offers.wins.buzz Open in urlscan Pro
2606:4700:3035::6812:3123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml
Effective URL:
https://offers.wins.buzz/of/
Submission: On September 04 via api (September 4th 2020, 4:30:52 pm UTC) from US

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::6812:3123, located in United States and belongs to CLOUDFLARENET, US. The main domain is offers.wins.buzz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.

This is the only time offers.wins.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	129.24.168.102 129.24.168.102	3388 (UNM-AS) (UNM-AS)
15	2606:4700:303... 2606:4700:3035::6812:3123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.225.87.211 3.225.87.211	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
18	4

2 129.24.168.102 (Albuquerque, United States) 1 redirects

ASN3388 (UNM-AS, US)
PTR: srs.unm.edu

healthpolicy.unm.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3035::6812:3123 (United States)

ASN13335 (CLOUDFLARENET, US)

offers.wins.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.87.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-87-211.compute-1.amazonaws.com

www.verifysuper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	wins.buzz offers.wins.buzz	176 KB
2	unm.edu 1 redirects healthpolicy.unm.edu	2 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	verifysuper.com www.verifysuper.com	2 KB
18	4

	Domain	Requested by
15	offers.wins.buzz	healthpolicy.unm.edu offers.wins.buzz
2	healthpolicy.unm.edu	1 redirects
1	fonts.gstatic.com	offers.wins.buzz
1	www.verifysuper.com	offers.wins.buzz
18	4

This site contains links to these domains. Also see Links.

Domain
wins.buzz

Subject Issuer	Validity	Valid
unm.edu InCommon RSA Server CA	`2020-03-25` - `2021-03-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.verifysuper.com Let's Encrypt Authority X3	`2020-07-31` - `2020-10-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://offers.wins.buzz/of/
Frame ID: 1E3870CC2261CCC3E012238BF97319D8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml HTTP 302
https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml Page URL
https://offers.wins.buzz/of/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

201 kB
Transfer

722 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wins.buzz/
Title: Wins Buzz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml HTTP 302
https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml Page URL
https://offers.wins.buzz/of/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml HTTP 302
https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

onlyfans-hack-links-2020-mega-cloud-leak.xml
healthpolicy.unm.edu/sites/default/files/webform/
Redirect Chain

http://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml
https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml

4 KB
2 KB

696ms
147ms

Document
application/xml

129.24.168.102
UNM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

129.24.168.102 Albuquerque, United States, ASN3388 (UNM-AS, US),

Reverse DNS

srs.unm.edu

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: healthpolicy.unm.edu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 16:30:35 GMT
Server: Apache
X-Content-Type-Options: nosniff
Last-Modified: Fri, 04 Sep 2020 10:31:37 GMT
ETag: "509305d2-114d-5ae7a5fa3ac55-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 18 Sep 2020 16:30:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1910
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/xml

Redirect headers

Location: https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 Primary Request / Show response
offers.wins.buzz/of/ 5 KB
2 KB 175ms
134ms Document
text/html 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/
Requested by: Host: healthpolicy.unm.edu
URL: https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f618ccacdd9c0fedb119560df115834e3bf6dfdd832fe535f0d011695d6196c

Request headers

:method: GET
:authority: offers.wins.buzz
:scheme: https
:path: /of/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://healthpolicy.unm.edu/sites/default/files/webform/onlyfans-hack-links-2020-mega-cloud-leak.xml

Response headers

status: 200
date: Fri, 04 Sep 2020 16:30:35 GMT
content-type: text/html
set-cookie: __cfduid=d7cac32ae43d6cf5cdae5f406a7cfc3ad1599237035; expires=Sun, 04-Oct-20 16:30:35 GMT; path=/; domain=.wins.buzz; HttpOnly; SameSite=Lax; Secure
x-provided-by: StackCDN StackCDN
last-modified: Fri, 07 Aug 2020 06:51:52 GMT
vary: Accept-Encoding
x-backend-server: web74.hosting.stackcp.net
x-service-level: standard
x-cdn-cache-status: MISS
x-via: FRA1
cf-cache-status: DYNAMIC
cf-request-id: 04fb8daf2d000098083a072200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5cd91891ed339808-FRA
content-encoding: br

GET
H2 200 css.css
offers.wins.buzz/of/content/ 684 B
532 B 20ms
15ms Stylesheet
text/css 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/css.css
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f65e4690571d2522d1ec01f9bdd5e0bca7cf5cdd5aac8cc90d9f15e5a685095

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22774
cf-polished: origSize=792
x-via: FRA1
status: 200
x-cdn-cache-status: MISS
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db013000098083a079200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"318-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sat, 05 Sep 2020 10:11:02 GMT
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e609808-FRA
cf-bgj: minify

GET
H2 200 tag.js Show response
offers.wins.buzz/of/content/ 363 KB
101 KB 48ms
43ms Script
application/javascript 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/tag.js
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97af97539dc9688932072c02ff63adb3a369f5fad0d820ebff5b3f902737963c

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22774
cf-polished: origSize=372130
x-via: FRA1
status: 200
x-cdn-cache-status: MISS
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a082200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"5ada2-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sat, 05 Sep 2020 10:11:02 GMT
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e719808-FRA
cf-bgj: minify

GET
H2 200 jquery-3.5.1.min.js Show response
offers.wins.buzz/of/content/ 87 KB
30 KB 32ms
28ms Script
application/javascript 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/jquery-3.5.1.min.js
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 103
x-cdn-cache-status: MISS
x-via: FRA1
status: 200
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a07e200000001
x-service-level: standard
last-modified: Mon, 18 May 2020 20:53:26 GMT
server: cloudflare
etag: W/"15d84-5a5f25ab47d80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e699808-FRA
expires: Sat, 05 Sep 2020 16:28:53 GMT

GET
H2 200 bootstrap.js Show response
offers.wins.buzz/of/content/ 31 KB
8 KB 29ms
25ms Script
application/javascript 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/bootstrap.js
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d6192c69bdb759f9a8c30e24774f22fed0468880059f5210afe91e6f0b228f

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22774
x-cdn-cache-status: MISS
x-via: FRA1
status: 200
cf-bgj: minify
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a07f200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"7ba8-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e6b9808-FRA
expires: Sat, 05 Sep 2020 10:11:02 GMT

GET
H2 200 script.js Show response
offers.wins.buzz/of/content/ 4 KB
1 KB 26ms
22ms Script
application/javascript 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/script.js
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a388cd90b33a086499693f299782ca92a02acc3461cc92cccb1e4d9258b5c84b

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22774
cf-polished: origSize=5574
x-via: FRA1
status: 200
x-cdn-cache-status: MISS
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a080200000001
x-service-level: standard
last-modified: Mon, 18 May 2020 21:32:22 GMT
server: cloudflare
etag: W/"15c6-5a5f2e5f10580-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sat, 05 Sep 2020 10:11:02 GMT
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e6c9808-FRA
cf-bgj: minify

GET
H2 200 animate.css
offers.wins.buzz/of/content/ 57 KB
4 KB 24ms
21ms Stylesheet
text/css 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/animate.css
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22774
cf-polished: origSize=75052
x-via: FRA1
status: 200
x-cdn-cache-status: MISS
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a07a200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"1252c-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sat, 05 Sep 2020 10:11:02 GMT
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e629808-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
offers.wins.buzz/of/content/ 107 KB
16 KB 22ms
19ms Stylesheet
text/css 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/bootstrap.css
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f01a96d6d15439491a62481c06e62d51016d1f0194c4df0ec7d7d090135e8f

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22774
cf-polished: origSize=124787
x-via: FRA1
status: 200
x-cdn-cache-status: MISS
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a07b200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"1e773-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sat, 05 Sep 2020 10:11:02 GMT
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e659808-FRA
cf-bgj: minify

GET
H2 200 bootstrap-theme.css
offers.wins.buzz/of/content/ 18 KB
2 KB 23ms
20ms Stylesheet
text/css 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/bootstrap-theme.css
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5ce9047ba165c4e08d1c67df1ef157e21c7291c4675c0a48a6d38a4dcf48b7a

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22764
cf-polished: origSize=20127
x-via: FRA1
status: 200
x-cdn-cache-status: MISS
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a07c200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"4e9f-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sat, 05 Sep 2020 10:11:12 GMT
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e669808-FRA
cf-bgj: minify

GET
H2 200 sn.css
offers.wins.buzz/of/content/ 4 KB
1 KB 21ms
18ms Stylesheet
text/css 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/sn.css
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b79641930a28f39329cf0b6056ee9d0cd8f21ac1db16b8b63a466e0ec85c2ee

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22774
cf-polished: origSize=5559
x-via: FRA1
status: 200
x-cdn-cache-status: MISS
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a07d200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"15b7-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sat, 05 Sep 2020 10:11:02 GMT
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918935e679808-FRA
cf-bgj: minify

GET
H2 200 js15_as.js Show response
offers.wins.buzz/of/content/ 11 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/content/js15_as.js
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22772
x-cdn-cache-status: MISS
x-via: FRA1
status: 200
cf-bgj: minify
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db081000098083a088200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"2cb0-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd918940ee59808-FRA
expires: Sat, 05 Sep 2020 10:11:04 GMT

GET
H/1.1 200
OK load.php Show response
www.verifysuper.com/cl/ 3 KB
2 KB 371ms
139ms Script
application/javascript 3.225.87.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.verifysuper.com/cl/load.php?id=4cc72dee16f60fc9c44e39e8eb6ab879

Requested by

Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.225.87.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-87-211.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

c4b7f6f01be6b0873ee3c803da0ac25d76ebe340e42f2b0bd71adb71326b99e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 16:30:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.15.6
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 counter.php Show response
offers.wins.buzz/of/ 0
396 B 110ms
108ms Script
text/html 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.wins.buzz/of/counter.php
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offers.wins.buzz/of/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-cdn-cache-status: MISS
x-via: FRA1
status: 200
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db015000098083a081200000001
x-service-level: standard
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-provided-by: StackCDN
cf-ray: 5cd918935e6f9808-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sn.css
offers.wins.buzz/of/content/ 4 KB
4 KB 18ms
17ms Image
text/css 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offers.wins.buzz/of/content/sn.css
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/content/sn.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offers.wins.buzz/of/content/sn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 22774
cf-polished: origSize=5559
x-via: FRA1
status: 200
x-cdn-cache-status: MISS
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db190000098083a08d200000001
x-service-level: standard
last-modified: Wed, 13 May 2020 09:01:18 GMT
server: cloudflare
etag: W/"15b7-5a583d2b61380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sat, 05 Sep 2020 10:11:02 GMT
cache-control: max-age=86400
x-provided-by: StackCDN
cf-ray: 5cd91895b8269808-FRA
cf-bgj: minify

GET
H2 404 logo.png
offers.wins.buzz/of/content/img/ 196 B
196 B 18ms
17ms Image
text/html 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offers.wins.buzz/of/content/img/logo.png
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/content/sn.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer: https://offers.wins.buzz/of/content/sn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 78
x-cdn-cache-status: MISS
x-via: FRA1
status: 404
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db190000098083a08e200000001
x-service-level: standard
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 5cd91895b8279808-FRA

GET
H2 404 browser.png
offers.wins.buzz/of/content/img/ 196 B
196 B 26ms
25ms Image
text/html 2606:4700:3035::6812:3123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offers.wins.buzz/of/content/img/browser.png
Requested by: Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/content/sn.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer: https://offers.wins.buzz/of/content/sn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 16:30:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 78
x-cdn-cache-status: MISS
x-via: FRA1
status: 404
x-backend-server: web74.hosting.stackcp.net
cf-request-id: 04fb8db190000098083a08f200000001
x-service-level: standard
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 5cd91895b82a9808-FRA

GET
H2 200 1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2
fonts.gstatic.com/s/raleway/v14/ 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2

Requested by

Host: offers.wins.buzz
URL: https://offers.wins.buzz/of/content/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccffda12d4002d59565466849044e53ff6734de84baa233f12a725662d8f8681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://offers.wins.buzz
Referer: https://offers.wins.buzz/of/content/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:16:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:45 GMT
server: sffe
age: 364435
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21164
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:16:41 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			offers.wins.buzz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6c8e234f5043210af7b95fae400ccf78
			.wins.buzz/	1970-01-19 12:57:09	Name: __cfduid Value: d7cac32ae43d6cf5cdae5f406a7cfc3ad1599237035

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
healthpolicy.unm.edu
offers.wins.buzz
www.verifysuper.com
129.24.168.102
2606:4700:3035::6812:3123
2a00:1450:4001:808::2003
3.225.87.211
0f618ccacdd9c0fedb119560df115834e3bf6dfdd832fe535f0d011695d6196c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27
7b79641930a28f39329cf0b6056ee9d0cd8f21ac1db16b8b63a466e0ec85c2ee
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8f65e4690571d2522d1ec01f9bdd5e0bca7cf5cdd5aac8cc90d9f15e5a685095
91d6192c69bdb759f9a8c30e24774f22fed0468880059f5210afe91e6f0b228f
97af97539dc9688932072c02ff63adb3a369f5fad0d820ebff5b3f902737963c
99f01a96d6d15439491a62481c06e62d51016d1f0194c4df0ec7d7d090135e8f
a388cd90b33a086499693f299782ca92a02acc3461cc92cccb1e4d9258b5c84b
c4b7f6f01be6b0873ee3c803da0ac25d76ebe340e42f2b0bd71adb71326b99e1
ccffda12d4002d59565466849044e53ff6734de84baa233f12a725662d8f8681
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ce9047ba165c4e08d1c67df1ef157e21c7291c4675c0a48a6d38a4dcf48b7a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

offers.wins.buzz Open in urlscan Pro 2606:4700:3035::6812:3123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

201 kBTransfer

722 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

offers.wins.buzz Open in urlscan Pro
2606:4700:3035::6812:3123 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

201 kB
Transfer

722 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions