com/loading-page
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofirmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:40 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 05 Jul 2023 16:40:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64a572cc-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 11 Jul 2023 11:11:40 GMT
1
mc.yandex.com/watch/45969072/
Redirect Chain
  • https://mc.yandex.com/watch/45969072?wmode=7&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Afp%3A482%3Afu%3A0...
  • https://mc.yandex.com/watch/45969072/1?wmode=7&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Afp%3A482%3Afu%3...
447 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/45969072/1?wmode=7&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Afp%3A482%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A86062689252%3Ahid%3A606216194%3Az%3A0%3Ai%3A20230711101140%3Aet%3A1689070301%3Ac%3A1%3Arn%3A1040107189%3Arqn%3A1%3Au%3A1689070301273526066%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A19%2C45%2C361%2C1%2C0%2C0%2C%2C21%2C0%2C%2C%2C%2C448%3Aco%3A0%3Acpf%3A1%3Ans%3A1689070299798%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689070301%3At%3ALoading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e8a3c161112088edb218d08cc18bcf2c7e36c2b93afd4f04dc21e4affb170fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofirmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 10:11:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 11-Jul-2023 10:11:40 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofirmware.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 11-Jul-2023 10:11:40 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 10:11:40 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 11-Jul-2023 10:11:40 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/45969072/1?wmode=7&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Afp%3A482%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A86062689252%3Ahid%3A606216194%3Az%3A0%3Ai%3A20230711101140%3Aet%3A1689070301%3Ac%3A1%3Arn%3A1040107189%3Arqn%3A1%3Au%3A1689070301273526066%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A19%2C45%2C361%2C1%2C0%2C0%2C%2C21%2C0%2C%2C%2C%2C448%3Aco%3A0%3Acpf%3A1%3Ans%3A1689070299798%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689070301%3At%3ALoading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://gofirmware.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 11-Jul-2023 10:11:40 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10061.oTTNp4tP0PmjffqVK8_9krO0SJ75I-mW6YFsusQbGrvMyqOqBZbkgNf2xa27cMbl.fNwgVklnenSSZp7qX9gPJkcidnY%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10061.jUs-WLx6yCn4uMetKR4tERjpivVnLh7MLPH4yy7a8XF1Uu_TifdTpqwHE63Sp4nUjyuV2k172aSBMTsWnf-mx9IQR2h5CbDiAu7At2yJihU%2C.KrcI2tbR1yfVv1Vdy...
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10061.jUs-WLx6yCn4uMetKR4tERjpivVnLh7MLPH4yy7a8XF1Uu_TifdTpqwHE63Sp4nUjyuV2k172aSBMTsWnf-mx9IQR2h5CbDiAu7At2yJihU%2C.KrcI2tbR1yfVv1VdyjaUdynWotY%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofirmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:41 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10061.jUs-WLx6yCn4uMetKR4tERjpivVnLh7MLPH4yy7a8XF1Uu_TifdTpqwHE63Sp4nUjyuV2k172aSBMTsWnf-mx9IQR2h5CbDiAu7At2yJihU%2C.KrcI2tbR1yfVv1VdyjaUdynWotY%2C
date
Tue, 11 Jul 2023 10:11:40 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
45969072
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45969072?wv-check=3341&wv-type=0&wmode=0&wv-part=1&wv-hit=606216194&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&rn=117178671&browser-info=et%3A1689070302%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711101141%3Au%3A1689070301273526066%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Ast%3A1689070302&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofirmware.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 10:11:41 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 11-Jul-2023 10:11:41 GMT
content-type
image/gif
access-control-allow-origin
https://gofirmware.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 11-Jul-2023 10:11:41 GMT
45969072
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45969072?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=606216194&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&rn=173946479&browser-info=et%3A1689070302%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711101141%3Au%3A1689070301273526066%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Ast%3A1689070302&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofirmware.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 10:11:41 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 11-Jul-2023 10:11:41 GMT
content-type
image/gif
access-control-allow-origin
https://gofirmware.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 11-Jul-2023 10:11:41 GMT
Primary Request list
1wgos.pro/casino/ 		297 KB
97 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
7048dd2e37fe7577d722ec7a4440ab276aaa10bd2b00e4a35ca1e8bdf93b51f9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://gofirmware.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Jul 2023 10:11:41 GMT
server
openresty/1.19.9.1
x-frame-options
DENY
x-request-id
Ag1nwKCHx90FiAqw
45969072
mc.yandex.com/webvisor/ 		0
0
45969072
mc.yandex.com/webvisor/ 		0
0
45969072
mc.yandex.com/webvisor/ 		0
0
45969072
mc.yandex.com/webvisor/ 		0
0
SFNSDisplay-latin.50a4eaff3.woff2
1win-cdn.com/font/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

Referer
https://1wgos.pro/
Origin
https://1wgos.pro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:42 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-8128"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
33064
expires
Thu, 31 Dec 2037 23:55:55 GMT
SFNSText-latin.f09aa5229.woff2
1win-cdn.com/font/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

Referer
https://1wgos.pro/
Origin
https://1wgos.pro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:42 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-a9f8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43512
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop-legacy.38f418bac.js
1win-cdn.com/js/ 		112 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/desktop-legacy.38f418bac.js
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
7d3cb145b5386e2b6a3e4fa052a892ea54c7a9e6cb4b39372046a41fa4e93d31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:42 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-1c137"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
114999
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.32be6952c.css
1win-cdn.com/css/ 		87 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/desktop.32be6952c.css
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
8848d2bef4eb7b279be3c7b3a8b58da2ac33341857422732bc2f317e060946df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:42 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-15b35"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
88885
expires
Thu, 31 Dec 2037 23:55:55 GMT
chunk-vendors-legacy.391b8c4c4.js
1win-cdn.com/js/ 		413 KB
413 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/chunk-vendors-legacy.391b8c4c4.js
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
4f52855ebb0b259df6aca6587429f560c2f8eff51b71ae54ea02d1975df28648

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:42 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-67270"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
422512
expires
Thu, 31 Dec 2037 23:55:55 GMT
chunk-common-legacy.183a8f76c.js
1win-cdn.com/js/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/chunk-common-legacy.183a8f76c.js
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
ae4e98da0b15f15bb675c64819bbe6c4e9dd243ac0eb0e666b29efce08d73777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:42 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-567a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
22138
expires
Thu, 31 Dec 2037 23:55:55 GMT
index-legacy.8f1a2a327.js
1win-cdn.com/js/ 		79 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
a8a2aff8250c0777b5c84415ed046bc3c8788dab76423a08c84b0657c3132e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:42 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-13c51"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
80977
expires
Thu, 31 Dec 2037 23:55:55 GMT
affiliate:link_visit
1wgos.pro/ 		15 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1wgos.pro/affiliate:link_visit?partner_key=36hj&sub_ids=undefined
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors-legacy.391b8c4c4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 / Express
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/casino/list?open=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
server
openresty/1.19.9.1
etag
W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by
Express
access-control-max-age
7200
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
undefined
access-control-expose-headers
Authorization
x-frame-options
DENY
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
content-length
15
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/webp
76658-legacy.48d342c68.js
1win-cdn.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/76658-legacy.48d342c68.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
d61771836c885a8487c03f49fd3e73343c315a36eb328477b9355bb54878787c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-1982"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
6530
expires
Thu, 31 Dec 2037 23:55:55 GMT
99699-legacy.4327984b1.js
1win-cdn.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/99699-legacy.4327984b1.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
89fc69def41bbccf5e0c72af31846c283de320aa9e3c83088220651c219a4c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-815"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2069
expires
Thu, 31 Dec 2037 23:55:55 GMT
icons-common-legacy.0b441ef44.js
1win-cdn.com/js/ 		209 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/icons-common-legacy.0b441ef44.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
234d0054455fcdb0f78fb6a8f029a418c50cc4fcac995204d3d8f8e2284b196d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-3429d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
213661
expires
Thu, 31 Dec 2037 23:55:55 GMT
21705-legacy.66e61790e.js
1win-cdn.com/js/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/21705-legacy.66e61790e.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
3fb28228fcddc78c0f440a1cdbace892c601409310c4899fe112c649fe320e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-6e4e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
28238
expires
Thu, 31 Dec 2037 23:55:55 GMT
36851-legacy.062b926be.js
1win-cdn.com/js/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/36851-legacy.062b926be.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
1f4202c5bd6b94a4ce4e2fea99bc9846bf0525cd1ceb53dc379bf23077613906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-519c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
20892
expires
Thu, 31 Dec 2037 23:55:55 GMT
75176-legacy.d1d619567.js
1win-cdn.com/js/ 		610 KB
611 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/75176-legacy.d1d619567.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
d31846016fb00594cb1dd0193def0e98c0e66d7e3c83977605640fdfed59420c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-9885c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
624732
expires
Thu, 31 Dec 2037 23:55:55 GMT
vardata
api.lab.amplitude.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://1wgos.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://1wgos.pro
access-control-max-age
1800
date
Tue, 11 Jul 2023 10:11:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-amzn-trace-id
Root=1-64ad2ae0-00331cd90c6cefe22c3c1e2c
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-cph2320036-CPH
x-timer
S1689070304.064946,VS0,VE160
firebase-app.js
1wgos.pro/firebase/8.1.1/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wgos.pro/firebase/8.1.1/firebase-app.js
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/casino/list?open=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
openresty/1.19.9.1
etag
W/"64ad20a7-4ded"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		272 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Requested by
Host: gofirmware.com
URL: https://gofirmware.com/loading-page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e587b37eb9586cb586bcd50e5b2ef2be11442986a6d44355993443b915750c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80931
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jul 2023 10:11:44 GMT
46049-legacy.2e28bb1bf.js
1win-cdn.com/js/ 		780 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/46049-legacy.2e28bb1bf.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
d67a6c2f1a0be92d7588f2bcbfd3400f069dc94afbf47b39b4fb55e0b866241e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:43 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-30c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
780
expires
Thu, 31 Dec 2037 23:55:55 GMT
vardata
api.lab.amplitude.com/sdk/ 		2 B
128 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/75176-legacy.d1d619567.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1wgos.pro/
accept-language
de-DE,de;q=0.9
Authorization
Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiJmOTY4ODJkMC1kM2EwLTRmMTMtYmViNy04ZTZkZDQ3MjI4MTgiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-cph2320036-CPH
date
Tue, 11 Jul 2023 10:11:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
0
x-timer
S1689070304.260956,VS0,VE213
x-amzn-trace-id
Root=1-64ad2ae0-642ba5b72b22c1d534d3f307
vary
Origin, Origin
x-cache
MISS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1wgos.pro
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-cache-hits
0
44074-legacy.ee63e1da6.js
1win-cdn.com/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/44074-legacy.ee63e1da6.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
e5b451e0e5ce52df76028446d5b857b61e46d5f0207fb5c8041d7d45a58c87f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-2a2b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
10795
expires
Thu, 31 Dec 2037 23:55:55 GMT
65054.cdcd11afa.css
1win-cdn.com/css/ 		23 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/65054.cdcd11afa.css
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
a3dedda8e08113116bb197be96f53d7a9e14436bc8a2b937f894ab7e136c91b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-5ddb"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
24027
expires
Thu, 31 Dec 2037 23:55:55 GMT
65054-legacy.4f1264df6.js
1win-cdn.com/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/65054-legacy.4f1264df6.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
cb7a13caf6b3dbcc960e5c8d733ffce480ef9599d0043f853538df45728196ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-5c14"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
23572
expires
Thu, 31 Dec 2037 23:55:55 GMT
2587-legacy.21a634fb1.js
1win-cdn.com/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/2587-legacy.21a634fb1.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
bc11b37c68fcf4ca1898868dd038696f4581760b016fafac32434d1db1fce278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-1b01"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
6913
expires
Thu, 31 Dec 2037 23:55:55 GMT
75983.623e38863.css
1win-cdn.com/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/75983.623e38863.css
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
b2a924309f12ba2ca4e342194e6156d3b884e724f1a1e858ba9ebe3d6cd4b33c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-e58"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3672
expires
Thu, 31 Dec 2037 23:55:55 GMT
75983-legacy.c869e0d4f.js
1win-cdn.com/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/75983-legacy.c869e0d4f.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
c76f746af7ffa448c1ed12dbda97e356e86e2d376732b0054465ec13ed198dbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-207b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8315
expires
Thu, 31 Dec 2037 23:55:55 GMT
3859-legacy.c55978c42.js
1win-cdn.com/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/3859-legacy.c55978c42.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
db08dfcb7f2dbf5b54b55e3f40a406b1bd4bee02e89ace32efc0e57228a7f08c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-3008"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
12296
expires
Thu, 31 Dec 2037 23:55:55 GMT
19783-legacy.65c7000f4.js
1win-cdn.com/js/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/19783-legacy.65c7000f4.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
1a3fc313f9efc0a54996623c2bbc170e49a3819de5693074cd0259f74c81a46e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-169f4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
92660
expires
Thu, 31 Dec 2037 23:55:55 GMT
98988.124fc8a29.css
1win-cdn.com/css/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/98988.124fc8a29.css
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
fc06cdfde02e97d951a65b7834331ed6a0094b93f79eaf4b98d930223d3ed72e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-63ee"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
25582
expires
Thu, 31 Dec 2037 23:55:55 GMT
98988-legacy.4ae236a23.js
1win-cdn.com/js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/98988-legacy.4ae236a23.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
894d8872639bb10610f4d5f40a92315b96bef39149db5aebed1d7eb942865b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-5ed0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
24272
expires
Thu, 31 Dec 2037 23:55:55 GMT
title
1wgos.pro/common/ 		29 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wgos.pro/common/title?path=casino&lang=de
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors-legacy.391b8c4c4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://1wgos.pro/casino/list?open=register
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
server
openresty/1.19.9.1
etag
"25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
vary
Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=300
content-length
29
firebase-messaging.js
1wgos.pro/firebase/8.1.1/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wgos.pro/firebase/8.1.1/firebase-messaging.js
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/casino/list?open=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
openresty/1.19.9.1
etag
W/"64ad20a7-9f25"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
54801-legacy.e813453b9.js
1win-cdn.com/js/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/54801-legacy.e813453b9.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
7c8c4629175a8fda26ab042e28a0c206d6a46bbe542d935ef58053b8e3f4a51a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-63b9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
25529
expires
Thu, 31 Dec 2037 23:55:55 GMT
6794-legacy.6c879d756.js
1win-cdn.com/js/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/6794-legacy.6c879d756.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
f9b29f326105339a149bb89f1823063571464d98d3524196223ee0768c1b4328

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-9193"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
37267
expires
Thu, 31 Dec 2037 23:55:55 GMT
70724.b111a1d72.css
1win-cdn.com/css/ 		27 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/70724.b111a1d72.css
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
28e6144130f75277c70095208483431e0579870239583c30fccdc7ebfb140d70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-6d21"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
27937
expires
Thu, 31 Dec 2037 23:55:55 GMT
70724-legacy.2a5a0e5f7.js
1win-cdn.com/js/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/70724-legacy.2a5a0e5f7.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index-legacy.8f1a2a327.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
13e4592bc552c2e8169a138b7cc0e2c390bc9238fa5255ca753fb731c281f3c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-984f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
38991
expires
Thu, 31 Dec 2037 23:55:55 GMT
activityi;dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=...
12688802.fls.doubleclick.net/ Frame C9E9
Redirect Chain
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~or...
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl...
559 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12688802.fls.doubleclick.net/activityi;dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
7ec964fef4097cebc9a2d4a44e9ff5e31bc11d54edb765890c873b3fbb643ab1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wgos.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
346
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12688802.fls.doubleclick.net/activityi;dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame E87E
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
553 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
150013452ea4bc790b50cf454639941243e82d462f1c208811de24491276b161
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wgos.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
300
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hotjar-2606090.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Requested by
Host: gofirmware.com
URL: https://gofirmware.com/loading-page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc42a9104f180852f0e2f802f325f06b601552015e31ac376bb15c0315b2591c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 10:11:01 GMT
via
1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
48
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/378d87c28410fd0125bc0e5045fbcd41
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
d4cf72cKqSdvGbSeQmT5E1OzFJIHgStNl8C3nEvwra6iMO4M7-6uNw==
tag.js
mc.yandex.ru/metrika/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: gofirmware.com
URL: https://gofirmware.com/loading-page
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
b886f11e6cea2d231535fd0b59bb2950a8d40d9ec4a39b6da894c1f90d89a382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 05 Jul 2023 16:40:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64a572cc-125d3"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75219
expires
Tue, 11 Jul 2023 11:11:44 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23ceee899be73427932fba667758e3e4817600682b1dfdbe8f17df37c9987af4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79405
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 10:11:44 GMT
collect
region1.google-analytics.com/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je37a0&_p=1067163824&cid=540594598.1689070304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dp=%2Fcasino%2Flist&sid=1689070304&sct=1&seg=0&dl=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister&dr=https%3A%2F%2Fgofirmware.com%2F&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister&up.platform_language=de&up.device_type=desktop&up.platform=web&up.os=windows
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 10:11:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1wgos.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=...
12688802.fls.doubleclick.net/ Frame C6E4
Redirect Chain
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~or...
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl...
559 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12688802.fls.doubleclick.net/activityi;dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
c47f88bb01f952ea407a4b16d67629006e33e8f8995e877879fee35da691907f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wgos.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
347
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12688802.fls.doubleclick.net/activityi;dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame F1D8
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
553 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
33d7a3d7387bdb936c4a5fc36385caf772bc3381cfe3ff71d467e108f5b0f2d4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wgos.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
301
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
de.svg
1win-cdn.com/img/flags/ 		272 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-cdn.com/img/flags/de.svg
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
9e24a688017c0d2b6a65390caf35350cae86094372366b4be62767040d4b1c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-110"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
272
expires
Thu, 31 Dec 2037 23:55:55 GMT
modules.fba0c9b2e1c5e125e170.js
script.hotjar.com/ 		270 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 07:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
96517
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70330
last-modified
Mon, 10 Jul 2023 07:22:19 GMT
etag
"0054d18e8d659772b0e915a12ecd8b15"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
xGI7WaDT0MyIMyX3AGU966zmDyuks0Vctf22fKvRA3LpOKkrVt5Mrg==
bear.09894b84b-290.webp
1win-cdn.com/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-cdn.com/img/bear.09894b84b-290.webp
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-530c"
x-frame-options
DENY
content-type
image/webp
accept-ranges
bytes
content-length
21260
emoji-soccer.1a6d4ecac-160.png
1win-cdn.com/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-cdn.com/img/emoji-soccer.1a6d4ecac-160.png
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-1ed8"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7896
expires
Thu, 31 Dec 2037 23:55:55 GMT
emoji-slots.1c6e965b9-160.png
1win-cdn.com/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-cdn.com/img/emoji-slots.1c6e965b9-160.png
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-2311"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8977
expires
Thu, 31 Dec 2037 23:55:55 GMT
cashback.12a565952.svg
1win-cdn.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-cdn.com/img/cashback.12a565952.svg
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
nginx/1.22.0 /
Resource Hash
8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
last-modified
Tue, 11 Jul 2023 09:28:07 GMT
server
nginx/1.22.0
etag
"64ad20a7-851"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2129
expires
Thu, 31 Dec 2037 23:55:55 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10061.z4NAv7vUSOWHPkE0RoS2PjxxyV_MxdJR4tPZ2iZOHA5BYewOlsWQd4uJeozZkgMS.E5s_638S9AVo5eK_vkA8tLprK8c%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10061.0RNXagHBou-EKWVkfcw-uJyJRuoihmfMaFEDhyx3fmPjmmbNwgj1SL7E8mZQRS7AXrqszNtlPWVLlQb3PWZD4Yo1iwftL_BjfxkrBEGTqAk%2C.x-Jx4vlWoCVoRnk9ZrWM1az8ff8%2C
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10061.P9YweZo_6F3rTipnrzFVi7GNZRyJs530Pq-9NqYP7mbGwuCgyHPEgpWBila7uVVR2nn8wrEbOlH-Z1iI5DhNOK-mpIM0640iMaotxrSqTJ7_5...
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10061.P9YweZo_6F3rTipnrzFVi7GNZRyJs530Pq-9NqYP7mbGwuCgyHPEgpWBila7uVVR2nn8wrEbOlH-Z1iI5DhNOK-mpIM0640iMaotxrSqTJ7_5rJ5M5rdE5kfbtM_bHSyqwDJLStF1wMUaLNaYP3JrVUH5Bmw5WYjy-qI8nx7j8jHmHo42Tr3-uqp5P8iTQtMHhd7qDM6Ifx7yQXABw42iQ%2C%2C.SsnfuUWLC5xTnItUVHEt2g8qFhM%2C
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10061.P9YweZo_6F3rTipnrzFVi7GNZRyJs530Pq-9NqYP7mbGwuCgyHPEgpWBila7uVVR2nn8wrEbOlH-Z1iI5DhNOK-mpIM0640iMaotxrSqTJ7_5rJ5M5rdE5kfbtM_bHSyqwDJLStF1wMUaLNaYP3JrVUH5Bmw5WYjy-qI8nx7j8jHmHo42Tr3-uqp5P8iTQtMHhd7qDM6Ifx7yQXABw42iQ%2C%2C.SsnfuUWLC5xTnItUVHEt2g8qFhM%2C
date
Tue, 11 Jul 2023 10:11:44 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
/
adservice.google.com/ddm/fls/i/dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame D37F 		552 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704;~oref=https://1wgos.pro/
Requested by
Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
00802e498f749a6487c608be8b518fe2b60988cb803b8f90a8e0a27e5e951fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
302
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2...
adservice.google.com/ddm/fls/i/ Frame 7647 		558 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Requested by
Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
896e52780eb980e818e7e3c1c9bc1924651d985f11008442a3e09ac49d9fe1c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
347
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2...
adservice.google.com/ddm/fls/i/ Frame EDD4 		558 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Requested by
Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0c6629c916648da6ef988421ce9028f0b420194be7f9ede22ab84ad6a2ba13ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
345
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.com/ddm/fls/i/dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 128C 		552 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901;~oref=https://1wgos.pro/
Requested by
Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2bb45ce96ee4996255ac5d9e65a35986aa107843b1ee843f6a077a64d95575b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
302
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
advert.gif
mc.yandex.com/metrika/ 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: 1wgos.pro
URL: https://1wgos.pro/casino/list?open=register
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:11:44 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 05 Jul 2023 16:40:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64a572cc-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 11 Jul 2023 11:11:44 GMT
/
adservice.google.de/ddm/fls/i/dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame F3A0 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704;~oref=https://1wgos.pro/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIjQ75u1hoADFRn3GQod_CkMow;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=972912369535.2704;~oref=https://1wgos.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Tue, 11 Jul 2023 10:11:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2...
adservice.google.de/ddm/fls/i/ Frame 2275 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIer8Ju1hoADFTRDHgIdsQkN9Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6383140523659;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Tue, 11 Jul 2023 10:11:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.de/ddm/fls/i/dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame CFAC 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901;~oref=https://1wgos.pro/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COaw8Ju1hoADFRiuGQod2BcLSA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4814448491596.901;~oref=https://1wgos.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Tue, 11 Jul 2023 10:11:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2...
adservice.google.de/ddm/fls/i/ Frame 5334 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKyo8Ju1hoADFZBDHgIdXVwEXA;src=12688802;type=actio0;cat=allpa0;ord=1;num=9634211714845;gtm=45He37a0;auiddc=937206779.1689070304;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:11:44 GMT
expires
Tue, 11 Jul 2023 10:11:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
92006234
mc.yandex.com/watch/ 		435 B
807 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wgos.pro%2Fcasino%2Flist%3Fopen%3Dregister&page-ref=https%3A%2F%2Fgofirmware.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A293%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1349898386469%3Ahid%3A670571382%3Az%3A0%3Ai%3A20230711101144%3Aet%3A1689070304%3Ac%3A1%3Arn%3A576193795%3Arqn%3A1%3Au%3A1689070304316269203%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A24%2C57%2C85%2C49%2C1%2C0%2C%2C18%2C0%2C%2C%2C%2C1345%3Aco%3A0%3Acpf%3A1%3Ans%3A1689070301746%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689070305%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ddac4bc9aad05cb05ade8225f007f82c95e27b451c8c97e2864f9eb9c1daf627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wgos.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 10:11:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 11-Jul-2023 10:11:44 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1wgos.pro
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Tue, 11-Jul-2023 10:11:44 GMT
sync_cookie_image_check_secondary
mc.yandex.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.com
URL
https://mc.yandex.com/webvisor/45969072?wv-check=3341&wv-type=0&wmode=0&wv-part=3&wv-hit=606216194&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&rn=128392575&browser-info=et%3A1689070302%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711101141%3Au%3A1689070301273526066%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Ast%3A1689070302&t=gdpr(14)ti(1)
Domain
mc.yandex.com
URL
https://mc.yandex.com/webvisor/45969072?wv-check=3341&wv-type=0&wmode=0&wv-part=4&wv-hit=606216194&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&rn=115537479&browser-info=et%3A1689070302%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711101141%3Au%3A1689070301273526066%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Ast%3A1689070302&t=gdpr(14)ti(1)
Domain
mc.yandex.com
URL
https://mc.yandex.com/webvisor/45969072?wv-check=3341&wv-type=0&wmode=0&wv-part=3&wv-hit=606216194&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&rn=128392575&browser-info=et%3A1689070302%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711101141%3Au%3A1689070301273526066%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Ast%3A1689070302&t=gdpr(14)ti(2)
Domain
mc.yandex.com
URL
https://mc.yandex.com/webvisor/45969072?wv-check=3341&wv-type=0&wmode=0&wv-part=4&wv-hit=606216194&page-url=https%3A%2F%2Fgofirmware.com%2Floading-page&rn=115537479&browser-info=et%3A1689070302%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230711101141%3Au%3A1689070301273526066%3Avf%3Afl86j8c0cs0gu7lh9r0871b%3Ast%3A1689070302&t=gdpr(14)ti(2)
Domain
mc.yandex.com
URL
https://mc.yandex.com/sync_cookie_image_check_secondary

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend object| INITIAL_DATA object| _chunksDictionary object| oneWinLang string| releaseTag string| gtmKey function| prefetchAllDynamicLogos function| getNextDynamicLogoIndex function| getLogoPath function| performTransition function| showLogo function| subscribeToLogoUpdate function| startUpdateDynamicLogosInterval object| webim object| webimHandlers function| initOrGetInstanceOfSupportChat function| loadScript string| vipDomain object| webpackChunk_1win_frontend_main object| SENTRY_RELEASE object| SENTRY_RELEASES object| dataLayer object| buildConfig object| configManager object| amplitude object| analyticsConnectorInstances object| socket object| firebase object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings function| ym object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

22 Cookies

Domain/Path Name / Value
.gofirmware.com/ Name: _ym_uid
Value: 1689070301273526066
.gofirmware.com/ Name: _ym_d
Value: 1689070301
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3193477669fake
.gofirmware.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1949401383fake
mc.yandex.com/ Name: yabs-sid
Value: 2144196511689070300
.yandex.com/ Name: i
Value: s8AzCQ2tW2R5ODzUlxbB7NKOa5Ygrjeooe7M9lGMJUdgwyfu3LjUBRjBhClMoS2Abot2d8N/B3PEA1H7yuarmXzYPxs=
.yandex.com/ Name: yandexuid
Value: 9910781641689070300
.yandex.com/ Name: yuidss
Value: 9910781641689070300
.yandex.com/ Name: ymex
Value: 1720606300.yc.1689070300#1720606300.yrts.1689070300#1720606300.yrtsi.1689070300
.yandex.com/ Name: bh
Value: KgI/MA==
.gofirmware.com/ Name: _ym_visorc
Value: w
1wgos.pro/ Name: partner_key
Value: 36hj
1wgos.pro/ Name: visit_domain
Value: 1wgos.pro
1wgos.pro/ Name: core-sticky
Value: http://10.233.74.212:80
1wgos.pro/ Name: 1w_lang
Value: de
.1wgos.pro/ Name: AMP_MKTG_494cccfe21
Value: JTdCJTIycmVmZXJyZXIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmdvZmlybXdhcmUuY29tJTJGJTIyJTJDJTIycmVmZXJyaW5nX2RvbWFpbiUyMiUzQSUyMmdvZmlybXdhcmUuY29tJTIyJTdE
.1wgos.pro/ Name: _gcl_au
Value: 1.1.937206779.1689070304
1wgos.pro/ Name: 1w_locale
Value: 26
.1wgos.pro/ Name: AMP_494cccfe21
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJmOTY4ODJkMC1kM2EwLTRmMTMtYmViNy04ZTZkZDQ3MjI4MTglMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjg5MDcwMzAzOTY2JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY4OTA3MDMwNDEzOCUyQyUyMmxhc3RFdmVudElkJTIyJTNBNSU3RA==
.1wgos.pro/ Name: _ga_548949LWLW
Value: GS1.1.1689070304.1.0.1689070304.0.0.0
.1wgos.pro/ Name: _ga
Value: GA1.1.540594598.1689070304

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wgos.pro
1win-cdn.com
adservice.google.com
adservice.google.de
api.lab.amplitude.com
gofirmware.com
mc.yandex.com
mc.yandex.ru
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
www.googletagmanager.com
mc.yandex.com
142.250.74.198
151.101.130.132
190.115.24.75
190.115.24.78
2001:4860:4802:34::36
2606:4700:3030::6815:5488
2a00:1450:4001:800::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a02:6b8::1:119
52.222.139.53
52.222.236.74
00802e498f749a6487c608be8b518fe2b60988cb803b8f90a8e0a27e5e951fb5
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
0c6629c916648da6ef988421ce9028f0b420194be7f9ede22ab84ad6a2ba13ba
13e4592bc552c2e8169a138b7cc0e2c390bc9238fa5255ca753fb731c281f3c2
150013452ea4bc790b50cf454639941243e82d462f1c208811de24491276b161
1a3fc313f9efc0a54996623c2bbc170e49a3819de5693074cd0259f74c81a46e
1f4202c5bd6b94a4ce4e2fea99bc9846bf0525cd1ceb53dc379bf23077613906
234d0054455fcdb0f78fb6a8f029a418c50cc4fcac995204d3d8f8e2284b196d
23ceee899be73427932fba667758e3e4817600682b1dfdbe8f17df37c9987af4
28e6144130f75277c70095208483431e0579870239583c30fccdc7ebfb140d70
2bb45ce96ee4996255ac5d9e65a35986aa107843b1ee843f6a077a64d95575b2
33d7a3d7387bdb936c4a5fc36385caf772bc3381cfe3ff71d467e108f5b0f2d4
3d57b8a6acb8fb878c06384b2daafb90712113ef9fe586a17ef5ebb1d9649e3c
3fb28228fcddc78c0f440a1cdbace892c601409310c4899fe112c649fe320e85
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
4f52855ebb0b259df6aca6587429f560c2f8eff51b71ae54ea02d1975df28648
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
7048dd2e37fe7577d722ec7a4440ab276aaa10bd2b00e4a35ca1e8bdf93b51f9
7c8c4629175a8fda26ab042e28a0c206d6a46bbe542d935ef58053b8e3f4a51a
7d3cb145b5386e2b6a3e4fa052a892ea54c7a9e6cb4b39372046a41fa4e93d31
7ec964fef4097cebc9a2d4a44e9ff5e31bc11d54edb765890c873b3fbb643ab1
8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658
8848d2bef4eb7b279be3c7b3a8b58da2ac33341857422732bc2f317e060946df
894d8872639bb10610f4d5f40a92315b96bef39149db5aebed1d7eb942865b36
896e52780eb980e818e7e3c1c9bc1924651d985f11008442a3e09ac49d9fe1c3
89fc69def41bbccf5e0c72af31846c283de320aa9e3c83088220651c219a4c27
9e24a688017c0d2b6a65390caf35350cae86094372366b4be62767040d4b1c2e
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3dedda8e08113116bb197be96f53d7a9e14436bc8a2b937f894ab7e136c91b4
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
a8a2aff8250c0777b5c84415ed046bc3c8788dab76423a08c84b0657c3132e33
aaf3fea1861317e287a28ee7a70fd6e89f58d2e1d437ca79e2f32a5eb5cd80f3
ae4e98da0b15f15bb675c64819bbe6c4e9dd243ac0eb0e666b29efce08d73777
b2a924309f12ba2ca4e342194e6156d3b884e724f1a1e858ba9ebe3d6cd4b33c
b886f11e6cea2d231535fd0b59bb2950a8d40d9ec4a39b6da894c1f90d89a382
bc11b37c68fcf4ca1898868dd038696f4581760b016fafac32434d1db1fce278
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
c47f88bb01f952ea407a4b16d67629006e33e8f8995e877879fee35da691907f
c76f746af7ffa448c1ed12dbda97e356e86e2d376732b0054465ec13ed198dbd
cb7a13caf6b3dbcc960e5c8d733ffce480ef9599d0043f853538df45728196ec
cc42a9104f180852f0e2f802f325f06b601552015e31ac376bb15c0315b2591c
cd6251a8161e58126db9368b890526f421ffc35cc7e29279f43bd970fdabc98c
d31846016fb00594cb1dd0193def0e98c0e66d7e3c83977605640fdfed59420c
d61771836c885a8487c03f49fd3e73343c315a36eb328477b9355bb54878787c
d67a6c2f1a0be92d7588f2bcbfd3400f069dc94afbf47b39b4fb55e0b866241e
db08dfcb7f2dbf5b54b55e3f40a406b1bd4bee02e89ace32efc0e57228a7f08c
ddac4bc9aad05cb05ade8225f007f82c95e27b451c8c97e2864f9eb9c1daf627
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e587b37eb9586cb586bcd50e5b2ef2be11442986a6d44355993443b915750c2a
e5b451e0e5ce52df76028446d5b857b61e46d5f0207fb5c8041d7d45a58c87f3
e8a3c161112088edb218d08cc18bcf2c7e36c2b93afd4f04dc21e4affb170fde
f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd
f9b29f326105339a149bb89f1823063571464d98d3524196223ee0768c1b4328
fc06cdfde02e97d951a65b7834331ed6a0094b93f79eaf4b98d930223d3ed72e