1win-xxp-win.xyz Open in urlscan Pro
2606:4700:3037::ac43:c239 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1win-xxp-win.xyz/
Submission: On April 14 via api (April 14th 2024, 2:15:34 am UTC) from BE — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::ac43:c239, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-xxp-win.xyz.
TLS certificate: Issued by E1 on April 11th 2024. Valid for: 3 months.

This is the only time 1win-xxp-win.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3037::ac43:c239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	172.67.194.57 172.67.194.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
25	3

8 2606:4700:3037::ac43:c239 (United States)

ASN13335 (CLOUDFLARENET, US)

1win-xxp-win.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.194.57 (United States)

ASN13335 (CLOUDFLARENET, US)

1win-xxp-win.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	1win-xxp-win.xyz 1win-xxp-win.xyz	542 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9597	4 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4409	74 KB
25	3

	Domain	Requested by
19	1win-xxp-win.xyz	1win-xxp-win.xyz
7	mc.yandex.com	3 redirects 1win-xxp-win.xyz mc.yandex.ru
3	mc.yandex.ru	1 redirects 1win-xxp-win.xyz
25	3

This site contains no links.

Subject Issuer	Validity	Valid
1win-xxp-win.xyz E1	`2024-04-11` - `2024-07-10`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://1win-xxp-win.xyz/
Frame ID: 44985E3477D36E5F5061E4BF169A4226
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win официальный сайт | 1вин букмекер

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

25
Requests

92 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

618 kB
Transfer

842 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10338.Nf5Xd6-aiGRQFHHr1vR3vidW_NO55SqCy7ALEnWKuI_sE4quShrVfPEP4F_-Frnx._XqBLbOyxXrqT3Cof21pexcFGPg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10338.ImzoF6uCwJ4HjDchG_0tR8AH3-EgXrmEPALyCSCnwKd3GQkoYnZOESmj3ym1yZya1seQhS85skRQCbDtskzrL07OubYnmpfN1TC_9hlvqZAqNUxQTWJuqVsiz70cz8EoGgf8wOZybW_bx2LNApWs1nWA23eydHYdNaDCojwEJ5oztfFFAk1M6iddSpMf8ko1Pbd-cPSx_Vgq5JXYzLVqEwvJFpdl_6R7fQZONILG9hk%2C.Xkv7PoDsexdlrP5Fdbc2eKZXHbU%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10338.0reUadKbiWfRBUqDgwLmUbr51DK68Oy5eHFeJDRtLFpj3LQSFfn4eakpHrgn03cMIcULQTGFecOPqJcG3CNYNAifoR1S2TvhIrwSquscKC1zlLNmSAw6ueYpWcMBAEeEVAwKz1Ehtd8sWHo8bMoGEI4tuyg70V3os7vZpCjq_xbik7csAaCkWdCgFb6fVTov4nk_l36aAMlynFvVXC6tFg%2C%2C.9WO87lnjF4CKtIc5FZIBuQmI6vk%2C

Request Chain 19

https://mc.yandex.com/watch/93745725?wmode=7&page-url=https%3A%2F%2F1win-xxp-win.xyz%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A1550982828584%3Ahid%3A358647402%3Az%3A120%3Ai%3A20240414041530%3Aet%3A1713060931%3Ac%3A1%3Arn%3A915947444%3Arqn%3A1%3Au%3A1713060931128650594%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A266%3Awv%3A2%3Ads%3A0%2C34%2C138%2C2%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C289%3Aco%3A0%3Acpf%3A1%3Ans%3A1713060930126%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713060931%3At%3A1win%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%201%D0%B2%D0%B8%D0%BD%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037572)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/93745725/1?wmode=7&page-url=https%3A%2F%2F1win-xxp-win.xyz%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A1550982828584%3Ahid%3A358647402%3Az%3A120%3Ai%3A20240414041530%3Aet%3A1713060931%3Ac%3A1%3Arn%3A915947444%3Arqn%3A1%3Au%3A1713060931128650594%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A266%3Awv%3A2%3Ads%3A0%2C34%2C138%2C2%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C289%3Aco%3A0%3Acpf%3A1%3Ans%3A1713060930126%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713060931%3At%3A1win%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%201%D0%B2%D0%B8%D0%BD%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
1win-xxp-win.xyz/ 75 KB
18 KB 186ms
139ms Document
text/html 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.16
Resource Hash: b7039f041a391bc59074592797e0cc594d111c21641c1e59bd983432e9997f11

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8740303daa5d029c-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Apr 2024 02:15:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l688s6XD108bzK2bw2pw64Gr15EqGM5Ixqp9ugYF8WUVudrqWn2RvoHe7xkSAuTQgpo9eV0hM%2BSPlOVWUSAf%2FWMOizS%2BtCL3LNHjBBRAkhVGQwkDf6GI%2BiqSH%2BK7w0Xmd6E%2Fm%2Bge9XEVbLR6bz5H"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.2.16

GET
H2 200 hnns4.css
1win-xxp-win.xyz/wp-content/cache/wpfc-minified/lnuf0n3m/ 22 KB
6 KB 24ms
23ms Stylesheet
text/css 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/wp-content/cache/wpfc-minified/lnuf0n3m/hnns4.css
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc65569f32c49052080f89a7bdc128143ccb866868e301a47d7cc1fe130b7da2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:29:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6705
etag: W/"6619a7ce-598c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVeWeqdRDfGroMtMNjYczpTGpr4xNhp84SS%2Fla2i%2BMgqGr3jHDdwv0ci68Sp3tEXekvvfAOE%2BO6FGI6%2FOC1JmtAkFrzQTz9%2F8mILfaBNHEj7k4Nrcr5DdpH1tK0vX7H3C0MjJTIVv6hzGgOd5qH0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8740303e8ab7029c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 hnns4.css
1win-xxp-win.xyz/wp-content/cache/wpfc-minified/1cdcueql/ 7 KB
2 KB 25ms
24ms Stylesheet
text/css 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/wp-content/cache/wpfc-minified/1cdcueql/hnns4.css
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f442a41d68b3c8382f440de4065524af42c26ae4c0fcc3aaa32710a2bab25fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:29:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6705
etag: W/"6619a7ce-1d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l09L7PhQ6c12pO2xqrKa0DZ6bz8aidXZlGqfC%2ButikZOsg32xXYzzFqP0GsUpLAd89weEybNqjn3E%2B9EzfIha5lpgQJQgAIpQLbWPIqhXzZKDtP9iRMpAdpU%2BotB8q3Vrf3FxUjrgvJQ%2Fyb8O9KU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8740303e8ab9029c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 hnns4.css
1win-xxp-win.xyz/wp-content/cache/wpfc-minified/fh0brv2f/ 2 KB
951 B 37ms
37ms Stylesheet
text/css 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/wp-content/cache/wpfc-minified/fh0brv2f/hnns4.css
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec1ee7e9793a54ac6af4ba194c81dabcd3e4b9d716e799c0a827aec94741289

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:29:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6705
etag: W/"6619a7ce-723"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4o6nq3IDNnufBHXhidsRS8N%2Fh8YYuOdNXuwJH9PghErxwGratAuqR5T61XrVQY30lCfGapZPMPIizLTPPAoeA2iKthJyqBnUYNgdNtCEfUQ2eHgHgpHyBIWVY8eUdBTSd3yY399dS22zIHSAUo%2Fm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8740303e8abb029c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logotype.svg
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 3 KB
1 KB 27ms
27ms Image
image/svg+xml 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/logotype.svg
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1358ea8a42f4d116184f185d8d6a1b5fc14638a1c6a00f57373b006781fd3fd1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6706
etag: W/"6619a78b-b75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2Fp2ueOZfDefeXqpYZOwLJjnElVeR91JxFqTPU3nMJpAjMNXnEqDhp9qblpUH8UEsxtT2zrQAUqMv1DVMeNg81dcHOfDCr2PUvU8SlHCuitFoki%2BGqGW9A6EG%2B1p6chc%2FY5QncAbDSuJ9Fi%2F3Q4S"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8740303e8abc029c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 official-1024x433.webp
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 52 KB
52 KB 26ms
25ms Image
image/webp 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/official-1024x433.webp
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728c0f9886ca896852c344d4c0839345007c430c0edcf1fd171236ec457cb028

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6706
etag: "6619a78b-cf34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWRhf%2FZGpi0bUXbDVKYjKPZUDIRH194tMBfhOSD1o4apVjCGz%2BH6cpZ12AqnArVbjZ411VKnhZpK8QKph7J5cG7LrjUJIH5AinK8BjlN8hiPTax9GkPVMArBNV5KYoojhHVw08MI%2BSkwTNbjML70"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303e8abd029c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 53044

GET
H2 200 bets.webp
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 29 KB
29 KB 23ms
23ms Image
image/webp 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/bets.webp
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c85a420a2aee97e9f28fab85f4b9f6f2573790a8427405bc87887c416c271f22

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6706
etag: "6619a78b-745c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPCLblGvzvXt160lRv9Fp57REAf%2BtNLVRQervnMhiZ6gWh95T51Ji2vEUqDxiNeW1qAHKhgU%2Bgh%2B1yX%2BbcZfxhETSoiSUUWyImAxwfUXOSlgWLdzKX7phJRcVZV0z%2FtY8xiGQYi3mf8E0eU9lo9C"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303ebacd029c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 29788

GET
H2 200 4.png.webp
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 26 KB
26 KB 21ms
21ms Image
image/webp 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/4.png.webp
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef73c18f2a64bab5e5096b9aeb857ec4824fc617590a37d70b57498698067d5c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6706
etag: "6619a78b-67da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5scO2DrRD%2BBdcyMzq9BqsLmKlg7g8iFmaeDaLeVQebrFsHNm4A7t8CH4M1xWkF6o4FOCnfjTs1W3MqWNGfZ0XF4ZDCMH3CjG4CJgsh5%2FEqVDoOuOwIAQOS1LAifA2QbOwtov5%2BBD8NLsICUXAfI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303ebace029c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 26586

GET
H3 200 official-website-1024x462.webp
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 57 KB
57 KB 22ms
21ms Image
image/webp 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/official-website-1024x462.webp
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4eb15ae1fa1fb8449adc6838ffe08acc584301226aaeb8ce4a8926f6132889f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6706
etag: "6619a78b-e3cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zW%2FklV8TJZJyLiMRLb%2B9VymDszFA%2B%2BXGgkaY%2FOCdNjuPXGBH7k8T%2BpUZVTkrIJgloAd96DWCtas3%2BC1Whth5KENKJaBPLsRYhNlBdSIKyPruuP5UOSSp%2F9GTP4N%2FmpT2%2BaG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303ecdf002cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 58316

GET
H3 200 1win-slots-1024x487.jpg
1win-xxp-win.xyz/wp-content/uploads/2023/09/ 160 KB
161 KB 53ms
52ms Image
image/jpeg 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/09/1win-slots-1024x487.jpg
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a85f4ad7bd7f2ef0262ae98cebbc9634c483165719473ec8aa57a400ee81a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6706
etag: "6619a78b-280ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THawAOp3H%2FVOUpWuTTF0%2BNKH2p5X1gAzoLX35PGt6GI2twzk13LfnSyTjTfcBdz8PDO6W7sKFe5Y%2Frf9hBZGeLUUmaAliER2vN7vgKRyR%2BDbbCh4c72M61Fhyw9uyU1UHU04"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303ecdf602cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 164046

GET
H3 200 medium_image_e057a8905c.webp
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 12 KB
13 KB 80ms
79ms Image
image/webp 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/medium_image_e057a8905c.webp
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f574c15704828d885d961261f5a5e714cf9388f735c534a8317a934d895a5e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6705
etag: "6619a78b-3094"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPqPwl%2BxeEvVV8lv5AQV95NC5l5FiaknmGa1Mt9a1QtoboeOU2ZZHqEy0IzDGJrrrvphVQi%2BrH%2Fe%2F9wueWlg7KTJWSTr0tZDOOdWIr4g2WRU8WF%2FIysSR8jpvm7iaafpyFaK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303ecdf702cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 12436

GET
H3 200 support.webp
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 43 KB
43 KB 80ms
79ms Image
image/webp 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/support.webp
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6faa20d4e0315a6be6ddebf9c95d5bcd2ee775f958ad863cc133881cba3f7652

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6705
etag: "6619a78b-abac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDld1xImB3NqUXGF9uqgtINvoZff2S0H49bbI3%2BzCK%2BrFWvGpFeXfERMz0%2F0MCSMEYLZ2IJSEOSsR0F1%2FdlXOr1jsaHzgCsog2F6UuauysJJepA5e9DVcv4CiFEfiiTPWNzr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303ecdf802cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43948

GET
H3 200 zerkalo-1024x319.webp
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 37 KB
37 KB 93ms
92ms Image
image/webp 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/zerkalo-1024x319.webp
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8ae3236477358806c97eb0ebe533659a338072a1361e9e5d7b41fb542efc899

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6705
etag: "6619a78b-9320"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCiwoECGwXHsCjGl5CIdF%2B267WhGX1tOUugDt38J6A13n9CVyrzWmA%2FrVn%2BfZ61syg0I7vdEswDjMWbS1C7UcahwPHy8qWSQ7lMzvJh2xddLb78Kn6fNPACMLKEzjTCqr044"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303ecdf902cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 37664

GET
H3 200 offside.min.js Show response
1win-xxp-win.xyz/wp-content/plugins/gp-premium/menu-plus/functions/js/ 7 KB
3 KB 51ms
50ms Script
application/javascript 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.3.0
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6704
etag: W/"6619a78a-1a8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CCzgLWuQLpLR4gqjFN5gtDPZCvpNA3jcZ2NduPxvSBGjiCf2Rn7sYIORM6O9WhFtxljlDXzltjuflA4TOwMGRD3O31OiT99njQ0IhuxEL43162tSJPU%2FVKg%2Bh4dLIWzKJXGZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8740303ecdf102cf-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 smooth-scroll.min.js Show response
1win-xxp-win.xyz/wp-content/plugins/gp-premium/general/js/ 7 KB
3 KB 52ms
51ms Script
application/javascript 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.3.0
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be764d640a7efa0022ca94a330ec3c7f38f462016f79f400d06da583be69a31e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6704
etag: W/"6619a78a-1ae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wMSPKf5dzqyk1pYEkhVDojXeNxKOuO6no2LRmqcpSLIKy86RlCUoKJiRc%2B2Gp%2Fh3vtWV%2BXWhFm75V8wRXGC7PP5mIS2SU0iMstql58arqwg%2BcbZP3sVaKFgCmsTHm8%2F7uA%2B0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8740303ecdf302cf-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 menu.min.js Show response
1win-xxp-win.xyz/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 53ms
51ms Script
application/javascript 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6703
etag: W/"6619a78b-1b3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fuwdWRO2wIi8PT2MKqviCC85vvuyZ2Wvvk2LS8ibKzdNxT0kAKjFTSB6qQoNHElp0iwkM4F30xR17a7IfpeevanWjE%2Ff6CngmX7WiwwHRrOWtwwVEkyHGcTvihqCxiC4RZh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8740303ecdf402cf-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 210 KB
73 KB 221ms
106ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-1213b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74043
expires: Sun, 14 Apr 2024 03:15:30 GMT

GET
H3 200 bet.png
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 65 KB
66 KB 77ms
77ms Image
image/png 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/bet.png
Requested by: Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62cc5dca40305e3f28c084d4059ac634a83db016a055435c9191aa9d20c5ff12

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6705
etag: "6619a78b-10471"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnfrHgg%2FASxulKvD6dRzdwsDCDb9KrMsvoIJNUDqIv6oafXPfJRmNxjhOAFD%2FvNnojRQI5Gmr9bfvWnDTZr34%2Bd3AxXklPNk1H2oqL1LWyQVSm1ACnlc%2FwzbLAVH1R0SJrmH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740303eee0102cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 66673

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10338.Nf5Xd6-aiGRQFHHr1vR3vidW_NO55SqCy7ALEnWKuI_sE4quShrVfPEP4F_-Frnx._XqBLbOyxXrqT3Cof21pexcFGPg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10338.ImzoF6uCwJ4HjDchG_0tR8AH3-EgXrmEPALyCSCnwKd3GQkoYnZOESmj3ym1yZya1seQhS85skRQCbDtskzrL07OubYnmpfN1TC_9hlvqZAqNUxQTWJuqVsiz70cz8EoGgf8wOZybW...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10338.0reUadKbiWfRBUqDgwLmUbr51DK68Oy5eHFeJDRtLFpj3LQSFfn4eakpHrgn03cMIcULQTGFecOPqJcG3CNYNAifoR1S2TvhIrwSquscKC1zl...

43 B
611 B

58ms
58ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10338.0reUadKbiWfRBUqDgwLmUbr51DK68Oy5eHFeJDRtLFpj3LQSFfn4eakpHrgn03cMIcULQTGFecOPqJcG3CNYNAifoR1S2TvhIrwSquscKC1zlLNmSAw6ueYpWcMBAEeEVAwKz1Ehtd8sWHo8bMoGEI4tuyg70V3os7vZpCjq_xbik7csAaCkWdCgFb6fVTov4nk_l36aAMlynFvVXC6tFg%2C%2C.9WO87lnjF4CKtIc5FZIBuQmI6vk%2C

Requested by

Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1win-xxp-win.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10338.0reUadKbiWfRBUqDgwLmUbr51DK68Oy5eHFeJDRtLFpj3LQSFfn4eakpHrgn03cMIcULQTGFecOPqJcG3CNYNAifoR1S2TvhIrwSquscKC1zlLNmSAw6ueYpWcMBAEeEVAwKz1Ehtd8sWHo8bMoGEI4tuyg70V3os7vZpCjq_xbik7csAaCkWdCgFb6fVTov4nk_l36aAMlynFvVXC6tFg%2C%2C.9WO87lnjF4CKtIc5FZIBuQmI6vk%2C
date: Sun, 14 Apr 2024 02:15:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
573 B 78ms
78ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 1win-xxp-win.xyz
URL: https://1win-xxp-win.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 14 Apr 2024 03:15:30 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/93745725/
Redirect Chain

https://mc.yandex.com/watch/93745725?wmode=7&page-url=https%3A%2F%2F1win-xxp-win.xyz%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromi...
https://mc.yandex.com/watch/93745725/1?wmode=7&page-url=https%3A%2F%2F1win-xxp-win.xyz%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chro...

447 B
614 B

61ms
61ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/93745725/1?wmode=7&page-url=https%3A%2F%2F1win-xxp-win.xyz%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A1550982828584%3Ahid%3A358647402%3Az%3A120%3Ai%3A20240414041530%3Aet%3A1713060931%3Ac%3A1%3Arn%3A915947444%3Arqn%3A1%3Au%3A1713060931128650594%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A266%3Awv%3A2%3Ads%3A0%2C34%2C138%2C2%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C289%3Aco%3A0%3Acpf%3A1%3Ans%3A1713060930126%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713060931%3At%3A1win%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%201%D0%B2%D0%B8%D0%BD%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1352b72eb95cd1735a60da4de13b7067fdde79fea4b6c22d856708566d65c234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1win-xxp-win.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Apr 2024 02:15:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 14-Apr-2024 02:15:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1win-xxp-win.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Sun, 14-Apr-2024 02:15:31 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Apr 2024 02:15:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 14-Apr-2024 02:15:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/93745725/1?wmode=7&page-url=https%3A%2F%2F1win-xxp-win.xyz%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A1550982828584%3Ahid%3A358647402%3Az%3A120%3Ai%3A20240414041530%3Aet%3A1713060931%3Ac%3A1%3Arn%3A915947444%3Arqn%3A1%3Au%3A1713060931128650594%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A266%3Awv%3A2%3Ads%3A0%2C34%2C138%2C2%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C289%3Aco%3A0%3Acpf%3A1%3Ans%3A1713060930126%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713060931%3At%3A1win%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%201%D0%B2%D0%B8%D0%BD%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://1win-xxp-win.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 14-Apr-2024 02:15:30 GMT

GET
H3 200 1win-icon-filled-150x150.png
1win-xxp-win.xyz/wp-content/uploads/2023/05/ 19 KB
19 KB 23ms
23ms Other
image/png 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/wp-content/uploads/2023/05/1win-icon-filled-150x150.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12e3c959280d9f355cc4adf781a5a66b33889e5c0b8d5ba01abc5d6b7f2e93c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6704
etag: "6619a78b-4a8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pw9AUWeeHqSbN58PdMDprtOY%2BsyMndgne9CNGvDED1rU5JjMI2G9sXqaq6zeF3fwREJz7qvfmgUHcsDWlJ9koJ%2F7eLenl4vmMg1P5pMbK2BiT0nhc8zvW99FPGl8jOqYie1G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8740304269f602cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 19082

GET
H3 200 favicon-32x32.png
1win-xxp-win.xyz/icons/ 2 KB
3 KB 22ms
22ms Other
image/png 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-xxp-win.xyz/icons/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 581cdd49d0f7318e0d9d8ca8838007751bc82a0dddeef084208d5a512f4ae365

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:15:30 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Apr 2024 21:22:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6705
etag: "6619a609-945"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OILLiVZlIvcfBmyR1YGqQGyifQMu7F4QBGhXHliUTyJYkjjhyHSi3QJGOUG6QdcA%2Fj7D37%2F9yHxx1E3ORgWu22pKA5V81pTkuR8TFzQ96PXeTA2KeLYmyYViSbwu0w5%2Brqtw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874030429a0502cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2373

POST
H2 200 93745725
mc.yandex.com/webvisor/ 43 B
0 217ms
163ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/93745725?wv-part=1&wv-type=7&wmode=0&wv-hit=358647402&page-url=https%3A%2F%2F1win-xxp-win.xyz%2F&rn=494471209&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1713060933%3Aw%3A1600x1200%3Av%3A1310%3Az%3A120%3Ai%3A20240414041533%3Au%3A1713060931128650594%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Ast%3A1713060933&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Apr 2024 02:15:33 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 14-Apr-2024 02:15:33 GMT
content-type: image/gif
access-control-allow-origin: https://1win-xxp-win.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 14-Apr-2024 02:15:33 GMT

POST
H2 200 93745725
mc.yandex.com/webvisor/ 43 B
0 58ms
58ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/93745725?wv-part=1&wv-type=7&wmode=0&wv-hit=358647402&page-url=https%3A%2F%2F1win-xxp-win.xyz%2F&rn=565126555&browser-info=we%3A1%3Aet%3A1713060934%3Aw%3A1600x1200%3Av%3A1310%3Az%3A120%3Ai%3A20240414041533%3Au%3A1713060931128650594%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Ast%3A1713060934&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://1win-xxp-win.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Apr 2024 02:15:33 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 14-Apr-2024 02:15:33 GMT
content-type: image/gif
access-control-allow-origin: https://1win-xxp-win.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 14-Apr-2024 02:15:33 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-21 04:36:36	Name: yashr Value: 5712667621713060930
mc.yandex.ru/	1970-01-21 04:36:36	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.1win-xxp-win.xyz/	1970-01-21 04:36:36	Name: _ym_uid Value: 1713060931128650594
.1win-xxp-win.xyz/	1970-01-21 04:36:36	Name: _ym_d Value: 1713060931
.mc.yandex.com/	1970-01-20 19:51:01	Name: sync_cookie_csrf Value: 2619197267fake
mc.yandex.com/	1970-01-21 04:36:36	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.yandex.com/	1970-01-21 05:27:00	Name: i Value: L8lfHjO/0dLq+5m1KIUaxtoJvNyWVthBjKILAPnCcIv7IEagayII+7QVjwIhIUQhnrWIPvX69+XhDYPeF2i6dXt6/TE=
.yandex.com/	1970-01-21 04:36:36	Name: yandexuid Value: 8698440241713060930
.yandex.com/	1970-01-21 04:36:36	Name: yashr Value: 8599719811713060930
.1win-xxp-win.xyz/	1970-01-20 19:52:12	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 19:51:01	Name: sync_cookie_csrf Value: 1893720236fake
.mc.yandex.com/	1970-01-20 19:52:27	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 05:27:00	Name: yandexuid Value: 8698440241713060930
.yandex.ru/	1970-01-21 05:27:00	Name: yuidss Value: 8698440241713060930
.yandex.ru/	1970-01-21 05:27:00	Name: i Value: L8lfHjO/0dLq+5m1KIUaxtoJvNyWVthBjKILAPnCcIv7IEagayII+7QVjwIhIUQhnrWIPvX69+XhDYPeF2i6dXt6/TE=
.yandex.ru/	1970-01-21 05:27:00	Name: yp Value: 1713147330.yu.2408659351713060930
.yandex.ru/	1970-01-21 04:36:36	Name: ymex Value: 1715652930.oyu.2408659351713060930
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 190195581713060930
.yandex.com/	1970-01-21 04:36:36	Name: yuidss Value: 8698440241713060930
.yandex.com/	1970-01-21 04:36:36	Name: ymex Value: 1744596930.yrts.1713060930
.yandex.com/	1970-01-21 04:36:36	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 04:36:36	Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTIzIiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTIzIhoFIng4NiIiECIxMjMuMC42MzEyLjEyMiIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIkdvb2dsZSBDaHJvbWUiO3Y9IjEyMy4wLjYzMTIuMTIyIiwiTm90OkEtQnJhbmQiO3Y9IjguMC4wLjAiLCJDaHJvbWl1bSI7dj0iMTIzLjAuNjMxMi4xMjIiIg==
.1win-xxp-win.xyz/	1970-01-20 19:51:02	Name: _ym_visorc Value: w

72 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1win-xxp-win.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-xxp-win.xyz
mc.yandex.com
mc.yandex.ru
172.67.194.57
2606:4700:3037::ac43:c239
2a02:6b8::1:119
1352b72eb95cd1735a60da4de13b7067fdde79fea4b6c22d856708566d65c234
1358ea8a42f4d116184f185d8d6a1b5fc14638a1c6a00f57373b006781fd3fd1
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1ec1ee7e9793a54ac6af4ba194c81dabcd3e4b9d716e799c0a827aec94741289
50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1
581cdd49d0f7318e0d9d8ca8838007751bc82a0dddeef084208d5a512f4ae365
62cc5dca40305e3f28c084d4059ac634a83db016a055435c9191aa9d20c5ff12
6f574c15704828d885d961261f5a5e714cf9388f735c534a8317a934d895a5e2
6faa20d4e0315a6be6ddebf9c95d5bcd2ee775f958ad863cc133881cba3f7652
728c0f9886ca896852c344d4c0839345007c430c0edcf1fd171236ec457cb028
770a85f4ad7bd7f2ef0262ae98cebbc9634c483165719473ec8aa57a400ee81a
8f442a41d68b3c8382f440de4065524af42c26ae4c0fcc3aaa32710a2bab25fb
a8ae3236477358806c97eb0ebe533659a338072a1361e9e5d7b41fb542efc899
b12e3c959280d9f355cc4adf781a5a66b33889e5c0b8d5ba01abc5d6b7f2e93c
b7039f041a391bc59074592797e0cc594d111c21641c1e59bd983432e9997f11
be764d640a7efa0022ca94a330ec3c7f38f462016f79f400d06da583be69a31e
c85a420a2aee97e9f28fab85f4b9f6f2573790a8427405bc87887c416c271f22
dc65569f32c49052080f89a7bdc128143ccb866868e301a47d7cc1fe130b7da2
ef73c18f2a64bab5e5096b9aeb857ec4824fc617590a37d70b57498698067d5c
f4eb15ae1fa1fb8449adc6838ffe08acc584301226aaeb8ce4a8926f6132889f

1win-xxp-win.xyz Open in urlscan Pro 2606:4700:3037::ac43:c239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

92 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

618 kBTransfer

842 kBSize

23 Cookies

0 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

23 Cookies

72 Console Messages

Indicators

1win-xxp-win.xyz Open in urlscan Pro
2606:4700:3037::ac43:c239 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

92 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

618 kB
Transfer

842 kB
Size

23
Cookies

25 HTTP transactions
0 data transactions