urlscan.io logo urlscan.io
SecurityTrails logo

winportcasino.net Open in urlscan Pro
172.67.197.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.kidssportsnet.com//wrestling//wwfan619//?1048297959
Effective URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Submission: On July 31 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 10 domains to perform 28 HTTP transactions. The main IP is 172.67.197.5, located in United States and belongs to CLOUDFLARENET, US. The main domain is winportcasino.net.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time winportcasino.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 5.77.63.90 20860 (IOMART-AS)
1 1 23.229.227.38 398101 (GO-DADDY-...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 104.18.192.136 13335 (CLOUDFLAR...)
20 172.67.197.5 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.192.32 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.99 15169 (GOOGLE)
1 54.230.228.64 16509 (AMAZON-02)
28 7
2    5.77.63.90 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: belfast.eukhosting.net
www.kidssportsnet.com
1    23.229.227.38 (Las Vegas, United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 38.227.229.23.host.secureserver.net
www.banner-secure.com
2    2606:4700:3032::ac43:8d6a (United States)

ASN13335 (CLOUDFLARENET, US)
www.secure-bonus.com
1    104.18.192.136 (None, )

ASN13335 (CLOUDFLARENET, US)
record.jackpot-partners.com
20    172.67.197.5 (United States)

ASN13335 (CLOUDFLARENET, US)
winportcasino.net
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.192.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-32.muc50.r.cloudfront.net
static.hotjar.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c1f::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net
www.google.co.uk
1    54.230.228.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-64.muc50.r.cloudfront.net
script.hotjar.com
Apex Domain
Subdomains		 Transfer
20 winportcasino.net
winportcasino.net
2 MB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
168 KB
2 secure-bonus.com
www.secure-bonus.com
1 KB
2 kidssportsnet.com
www.kidssportsnet.com
499 B
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 4354
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
255 B
1 jackpot-partners.com
record.jackpot-partners.com
530 B
1 banner-secure.com
www.banner-secure.com
343 B
28 10
Domain Requested by
20 winportcasino.net winportcasino.net
2 region1.analytics.google.com www.googletagmanager.com
2 www.googletagmanager.com winportcasino.net
www.googletagmanager.com
2 www.secure-bonus.com 2 redirects
2 www.kidssportsnet.com 2 redirects
1 script.hotjar.com static.hotjar.com
1 www.google.co.uk winportcasino.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 record.jackpot-partners.com 1 redirects
1 www.banner-secure.com 1 redirects
28 11

This site contains links to these domains. Also see Links.

Domain
winportcasino.com
Subject Issuer Validity Valid
winportcasino.net
WE1		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.co.uk
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Frame ID: 6B12D0776E8F8000115905CC03708F1A
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Chip Signup Bonus | Winport Casino

Page URL History Show full URLs

  1. http://www.kidssportsnet.com//wrestling//wwfan619//?1048297959 HTTP 307
    https://www.kidssportsnet.com//wrestling//wwfan619//?1048297959 HTTP 302
    http://www.kidssportsnet.com/ HTTP 307
    https://www.kidssportsnet.com/ HTTP 301
    http://www.banner-secure.com/kidssportsnet HTTP 307
    https://www.banner-secure.com/kidssportsnet HTTP 302
    http://www.secure-bonus.com/en/club-casino HTTP 307
    https://www.secure-bonus.com/en/club-casino HTTP 307
    https://record.jackpot-partners.com/_Fq3Nsj-Qps4dIqIeVhNpQ2Nd7ZgqdRLk/1/ HTTP 307
    http://www.secure-bonus.com/en/club-casino HTTP 307
    https://www.secure-bonus.com/en/club-casino HTTP 307
    https://record.jackpot-partners.com/_Fq3Nsj-Qps4dIqIeVhNpQ2Nd7ZgqdRLk/1/ HTTP 301
    https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

7
IPs

5
Countries

1862 kB
Transfer

2433 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.kidssportsnet.com//wrestling//wwfan619//?1048297959 HTTP 307
    https://www.kidssportsnet.com//wrestling//wwfan619//?1048297959 HTTP 302
    http://www.kidssportsnet.com/ HTTP 307
    https://www.kidssportsnet.com/ HTTP 301
    http://www.banner-secure.com/kidssportsnet HTTP 307
    https://www.banner-secure.com/kidssportsnet HTTP 302
    http://www.secure-bonus.com/en/club-casino HTTP 307
    https://www.secure-bonus.com/en/club-casino HTTP 307
    https://record.jackpot-partners.com/_Fq3Nsj-Qps4dIqIeVhNpQ2Nd7ZgqdRLk/1/ HTTP 307
    http://www.secure-bonus.com/en/club-casino HTTP 307
    https://www.secure-bonus.com/en/club-casino HTTP 307
    https://record.jackpot-partners.com/_Fq3Nsj-Qps4dIqIeVhNpQ2Nd7ZgqdRLk/1/ HTTP 301
    https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request read30
winportcasino.net/l/
Redirect Chain
  • http://www.kidssportsnet.com//wrestling//wwfan619//?1048297959
  • https://www.kidssportsnet.com//wrestling//wwfan619//?1048297959
  • http://www.kidssportsnet.com/
  • https://www.kidssportsnet.com/
  • http://www.banner-secure.com/kidssportsnet
  • https://www.banner-secure.com/kidssportsnet
  • http://www.secure-bonus.com/en/club-casino
  • https://www.secure-bonus.com/en/club-casino
  • https://record.jackpot-partners.com/_Fq3Nsj-Qps4dIqIeVhNpQ2Nd7ZgqdRLk/1/
  • http://www.secure-bonus.com/en/club-casino
  • https://www.secure-bonus.com/en/club-casino
  • https://record.jackpot-partners.com/_Fq3Nsj-Qps4dIqIeVhNpQ2Nd7ZgqdRLk/1/
  • https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
c99db7775187f124fa7a344b67b120466abd36b8600672d92749fbf8165e3320

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8aba04cef9b1772b-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jul 2024 02:04:37 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=72mc3w3YRbMGsa%2BtjDGjaDG58oHo4fXjr3WNkXVpJDGk8HxG92t2addohXBa%2FTG1A55f0ZAQVH45kK6ORlfRduvBOUdiixYjWrdND1BMYSbHyJuNajqxTMI3CkI3PI2IFbEmbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.30

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
8aba04ce3fb776f0-LHR
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 02:04:37 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
new-style.css
winportcasino.net/l/landings/default/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a328f354b21626952151eba2e21185a2f9855113df668da1691adf7253454b5

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2345631
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Tue, 23 May 2023 13:04:10 GMT
server
cloudflare
etag
W/"646cb9ca-2b88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FVWsuvq40cOG9ZW5pC3xv%2B%2FOsgkOd3ehoFC7bYT10WdIk1%2BAASddFW4LuF%2F5%2FRFjEok%2FCDadoQ3kFh%2BVK4BgwS%2FyFHzA2c4fdbEWQW1GzpC89S5DNXPUA9SKIcyFZOSXqTNBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d11ae1772b-LHR
expires
Fri, 02 Aug 2024 22:30:46 GMT
logo.png
winportcasino.net/l/landings/default/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/logo.png
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3867831fd436b724462c43790477c40a948d04c147190ef733e25564e4b79ae6

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1140539
alt-svc
h3=":443"; ma=86400
content-length
4197
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
"6426f119-1065"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ho%2FlNzD9L2BbROfLnrkzD6ZjgbzljdLQwAf9RhZWszbXZ7eKPqR7TpiLORZhff4LjRzm6Aw2pvqpw4lBmJHz4TeIbGMGXeWvUelAsPKwEYvfSrP08d52TBFRtUVRXpqmp8CS4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8aba04d11ae3772b-LHR
expires
Fri, 16 Aug 2024 21:15:38 GMT
1.svg
winportcasino.net/l/landings/default/img/brands/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/brands/1.svg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8916c58029a481960a14ead0011cc3bbb7cab9d92f38b051652d67a004bba7

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212517
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-5b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Y04lu0vmyc0ZIcbT3ht1qrPxSIOnhXTqYBIXxUjCXwDv4VdgVLlPYKKwdFPvGCrrtNB4HcBzMA031feNN%2BcV3MKaO3jsi9CX6rX%2B081mAMM0d9MXVjq4RIIsCTklC318TZAXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d11ae4772b-LHR
expires
Tue, 27 Aug 2024 15:02:40 GMT
2.svg
winportcasino.net/l/landings/default/img/brands/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/brands/2.svg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ca6ae07cc9ad77291e8091d8e0a3ab473afc3988cedbdb192f2638ada8fa6e2

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1156554
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7nw5ad5Bt2WkROAPdYhDuNcXH92%2BaxBZgBoE0LJ5a5LIDfigY4GPXqbTYBSLwUbbTKeSn8gQcVGWVFQ2NUBKOcgaalN%2FB1y04EATge%2FmLhwfhjbm3%2FFwNL3w3J6Wn1JUhYJBNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d15af7772b-LHR
expires
Fri, 16 Aug 2024 16:48:43 GMT
3.svg
winportcasino.net/l/landings/default/img/brands/ 		34 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/brands/3.svg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae013595339d086789b6f41b9911abda08c1cd35a5858e7604ac666a896b1707

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1156554
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-88e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCiB0d6movqvIhl%2FdsKecjqYFkfmDgt5NzWjigyh3TFjsuyUpoUh4EnVxVZYXXdkzln2ph16CHnBxIOr6rxmir7lcnQnbefOe4UWYqHgUjZ68Wlumgi5Q7WsTZ7xSKsU5O3HWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d15af9772b-LHR
expires
Fri, 16 Aug 2024 16:48:43 GMT
4.svg
winportcasino.net/l/landings/default/img/brands/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/brands/4.svg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd1b153d3a5250dad68c5a1ee3641168031beb67e637b3b4be60e8f269e4521e

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1652767
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-999"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1j7FlgFu3siwQffn%2BNfqaxMrhBtlZp48RbRvYjeHPOKGbVTZYAv0nnKtmuh%2B12LEhzDofoYzWe3xRSqyMp5sAuYPURJbTPlHs3uY53OYvQ6gNSwiGBgHATtQem723UbxY2pKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d16b01772b-LHR
expires
Sat, 10 Aug 2024 22:58:30 GMT
5.svg
winportcasino.net/l/landings/default/img/brands/ 		1 KB
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/brands/5.svg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63bbdb0bdade31d0186c56492b16e062957bd71101d85c403e8186985f3ee2fc

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1156554
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-402"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8s0jk7vIWGHYkMH6%2Ff74zrL6z0Ff6HLo7Xsd8Y5CsHIZMsAo9B0WtPaq9dQnkOUuqHojb1nwTFmTVoZtVr5pvVYsCny05k%2BVz0G9SzFQOrMjVk6nfRojQwaUCvycBPZoap9YoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d16b04772b-LHR
expires
Fri, 16 Aug 2024 16:48:43 GMT
6.svg
winportcasino.net/l/landings/default/img/brands/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/brands/6.svg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934f3d2e28fafc628ab5cf2f18b02d201678eb95907a8c86ad913ac5dac461ba

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1340966
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-61f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aEaQjrTQQzxvN2yb07wAj%2FFJO0iLy213TAjJQkHOhu48xNPWOuSFWEpjb8Zu0t8PWWYjOljlQ%2B7VofoPGHcqDsF2ZFydOs3p8JkYAf29hiXvf3dhSEUTnto%2BfIwa9iSuOCfp6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d16b05772b-LHR
expires
Wed, 14 Aug 2024 13:35:11 GMT
7.svg
winportcasino.net/l/landings/default/img/brands/ 		710 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/brands/7.svg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1cb1eaf71ce0bf33d01098dd850cc5d8c5675f4f10efee85b56b5b4ec09f8d

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1652767
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-2c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpAbkrkDG4gcHioOamXSk7bcNFl1FUxn232KzWhFpiAjYUB%2FHBRY0TnTDWcYrEFco7TLYvqTFpEcnxAzM6an9havwNn5uDxmd4ZQ%2F4OTJjro6qqBTl%2FOIKXfTEXNJji6Ywdojw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d16b06772b-LHR
expires
Sat, 10 Aug 2024 22:58:30 GMT
8.svg
winportcasino.net/l/landings/default/img/brands/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/default/img/brands/8.svg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0a159eeab6de83e5a96cd15abf037bb669d1c27eda89705bd3d46fca970855

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2299264
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-933"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Y3bDMDDIYvw2ipuIU0zEE3%2FySq9Jz0wt97r1SHGeIYto%2FbbdlmvcO%2F1FKSzaLR1Nbjh4AulWsoDTZCvjhhLFRkc8vFEg%2BfPZpr%2BNd3OZgFz5PvaKMPF%2FWDJu35TvUfdPPA2%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d16b08772b-LHR
expires
Sat, 03 Aug 2024 11:23:33 GMT
jquery.min.js
winportcasino.net/l/landings/default/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/js/jquery.min.js
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
816298
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUeyLOw%2FvSIqwx6JteqMXU%2BoGf65vvd6%2Bg3J3vGfpFaHEfjdfGIOKHb0EuTP2J1DHon8alCaAs4xAS%2FHChL1%2BI0cCaud1t2l%2BaxX%2BOWPIYSO7DqOdEEKrYuMNG17hKkIvQTCZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d15afc772b-LHR
expires
Tue, 20 Aug 2024 15:19:39 GMT
clipboard.js
winportcasino.net/l/landings/default/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/js/clipboard.js?v=0.0.1
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a51d4347651e461970b7d853751b1c3cc48f7c1d5933bfd2a5f8a85689424c7

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2299264
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
W/"6426f119-234b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gR%2FG3qVPt7c%2FsrMcv6CSB3%2FgzxP1XZ2QecFA%2F%2BPk3M5wh2J1rjywB3DbG6Ac2rN27FhbvNS9knojh695%2FaqgpOqS5gn1SOZqbZgoCqfQlzOH9Lid036GICqs%2ByVMYAD0MeaaWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d16afe772b-LHR
expires
Sat, 03 Aug 2024 11:23:33 GMT
script.js
winportcasino.net/l/landings/default/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/js/script.js?v=0.0.0212131
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2cdaf7a579f5e650eb2dfd6a1b33e01de8a2c2ee339e63beac5e78c5f5428e9

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
630133
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Mon, 03 Apr 2023 08:37:27 GMT
server
cloudflare
etag
W/"642a9047-939"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2FEPlU7oVUpMEOONQ4KADkHe5w97Q9pgdo0o1gDpcfXgiOl6JMAOwaGiJBcIDQ0qzFf%2FWRgrkAZr7TSFKE3xPTygkzlCKim6czIjr78%2B5dcX9VRMi3M0Ph%2Fu7z59CV9BMl5eOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8aba04d16b00772b-LHR
expires
Thu, 22 Aug 2024 19:02:23 GMT
gtm.js
www.googletagmanager.com/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNJHTBT
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
366eb7271848eb39daf3415936eb0d345da287de9e9d1fcdb7ec45fdc4326253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winportcasino.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71177
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 01:11:33 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 02:04:38 GMT
portal2.jpg
winportcasino.net/l/landings/new/img/ 		900 KB
901 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winportcasino.net/l/landings/new/img/portal2.jpg
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c260896c1922199de0561e142d25ce2aacba9a83c267d314781ef00da6697e5

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:38 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
922010
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
"6426f119-e119a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jmKR4RPdbW4AqDFx0FY0ZQwlZwRz98VNl4JsAahuQ94HTk%2BxO%2Bh1EcC2HAfClpWqzyg5VCtu47mSWdoQUrQ%2Fwtzwms4s2%2FR6GOENrL%2BuEZdVoJRLT3pIv0ScgwH4XsP%2FqmWnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8aba04d16b09772b-LHR
expires
Fri, 30 Aug 2024 02:04:38 GMT
Montserrat-ExtraBold.ttf
winportcasino.net/l/landings/default/fonts/Montserrat/ 		194 KB
195 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/fonts/Montserrat/Montserrat-ExtraBold.ttf
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6cf20280482a31815226d2425264628e4f772e2947a76f234b0a14021f4b3b6

Request headers

Referer
https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Origin
https://winportcasino.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
708024
alt-svc
h3=":443"; ma=86400
content-length
198688
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
"6426f119-30820"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QP3hX%2B4PPqK5m%2FdjYbf%2FKQVW9DKw3bDoUy8m5ErXQCU77re%2BuWcHfEjS7oX251pVOxHs3rpPMcPuS5X0%2Bl%2BnzXwIdyrg%2FqU2l96VGHW%2Bxn6qnMGST%2Bt9K%2BQV0jlCmLu5CmwUqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8aba04d16b0b772b-LHR
expires
Wed, 21 Aug 2024 21:24:13 GMT
Nunito-SemiBold.ttf
winportcasino.net/l/landings/default/fonts/Nunito/ 		129 KB
129 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/fonts/Nunito/Nunito-SemiBold.ttf
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236056cba3f59f926a17061decae647a7f447215fab9b07d44d8be86edb2096e

Request headers

Referer
https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Origin
https://winportcasino.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2345630
alt-svc
h3=":443"; ma=86400
content-length
131704
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
"6426f119-20278"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7JO%2B6T%2BEsdx78bvxnojo45h%2BJARj8psht4XY251SAfWw5CxDeCgDIJixxbamolhr9DsopSdGy8uPQzcKwoTH8sk19eu0LE%2Fu7j1M9LT%2FjXzMxveYntDDa4Y5%2BXmWcnhHfDE%2FvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8aba04d16b0c772b-LHR
expires
Fri, 02 Aug 2024 22:30:47 GMT
Nunito-Bold.ttf
winportcasino.net/l/landings/default/fonts/Nunito/ 		129 KB
129 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/fonts/Nunito/Nunito-Bold.ttf
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a020f830b071964daa62d88283f85ebe53d29b4bd4882bd45f2af07f02ccfe

Request headers

Referer
https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Origin
https://winportcasino.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2299264
alt-svc
h3=":443"; ma=86400
content-length
131672
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
"6426f119-20258"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRQBOfqVmaHEeOQYyGi%2Bxjr9SlydqryRpAYgNbm3ay29uZQ%2Fo9xaSDo0W5Nv%2F7tFK6ujOuLVDQDkTIyVVIUx7Fp8sF132DMUcbm7CwCYajanhEv6UzaDCwflvzCrxQdtELSRRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8aba04d16b0d772b-LHR
expires
Sat, 03 Aug 2024 11:23:33 GMT
Montserrat-Bold.ttf
winportcasino.net/l/landings/default/fonts/Montserrat/ 		194 KB
195 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/fonts/Montserrat/Montserrat-Bold.ttf
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ccf938fb9495bf2f2a8b1eb1df2c1ebedfa0741a10141888eca7130abb3efc1

Request headers

Referer
https://winportcasino.net/l/landings/default/css/new-style.css?v=0.0.10
Origin
https://winportcasino.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
608577
alt-svc
h3=":443"; ma=86400
content-length
198612
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
"6426f119-307d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5uhvTKC3%2B2MP45Df9Z3T9Kz1UmCY7Ery%2F%2BJwgiEQOP94fxdIAd7e8LXZXRGa09hagAmzGhAv%2BSih7eUznkY9PUoRw63aEqDhT7l1csFxHJjSi5vwTpTjLH5zrDQwP%2Fzr%2BvnJEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8aba04d16b0f772b-LHR
expires
Fri, 23 Aug 2024 01:01:40 GMT
js
www.googletagmanager.com/gtag/ 		291 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4LF289X40P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNJHTBT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f5116d363f363f30eceb22e8aa05c086e63d5ed2cc2ac5f290d5613af2b866a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winportcasino.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100673
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 02:04:38 GMT
hotjar-3209193.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3209193.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNJHTBT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-32.muc50.r.cloudfront.net
Software
/
Resource Hash
970795273e036e663da97fcdb3b39c971a73088d8944cb55bb1664269cf1b2ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://winportcasino.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/39e9bdcec5b26a600f82863922fb6151
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
PyLrWN3MAL5ausYhSif7XCpVHCzx0a_vXmDNH28W0_hD2w_YYhCyVg==
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4LF289X40P&gtm=45je47t0v890942940z8890938775za200zb890938775&_p=1722391477972&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1670806997.1722391478&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722391478&sct=1&seg=0&dl=https%3A%2F%2Fwinportcasino.net%2Fl%2Fread30%3Fcode%3DREADY30%26bonus%3D30%26mytoken%3DmgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk%26affid%3D57&dt=Free%20Chip%20Signup%20Bonus%20%7C%20Winport%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4186
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4LF289X40P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://winportcasino.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 02:04:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winportcasino.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4LF289X40P&cid=1670806997.1722391478&gtm=45je47t0v890942940z8890938775za200zb890938775&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4LF289X40P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winportcasino.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 02:04:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winportcasino.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4LF289X40P&cid=1670806997.1722391478&gtm=45je47t0v890942940z8890938775za200zb890938775&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=1544154422
Requested by
Host: winportcasino.net
URL: https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winportcasino.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 02:04:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3209193.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-64.muc50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://winportcasino.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 2a656139082dc5343337bc64ea362630.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
42092
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
s0H_idz_suyxCj_wZhqjkiwlLEhd3CHlTedyGdIS6yfQx4U574i00A==
WP_fav_32_2.png
winportcasino.net/l/landings/default/img/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://winportcasino.net/l/landings/default/img/WP_fav_32_2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5ec632383a8a1187a710483d1a52849fb03e4de0fb7d6bb4bbcac419df532d

Request headers

Referer
https://winportcasino.net/l/read30?code=READY30&bonus=30&mytoken=mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk&affid=57
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 02:04:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
959895
alt-svc
h3=":443"; ma=86400
content-length
3368
pragma
public
last-modified
Fri, 31 Mar 2023 14:41:29 GMT
server
cloudflare
etag
"6426f119-d28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dnDfcxyp0xZKpbxCQo%2FMhAXHqs994eKYWmSKO17932sFqQ9XWYOmfMZMgmf0ojG6LCBKEDlleDykuQTCBEoVRXhkihbKgfKD402StQ%2Bvlf95aunNbeICuZKgPTLAtSgzM9ukQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8aba04d6ceba772b-LHR
expires
Sun, 18 Aug 2024 23:26:23 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4LF289X40P&gtm=45je47t0v890942940za200zb890938775&_p=1722391477972&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1670806997.1722391478&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722391478&sct=1&seg=0&dl=https%3A%2F%2Fwinportcasino.net%2Fl%2Fread30%3Fcode%3DREADY30%26bonus%3D30%26mytoken%3DmgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk%26affid%3D57&dt=Free%20Chip%20Signup%20Bonus%20%7C%20Winport%20Casino&en=scroll&epn.percent_scrolled=90&_et=7&tfd=9195
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4LF289X40P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://winportcasino.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 02:04:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winportcasino.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| $ function| jQuery function| ClipboardJS object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

10 Cookies

Domain/Path Name / Value
www.secure-bonus.com/ Name: prli_click_446
Value: club-casino
www.secure-bonus.com/ Name: prli_visitor
Value: 66a99bb50c668
record.jackpot-partners.com/ Name: VID1
Value: Jy4jNFYtIyxTLGBgYApgCg%3D%3D
.jackpot-partners.com/ Name: ZBan
Value: mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk
.winportcasino.net/ Name: wp_token
Value: mgkJJVTfSN8vGHonTvzuiWNd7ZgqdRLk
.winportcasino.net/ Name: wp_id
Value: 57
.winportcasino.net/ Name: _ga
Value: GA1.1.1670806997.1722391478
.winportcasino.net/ Name: _ga_4LF289X40P
Value: GS1.1.1722391478.1.0.1722391478.60.0.0
.winportcasino.net/ Name: _hjSessionUser_3209193
Value: eyJpZCI6IjVjODc0ODZjLWM0OTMtNTFkYS1hNDc5LWM5ZWI0YzFkYzc1NiIsImNyZWF0ZWQiOjE3MjIzOTE0Nzg3ODAsImV4aXN0aW5nIjpmYWxzZX0=
.winportcasino.net/ Name: _hjSession_3209193
Value: eyJpZCI6IjlkOTNlODdlLTRiMzItNGU3OS04ZTM5LWFmOWQ3MjMzM2E3NCIsImMiOjE3MjIzOTE0Nzg3ODEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

record.jackpot-partners.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
winportcasino.net
www.banner-secure.com
www.google.co.uk
www.googletagmanager.com
www.kidssportsnet.com
www.secure-bonus.com
104.18.192.136
172.217.18.99
172.67.197.5
18.66.192.32
2001:4860:4802:34::36
23.229.227.38
2606:4700:3032::ac43:8d6a
2a00:1450:4001:830::2008
2a00:1450:400c:c1f::9c
5.77.63.90
54.230.228.64
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ccf938fb9495bf2f2a8b1eb1df2c1ebedfa0741a10141888eca7130abb3efc1
236056cba3f59f926a17061decae647a7f447215fab9b07d44d8be86edb2096e
366eb7271848eb39daf3415936eb0d345da287de9e9d1fcdb7ec45fdc4326253
3867831fd436b724462c43790477c40a948d04c147190ef733e25564e4b79ae6
3a328f354b21626952151eba2e21185a2f9855113df668da1691adf7253454b5
3ca6ae07cc9ad77291e8091d8e0a3ab473afc3988cedbdb192f2638ada8fa6e2
4a0a159eeab6de83e5a96cd15abf037bb669d1c27eda89705bd3d46fca970855
4b5ec632383a8a1187a710483d1a52849fb03e4de0fb7d6bb4bbcac419df532d
5c260896c1922199de0561e142d25ce2aacba9a83c267d314781ef00da6697e5
63bbdb0bdade31d0186c56492b16e062957bd71101d85c403e8186985f3ee2fc
6a51d4347651e461970b7d853751b1c3cc48f7c1d5933bfd2a5f8a85689424c7
6f5116d363f363f30eceb22e8aa05c086e63d5ed2cc2ac5f290d5613af2b866a
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
81a020f830b071964daa62d88283f85ebe53d29b4bd4882bd45f2af07f02ccfe
934f3d2e28fafc628ab5cf2f18b02d201678eb95907a8c86ad913ac5dac461ba
970795273e036e663da97fcdb3b39c971a73088d8944cb55bb1664269cf1b2ae
a2cdaf7a579f5e650eb2dfd6a1b33e01de8a2c2ee339e63beac5e78c5f5428e9
ae013595339d086789b6f41b9911abda08c1cd35a5858e7604ac666a896b1707
bf8916c58029a481960a14ead0011cc3bbb7cab9d92f38b051652d67a004bba7
c99db7775187f124fa7a344b67b120466abd36b8600672d92749fbf8165e3320
dd1cb1eaf71ce0bf33d01098dd850cc5d8c5675f4f10efee85b56b5b4ec09f8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cf20280482a31815226d2425264628e4f772e2947a76f234b0a14021f4b3b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd1b153d3a5250dad68c5a1ee3641168031beb67e637b3b4be60e8f269e4521e