urlscan.io logo urlscan.io
SecurityTrails logo

1win-2025-stg.xyz Open in urlscan Pro
2606:4700:3035::ac43:bb40  Public Scan

Go To Rescan Add Verdict Report
URL: https://1win-2025-stg.xyz/
Submission: On December 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3035::ac43:bb40, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-2025-stg.xyz.
TLS certificate: Issued by WE1 on December 27th 2024. Valid for: 3 months.
This is the only time 1win-2025-stg.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 9 2a02:6b8::1:119 13238 (YANDEX YA...)
2 2607:f8b0:400... 15169 (GOOGLE)
23 4
Apex Domain
Subdomains		 Transfer
15 1win-2025-stg.xyz
1win-2025-stg.xyz
514 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
4 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
77 KB
2 gstatic.com
fonts.gstatic.com
66 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
23 5
Domain Requested by
15 1win-2025-stg.xyz 1win-2025-stg.xyz
6 mc.yandex.com 3 redirects 1win-2025-stg.xyz
mc.yandex.ru
3 mc.yandex.ru 1 redirects 1win-2025-stg.xyz
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com 1win-2025-stg.xyz
23 5

This site contains no links.

Subject Issuer Validity Valid
1win-2025-stg.xyz
WE1		 2024-12-27 -
2025-03-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1win-2025-stg.xyz/
Frame ID: 776693E153B22419845D5DCD0020E00A
Requests: 22 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 9969C51F722C0E657D1E5CB550FEDE31
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1Win — лицензионное казино с топовыми играми

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

23
Requests

91 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

659 kB
Transfer

864 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10607.4p_HxXo2OvBXuX5s3g-IdkCjsxhFCxICHSfE5r6tIQRSs3VAah7OBUeN1g3xsp3m.1anC7GlnwiGH5WhJ5yW6FOjKBnI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10607.jxQGiHY1FwjWzWlvxYZNcoYYFfIrIzEYXwpWDKCNwfdPKhZtNxPgqdbMdkVVx1Rtaa3MBESXWStZW2YXCAsShAwY9xXoDA5dQfr9Day-XsraFbEIVpqeSBZ5h49F7-dXtruqbo63oA_AeENfKUGL14WiR9-s6eS0xGxabnJMBLO2jVFYr0NG1EOQIcRCGrBxTqqBB2wqlyPUmNivgBorBGZdB5UF29VmydvZnpV7GkQ%2C.eOA1yJkRrI_eiVgCTHkkTUZyP0c%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10607.Bn_nuGHpUC2pDRNCt44eoEW5qoS3FjnF7gYCyrqUyF7zSmLbATOnR2E-iBv3DzZDEFqrNpzhl_HAzsIt8sl4bnOu9xvGdXE-smFcVJnkT-gqXXSQNh2Cft5KsTOx6ZmIPmfP-JcgPuP1rgkpNaObmbLpEr_X9d9elD5asCohMyYEGiULnM-5t4jsVqqqCU-qfg12ZsT34lqtUOf9jtqqog%2C%2C.lFwpXNlETnagJiCguVkDvQc6u9M%2C
Request Chain 20
  • https://mc.yandex.com/watch/98436527?wmode=7&page-url=https%3A%2F%2F1win-2025-stg.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1282364568876%3Ahid%3A710408294%3Az%3A-600%3Ai%3A20241226215254%3Aet%3A1735285975%3Ac%3A1%3Arn%3A93567618%3Arqn%3A1%3Au%3A1735285975795180239%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1329%3Awv%3A2%3Ads%3A0%2C69%2C203%2C20%2C6%2C0%2C%2C269%2C0%2C%2C%2C%2C572%3Aco%3A0%3Acpf%3A1%3Ans%3A1735285972915%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735285975%3At%3A1Win%20%E2%80%94%20%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%BE%D0%BF%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8%20%D0%B8%D0%B3%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
  • https://mc.yandex.com/watch/98436527/1?wmode=7&page-url=https%3A%2F%2F1win-2025-stg.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1282364568876%3Ahid%3A710408294%3Az%3A-600%3Ai%3A20241226215254%3Aet%3A1735285975%3Ac%3A1%3Arn%3A93567618%3Arqn%3A1%3Au%3A1735285975795180239%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1329%3Awv%3A2%3Ads%3A0%2C69%2C203%2C20%2C6%2C0%2C%2C269%2C0%2C%2C%2C%2C572%3Aco%3A0%3Acpf%3A1%3Ans%3A1735285972915%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735285975%3At%3A1Win%20%E2%80%94%20%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%BE%D0%BF%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8%20%D0%B8%D0%B3%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1win-2025-stg.xyz/ 		49 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c1b9ed54125e7e11ddbda42eb3166d6c0e66a540d9b242a34ed96cdb5fd0803

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f87bbd34b5d18ee-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 27 Dec 2024 07:52:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AcZ6y3jsqpKnjTOWlcB0O%2FavbJcYSyfkptSj%2BuDgaxRaTbyywvTVIn9PWFvCr3TagZ5%2BltYW5CIuGd%2FDfslaY%2FwKh43B4tGtckfNH3TkuNQWqdpv8brqsle9rhCs4FplE3EAIY2gLIN6bZZ0CDU%2Feg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=20658&min_rtt=20130&rtt_var=3623&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4174&recv_bytes=4429&delivery_rate=605&cwnd=12000&unsent_bytes=0&cid=183aeb13d34d2e69&ts=209&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
main.min.css
1win-2025-stg.xyz/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-2025-stg.xyz/css/main.min.css?ver=3.4.0
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"676e2305-4c6c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U6kWgsDGUUh6mJ3rZjan4wIlvVBKATElAUYHEnDoUSFkBJ5jM4Fnmd3zRHuWtafGSTWC6sE7BBWlRIbzMm3hoO1L%2BGBQj9GAuwtUoV9ojBOebGo%2Fyc9js7dDPFEm5HI45af3r%2FJt8mdFXwKxNBMbrA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21226&min_rtt=20130&rtt_var=800&sent=29&recv=23&lost=0&retrans=0&sent_bytes=20188&recv_bytes=6424&delivery_rate=451792&cwnd=18000&unsent_bytes=0&cid=183aeb13d34d2e69&ts=459&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
text/css
last-modified
Fri, 27 Dec 2024 03:46:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd4ec2718ee-EWR
server
cloudflare
style.css
1win-2025-stg.xyz/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-2025-stg.xyz/css/style.css?ver=1724108803
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb9b5c3ffb9255280f758cbc324b5392728603e3bcf1a6206bcd8de5555fab6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"676e2305-569"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=npRv9nJAonb8x%2FoWsL1Iz3%2BE3obAKo%2BMFxemhg4T5kerHlVe%2B80dO0yxTJ1Kl2ZqBLhlPii8I04q36jwaz0gTfPNJp3NPu%2FI%2BTyoFGeYjQAjMHfJw7%2Fs6sLal71RwqV3Sy0ET0z%2B5ew%2BUIjAe99SvA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21226&min_rtt=20130&rtt_var=800&sent=34&recv=23&lost=0&retrans=0&sent_bytes=25709&recv_bytes=6424&delivery_rate=451792&cwnd=18000&unsent_bytes=0&cid=183aeb13d34d2e69&ts=460&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
text/css
last-modified
Fri, 27 Dec 2024 03:46:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd4ec2918ee-EWR
server
cloudflare
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900;display=auto;ver=3.4.0
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77db3a814b522288645e5c994fd7f538e4899223d77583c7a155f79d39f1ffc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 07:52:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 27 Dec 2024 07:52:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style-george.css
1win-2025-stg.xyz/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-2025-stg.xyz/css/style-george.css
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cbaed2e14a6b492f3e406aa72c93aa3de1738d0024d48ec6f7336cc3e6b067

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"676e2305-de5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1n%2BCXDaZfSwWAaIajQbImpsR4v%2F9tpAmkRrxS3KIPJxWnBAJfVHsxc2fVidQTbwT41689gniSaN%2Fs2QDNTR%2BqjMU262naqxMnU%2F6P11VBZCCbszN2ufoepYpdaRa6ADZp%2FRROnXLyTLmFXWpFmN30Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21226&min_rtt=20130&rtt_var=800&sent=36&recv=23&lost=0&retrans=0&sent_bytes=27144&recv_bytes=6424&delivery_rate=451792&cwnd=18000&unsent_bytes=0&cid=183aeb13d34d2e69&ts=461&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
text/css
last-modified
Fri, 27 Dec 2024 03:46:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd4ec2c18ee-EWR
server
cloudflare
1.webp
1win-2025-stg.xyz/images/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/1.webp
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4dffd553e64900c324bd541f61bc6d795b7d079e65b8347dbdb375d04d6e950

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

cf-cache-status
MISS
etag
"676e2305-1a422"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4COKKX4ZyctH4Vam1E9qSNqbWN%2FTG3PyGZMTE3SU5yCsqoSG%2Fd%2Fx4I7X%2BONcFMuTRh7zcXcxaT5zEP6rJkUoQ0%2FtFXqynUAoM%2FvLit2HZoSkmM2FbTSS%2FrH8hA0Lv8EbPqMw3iodKgYB9xSAzwhkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21921&min_rtt=20130&rtt_var=974&sent=57&recv=35&lost=0&retrans=0&sent_bytes=48117&recv_bytes=9377&delivery_rate=34435&cwnd=18000&unsent_bytes=0&cid=183aeb13d34d2e69&ts=624&x=1", cfExtPri, cfHdrFlush;dur=14
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/webp
last-modified
Fri, 27 Dec 2024 03:46:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd4ec2d18ee-EWR
accept-ranges
bytes
content-length
107554
server
cloudflare
2.webp
1win-2025-stg.xyz/images/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/2.webp
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c770d99c88bbd1186fb820c24315e4da58bbd85d7549a81de153235caac406a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

cf-cache-status
MISS
etag
"676e2305-16146"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jr5s5jOg9qCg8v5gsFS5bD0yErsboBolg8653NMvtCcwcjr%2BxfP8QcPXFTxRPQyDsJMr%2B0QdTPkQjsHmAb%2BGrd7LPZXYoRBVPqjPjPb%2BBn4SmjX89YqhkJtVt7wnGqPg3oCauSoHygc6yE7mpOEQaA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21921&min_rtt=20130&rtt_var=974&sent=42&recv=35&lost=0&retrans=0&sent_bytes=30117&recv_bytes=9377&delivery_rate=34435&cwnd=18000&unsent_bytes=0&cid=183aeb13d34d2e69&ts=615&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/webp
last-modified
Fri, 27 Dec 2024 03:46:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd4ec2e18ee-EWR
accept-ranges
bytes
content-length
90438
server
cloudflare
3.webp
1win-2025-stg.xyz/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/3.webp
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc7fd53a5fda8ccb4a91db1e919beceba767cb5c62ad82361d52bcdeaf76f82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

cf-cache-status
MISS
etag
"676e2305-11e58"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MzZAM2bCw4j6w7u%2FU1SWDBHGMqAnTmMxCNXst1WpsPpu3%2BKZ426i3%2BsyYVkEmzGLedQZ3dDUL%2BUdVxKMjcGuvERx5f3KMCivrShCwB%2FSrfcQ8QEkRWarY6i80THjiL2woDh7DBUXcqM84nJUteg0iA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24192&min_rtt=19996&rtt_var=710&sent=380&recv=90&lost=0&retrans=0&sent_bytes=420824&recv_bytes=11821&delivery_rate=1242999&cwnd=99300&unsent_bytes=0&cid=183aeb13d34d2e69&ts=837&x=1", cfExtPri, cfHdrFlush;dur=7
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/webp
last-modified
Fri, 27 Dec 2024 03:46:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd62ccc18ee-EWR
accept-ranges
bytes
content-length
73304
server
cloudflare
7.webp
1win-2025-stg.xyz/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/7.webp
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a04bf7439775787584cb8d4279b26e1dfb202f81f703196f3f7fca37f2fc5cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

cf-cache-status
MISS
etag
"676e2306-6ea6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8h%2BAO1rcA3LmaYT4%2BakXuO0i%2FIlbb03tiu7HQwg6gv%2Fd0Dg6fkHEMExUZI407OfgEyjvOyc9%2FHpHKfxR%2BA9hFutGOUlZ4bBHUs91OSoQWhuoI7vnDKAAnxNBRIBSP1N8GOEb8XZbp0WmEF8S3SH5ug%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24387&min_rtt=19996&rtt_var=2795&sent=233&recv=83&lost=0&retrans=0&sent_bytes=246372&recv_bytes=11504&delivery_rate=2709762&cwnd=99300&unsent_bytes=0&cid=183aeb13d34d2e69&ts=742&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/webp
last-modified
Fri, 27 Dec 2024 03:46:14 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd62ccd18ee-EWR
accept-ranges
bytes
content-length
28326
server
cloudflare
5.webp
1win-2025-stg.xyz/images/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/5.webp
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
753221c62da6534873a1b8103be8a3ad8d0db7f6f371b14e955dde5d8dbbb556

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

cf-cache-status
MISS
etag
"676e2306-11b24"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=feX87MwCNFAhSWaqy6JH6lry8kObrNnhvGJoaKIJXBeDYeXu%2BuF%2B%2FoWZxIs7UwEbM8ffOc%2FcFmF5VedWF8PJBmvL4Dqn6yQ0LewDRxLnvt0Ko0LD44DDGOjhGnNf5wp0dH9GxGU0QEw5AN0Q6fpr4w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24192&min_rtt=19996&rtt_var=710&sent=296&recv=90&lost=0&retrans=0&sent_bytes=321524&recv_bytes=11821&delivery_rate=1242999&cwnd=99300&unsent_bytes=0&cid=183aeb13d34d2e69&ts=817&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/webp
last-modified
Fri, 27 Dec 2024 03:46:14 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd62cce18ee-EWR
accept-ranges
bytes
content-length
72484
server
cloudflare
6.webp
1win-2025-stg.xyz/images/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/6.webp
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52df9a75c19d3268a10dc91e78cc13df882391b81bd33908a08b8058192b73f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

cf-cache-status
MISS
etag
"676e2306-ffc8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GE1i6ylt6xu75N864DGnbftDY7bjAKrJWFDo0AW7SdF0M6ulIo2kWzBBa6VOplGsPoCKhB7YX6MQCf99DEbB3wZKVFOVzM7ADV5ckC29B4AuRhFXWEQk6PmbtfjIt3QYDuE0F1s7ykoazrZssHNyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24192&min_rtt=19996&rtt_var=710&sent=359&recv=90&lost=0&retrans=0&sent_bytes=396362&recv_bytes=11821&delivery_rate=1242999&cwnd=99300&unsent_bytes=0&cid=183aeb13d34d2e69&ts=822&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/webp
last-modified
Fri, 27 Dec 2024 03:46:14 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd62cd018ee-EWR
accept-ranges
bytes
content-length
65480
server
cloudflare
4.webp
1win-2025-stg.xyz/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/4.webp
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8488499f1e63c17bb17a0989d127f87f9287e4d539393dba8e1ea783e3054118

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

cf-cache-status
MISS
etag
"676e2305-2b46"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNTYr5ZCt6Y3VyBetZr0oEqzUJ62VRd4EbMy7gXuVKrESRZZaA%2B8rDAazBsl1X6bpRBsInt4xZceH3RCmgSzrG60crfDHWh8gXrB1hwAzscXhrbPfjLvdPNKaYZuoBloJoqdt9%2F5tgKjkCtiU2crLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27247&min_rtt=20130&rtt_var=2129&sent=129&recv=55&lost=0&retrans=0&sent_bytes=129417&recv_bytes=10248&delivery_rate=277342&cwnd=52500&unsent_bytes=0&cid=183aeb13d34d2e69&ts=674&x=1", cfExtPri, cfHdrFlush;dur=7
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/webp
last-modified
Fri, 27 Dec 2024 03:46:13 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd62cd118ee-EWR
accept-ranges
bytes
content-length
11078
server
cloudflare
email-decode.min.js
1win-2025-stg.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-2025-stg.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675fc4cd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9a2SkX%2B6rdQa5PP5gXi%2FMcd1SlBrVm5mJIOqD7JFsYq43yqYGdyE%2BTzDGs4tWo13wLChx0uZYY0BoQpRWQVe90DbImsqQmWo1RRb%2Fx%2FWTNU1jDbjyUQzvGTzmss%2FTS8A4Ufbs5D0oniLqbVTNp95Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f87bbd62ccf18ee-EWR
expires
Sun, 29 Dec 2024 07:52:53 GMT
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 06:12:29 GMT
server
cloudflare
vary
Accept-Encoding
tag.js
mc.yandex.ru/metrika/ 		222 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"67655eba-12b7d"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Fri, 27 Dec 2024 08:52:54 GMT
access-control-allow-origin
*
content-length
76669
date
Fri, 27 Dec 2024 07:52:54 GMT
content-type
application/javascript
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
top1.png
1win-2025-stg.xyz/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/top1.png
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/css/style-george.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f052cd3777b23846b11b91107aad46cd0931ce1e84453f6fb0e93d3bb831b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/css/style-george.css

Response headers

cf-cache-status
MISS
etag
"676e2307-4f7d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEApmNjaKTB28nf3u1kC3enJYcthotkcsivLndo3EQvENZQTxhowGJoGA6YFTAM1uJApwmPgYLrkOKr%2BJQRehi46NqXglEaO9%2F0ZuL%2BhBjEtPez5%2BlfZ%2FiRTwPc88iEl32bmaHJGrybbOAu8xzNTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24451&min_rtt=19996&rtt_var=1476&sent=278&recv=86&lost=0&retrans=0&sent_bytes=300009&recv_bytes=11640&delivery_rate=1228676&cwnd=99300&unsent_bytes=0&cid=183aeb13d34d2e69&ts=779&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/png
last-modified
Fri, 27 Dec 2024 03:46:15 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd66cea18ee-EWR
accept-ranges
bytes
content-length
20349
server
cloudflare
football.webp
1win-2025-stg.xyz/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2025-stg.xyz/images/football.webp
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/css/style-george.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a1eaa2ca40432568835e18e468ec4965d830d24c98fc4840f1ca156330aa5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/css/style-george.css

Response headers

cf-cache-status
MISS
etag
"676e2306-58c2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0yH3t9dSLao%2BXpjQtbbrXZeZt3qbcahtx9i4eW0EmWroQ%2B65u8ZSWB%2B552kB1UfC%2FK9rZ8HmfrQHLKtZ9t9xxX5bpAM9dxDdzSSQMotChM6H1K%2B9FgbmflOIAyQLLxerOi7vFNyFloxAvMT0vXxz7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24336&min_rtt=19996&rtt_var=1661&sent=258&recv=85&lost=0&retrans=0&sent_bytes=276059&recv_bytes=11594&delivery_rate=993304&cwnd=99300&unsent_bytes=0&cid=183aeb13d34d2e69&ts=772&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:53 GMT
content-type
image/webp
last-modified
Fri, 27 Dec 2024 03:46:14 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbd66ced18ee-EWR
accept-ranges
bytes
content-length
22722
server
cloudflare
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v18/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900;display=auto;ver=3.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-2025-stg.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
42304
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Dec 2025 20:07:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 20:07:49 GMT
last-modified
Mon, 29 Jul 2024 22:47:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18740
x-xss-protection
0
server
sffe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900;display=auto;ver=3.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-2025-stg.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
290346
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 23 Dec 2025 23:13:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 23:13:47 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10607.4p_HxXo2OvBXuX5s3g-IdkCjsxhFCxICHSfE5r6tIQRSs3VAah7OBUeN1g3xsp3m.1anC7GlnwiGH5WhJ5yW6FOjKBnI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10607.jxQGiHY1FwjWzWlvxYZNcoYYFfIrIzEYXwpWDKCNwfdPKhZtNxPgqdbMdkVVx1Rtaa3MBESXWStZW2YXCAsShAwY9xXoDA5dQfr9Day-XsraFbEIVpqeSBZ5h49F7-dXtruqbo63oA...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10607.Bn_nuGHpUC2pDRNCt44eoEW5qoS3FjnF7gYCyrqUyF7zSmLbATOnR2E-iBv3DzZDEFqrNpzhl_HAzsIt8sl4bnOu9xvGdXE-smFcVJnkT-gqX...
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10607.Bn_nuGHpUC2pDRNCt44eoEW5qoS3FjnF7gYCyrqUyF7zSmLbATOnR2E-iBv3DzZDEFqrNpzhl_HAzsIt8sl4bnOu9xvGdXE-smFcVJnkT-gqXXSQNh2Cft5KsTOx6ZmIPmfP-JcgPuP1rgkpNaObmbLpEr_X9d9elD5asCohMyYEGiULnM-5t4jsVqqqCU-qfg12ZsT34lqtUOf9jtqqog%2C%2C.lFwpXNlETnagJiCguVkDvQc6u9M%2C
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Fri, 27 Dec 2024 07:52:55 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10607.Bn_nuGHpUC2pDRNCt44eoEW5qoS3FjnF7gYCyrqUyF7zSmLbATOnR2E-iBv3DzZDEFqrNpzhl_HAzsIt8sl4bnOu9xvGdXE-smFcVJnkT-gqXXSQNh2Cft5KsTOx6ZmIPmfP-JcgPuP1rgkpNaObmbLpEr_X9d9elD5asCohMyYEGiULnM-5t4jsVqqqCU-qfg12ZsT34lqtUOf9jtqqog%2C%2C.lFwpXNlETnagJiCguVkDvQc6u9M%2C
x-xss-protection
1; mode=block
date
Fri, 27 Dec 2024 07:52:54 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"67655eba-2b"
expires
Fri, 27 Dec 2024 08:52:54 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 07:52:54 GMT
content-type
image/gif
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 9969 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://1win-2025-stg.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
2080
content-type
text/html
date
Fri, 27 Dec 2024 07:52:55 GMT
etag
"67655eba-820"
expires
Fri, 27 Dec 2024 08:52:55 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/98436527/
Redirect Chain
  • https://mc.yandex.com/watch/98436527?wmode=7&page-url=https%3A%2F%2F1win-2025-stg.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/98436527/1?wmode=7&page-url=https%3A%2F%2F1win-2025-stg.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8...
603 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/98436527/1?wmode=7&page-url=https%3A%2F%2F1win-2025-stg.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1282364568876%3Ahid%3A710408294%3Az%3A-600%3Ai%3A20241226215254%3Aet%3A1735285975%3Ac%3A1%3Arn%3A93567618%3Arqn%3A1%3Au%3A1735285975795180239%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1329%3Awv%3A2%3Ads%3A0%2C69%2C203%2C20%2C6%2C0%2C%2C269%2C0%2C%2C%2C%2C572%3Aco%3A0%3Acpf%3A1%3Ans%3A1735285972915%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735285975%3At%3A1Win%20%E2%80%94%20%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%BE%D0%BF%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8%20%D0%B8%D0%B3%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
Requested by
Host: 1win-2025-stg.xyz
URL: https://1win-2025-stg.xyz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
70d95e14125929c7d8ed00a4e35f093c9dbfd4cfc1746cd24738bb868c491b88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 27-Dec-2024 07:52:55 GMT
access-control-allow-origin
https://1win-2025-stg.xyz
content-length
603
date
Fri, 27 Dec 2024 07:52:55 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
last-modified
Fri, 27-Dec-2024 07:52:55 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/98436527/1?wmode=7&page-url=https%3A%2F%2F1win-2025-stg.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1282364568876%3Ahid%3A710408294%3Az%3A-600%3Ai%3A20241226215254%3Aet%3A1735285975%3Ac%3A1%3Arn%3A93567618%3Arqn%3A1%3Au%3A1735285975795180239%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1329%3Awv%3A2%3Ads%3A0%2C69%2C203%2C20%2C6%2C0%2C%2C269%2C0%2C%2C%2C%2C572%3Aco%3A0%3Acpf%3A1%3Ans%3A1735285972915%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735285975%3At%3A1Win%20%E2%80%94%20%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%BE%D0%BF%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8%20%D0%B8%D0%B3%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Fri, 27-Dec-2024 07:52:55 GMT
access-control-allow-origin
https://1win-2025-stg.xyz
x-xss-protection
1; mode=block
date
Fri, 27 Dec 2024 07:52:55 GMT
last-modified
Fri, 27-Dec-2024 07:52:55 GMT
favicon-32x32.png
1win-2025-stg.xyz/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1win-2025-stg.xyz/img/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bb40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f341807358c4c268bd7b8888a220e0d2afad3e3e08daae36da60e047009f71e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-2025-stg.xyz/

Response headers

cf-cache-status
HIT
etag
"676e2307-6d6"
age
341
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMVMo4Q5gVeoGrmjc%2B6QY6Oq5nNnyyTt%2FwU3xyUPF1GTN%2BrdpOvoFEvr%2B3y8YPHtT5HswJemzLkOiyWjzwugbtG3uprrg3L8yo%2Bif6o3PJdynkUBsqX374O%2FtGw%2Fuaf9V3OWoIGWWZlHxu4G%2FlN1yg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32302&min_rtt=19996&rtt_var=5530&sent=483&recv=112&lost=0&retrans=0&sent_bytes=539823&recv_bytes=13175&delivery_rate=3286640&cwnd=136800&unsent_bytes=0&cid=183aeb13d34d2e69&ts=2943&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 07:52:55 GMT
content-type
image/png
last-modified
Fri, 27 Dec 2024 03:46:15 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f87bbe56b9518ee-EWR
accept-ranges
bytes
content-length
1750
server
cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ym object| Ya object| yaCounter98436527

20 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: yashr
Value: 7970622701735285974
.1win-2025-stg.xyz/ Name: _ym_uid
Value: 1735285975795180239
.1win-2025-stg.xyz/ Name: _ym_d
Value: 1735285975
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3011726919fake
.yandex.com/ Name: i
Value: w5HAZRe4X0uaBRKg6UWcJn/woDjm0ErY5IVVCMkKZ7kIZyjfHyD3MnqIQdXGXn64/N2JBaTV5SV2lo0EmD+Izv92PAA=
.yandex.com/ Name: yandexuid
Value: 1099285321735285974
.yandex.com/ Name: yashr
Value: 4707159371735285974
.1win-2025-stg.xyz/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3888004589fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 1099285321735285974
.yandex.ru/ Name: yuidss
Value: 1099285321735285974
.yandex.ru/ Name: i
Value: w5HAZRe4X0uaBRKg6UWcJn/woDjm0ErY5IVVCMkKZ7kIZyjfHyD3MnqIQdXGXn64/N2JBaTV5SV2lo0EmD+Izv92PAA=
.yandex.ru/ Name: yp
Value: 1735372375.yu.3660811401735285974
.yandex.ru/ Name: ymex
Value: 1737877975.oyu.3660811401735285974
mc.yandex.com/ Name: yabs-sid
Value: 2134886681735285975
.yandex.com/ Name: yuidss
Value: 1099285321735285974
.yandex.com/ Name: ymex
Value: 1766821975.yrts.1735285975
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDXubm7Bg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-2025-stg.xyz
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
2606:4700:3035::ac43:bb40
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::200a
2a02:6b8::1:119
04cbaed2e14a6b492f3e406aa72c93aa3de1738d0024d48ec6f7336cc3e6b067
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
52df9a75c19d3268a10dc91e78cc13df882391b81bd33908a08b8058192b73f7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
6a04bf7439775787584cb8d4279b26e1dfb202f81f703196f3f7fca37f2fc5cc
70d95e14125929c7d8ed00a4e35f093c9dbfd4cfc1746cd24738bb868c491b88
753221c62da6534873a1b8103be8a3ad8d0db7f6f371b14e955dde5d8dbbb556
77db3a814b522288645e5c994fd7f538e4899223d77583c7a155f79d39f1ffc1
7c1b9ed54125e7e11ddbda42eb3166d6c0e66a540d9b242a34ed96cdb5fd0803
8488499f1e63c17bb17a0989d127f87f9287e4d539393dba8e1ea783e3054118
91f052cd3777b23846b11b91107aad46cd0931ce1e84453f6fb0e93d3bb831b0
94a1eaa2ca40432568835e18e468ec4965d830d24c98fc4840f1ca156330aa5c
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
bfc7fd53a5fda8ccb4a91db1e919beceba767cb5c62ad82361d52bcdeaf76f82
c770d99c88bbd1186fb820c24315e4da58bbd85d7549a81de153235caac406a7
e4dffd553e64900c324bd541f61bc6d795b7d079e65b8347dbdb375d04d6e950
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f341807358c4c268bd7b8888a220e0d2afad3e3e08daae36da60e047009f71e5
fb9b5c3ffb9255280f758cbc324b5392728603e3bcf1a6206bcd8de5555fab6b