1win29.top Open in urlscan Pro
190.115.24.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://spkdzm.ru/
Effective URL:
https://1win29.top/
Submission: On June 23 via api (June 23rd 2024, 7:09:38 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 190.115.24.47, located in Belize and belongs to IQWEB, AE. The main domain is 1win29.top.
TLS certificate: Issued by R11 on June 7th 2024. Valid for: 3 months.

This is the only time 1win29.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	190.115.24.47 190.115.24.47	59692 (IQWEB) (IQWEB)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2 3	66.254.114.41 66.254.114.41	29789 (REFLECTED) (REFLECTED)
19	3

14 190.115.24.47 (Belize) 1 redirects

ASN59692 (IQWEB, AE)
PTR: ddos-guard.net

spkdzm.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1win29.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.254.114.41 (United States) 2 redirects

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

www.pornhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.pornhub.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	1win29.top 1win29.top	841 KB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8749	4 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3382	71 KB
2	pornhub.com 2 redirects www.pornhub.com — Cisco Umbrella Rank: 9664	1 KB
1	pornhub.org de.pornhub.org — Cisco Umbrella Rank: 169481
1	spkdzm.ru 1 redirects spkdzm.ru	245 B
19	6

	Domain	Requested by
13	1win29.top	1win29.top
6	mc.yandex.com	3 redirects 1win29.top mc.yandex.ru
3	mc.yandex.ru	1 redirects 1win29.top
2	www.pornhub.com	2 redirects
1	de.pornhub.org	1win29.top
1	spkdzm.ru	1 redirects
19	6

This site contains no links.

Subject Issuer	Validity	Valid
1win29.top R11	`2024-06-07` - `2024-09-05`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
pornhub.org R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://1win29.top/
Frame ID: 94D5D1464BCB5EC8BA87D73D8704E810
Requests: 17 HTTP requests in this frame

Frame: https://de.pornhub.org/embed
Frame ID: 2AE9DF2A32B3E8A62F561268C307ED10
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 48ADF3D0BE12BB07C18ACB41880523E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1Win Официальный сайт казино - бонусы новым игрокам

Page URL History Show full URLs

https://spkdzm.ru/ HTTP 301
https://1win29.top/ Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

89 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

913 kB
Transfer

1117 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://spkdzm.ru/ HTTP 301
https://1win29.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.pornhub.com/embed/ HTTP 301
https://www.pornhub.com/embed HTTP 302
https://de.pornhub.org/embed

Request Chain 13

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10409.WZ09NXannehDb7Efv7KC2Cg1kxeNcFEfxevPUZx526zIOnQtkujSgTkbcNEm9e83.epxEzR6yofidsXUXQXCKw-rXJdg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10409.GLHd_4kUvOWWKiTPwaNAkxdfeDRAEi1-UoCrTwb9YGav0kG3Hxf8IafL3afNhKmVmurTz1v9MVbD6DncsAz2F1FU14Q2QxqsxpCSwvUedIpWwSPMmeZ5myEb6jnj-mln0zKvrwrtzAptTn1frSGokcZL1VFYFGG7qe85_PUt3ge-AYZC2PSiMEWST9BtOYebb1ZrvxQwK91Mkd5TvfxzZ9hzunRKnw4iqjJnfQTOApg%2C._hJW6v1DOugOtSmzgY8C_waiVnI%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10409.Z9Yv7jjz_S8sGQYXVLV-67lbk4VvSwATQae2HxSba23Wdgpvi7CkXEG-pG89mrznJMenX1MQqZLAeC2Z5elW7M7I42Fb-d-o2VskEEnFGF3aq5podKa1u_85EkKW_yhtUWIiu2qaEs6ltbafJhSTrfoa048nJ-7zw41hQ4j23-i5n3zq-fVGOQROYfxztkKcGt2wN8gIsORounxSilpHlw%2C%2C.tjl5JbXOde-Q16fgVYOzYslGB5U%2C

Request Chain 16

https://mc.yandex.com/watch/96816813?wmode=7&page-url=https%3A%2F%2F1win29.top%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A981853710232%3Ahid%3A222568286%3Az%3A120%3Ai%3A20240623090933%3Aet%3A1719126574%3Ac%3A1%3Arn%3A732710533%3Arqn%3A1%3Au%3A1719126574724597773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A480%3Awv%3A2%3Ads%3A0%2C55%2C89%2C1%2C199%2C0%2C%2C80%2C0%2C%2C%2C%2C486%3Aco%3A0%3Acpf%3A1%3Ans%3A1719126573019%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719126574%3At%3A1Win%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%BC%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%B0%D0%BC&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
https://mc.yandex.com/watch/96816813/1?wmode=7&page-url=https%3A%2F%2F1win29.top%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A981853710232%3Ahid%3A222568286%3Az%3A120%3Ai%3A20240623090933%3Aet%3A1719126574%3Ac%3A1%3Arn%3A732710533%3Arqn%3A1%3Au%3A1719126574724597773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A480%3Awv%3A2%3Ads%3A0%2C55%2C89%2C1%2C199%2C0%2C%2C80%2C0%2C%2C%2C%2C486%3Aco%3A0%3Acpf%3A1%3Ans%3A1719126573019%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719126574%3At%3A1Win%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%BC%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1win29.top/
Redirect Chain

https://spkdzm.ru/
https://1win29.top/

14 KB
5 KB

206ms
89ms

Document
text/html

190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

9cfba19cbfeb3340117deafdf223bbda18aa935b0e603c6c6c94c78517944c77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Sun, 23 Jun 2024 07:09:33 GMT
server: ddos-guard
strict-transport-security: max-age=31536000;

Redirect headers

content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=iso-8859-1
date: Sun, 23 Jun 2024 07:09:33 GMT
location: https://1win29.top/
server: ddos-guard
strict-transport-security: max-age=31536000;
vary: Accept-Encoding

GET
H2 200 style.css
1win29.top/css/ 12 KB
3 KB 30ms
29ms Stylesheet
text/css 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1win29.top/css/style.css

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

025ebb268fff6d82b59cd2920204e53dbd27470648517b0cbaa913b7c037dae2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 22 Jun 2024 21:09:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 36019
etag: "6639a5ad-31ed"
vary: Accept-Encoding
content-type: text/css
ddg-cache-status: HIT
cache-control: max-age=86400
content-length: 2786
expires: Sun, 23 Jun 2024 21:09:14 GMT

GET
H2 200 mainh.js Show response
1win29.top/js/ 1 KB
731 B 28ms
27ms Script
application/javascript 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1win29.top/js/mainh.js

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

1f13b277723516b1d159366e5e8474ce45a239c3791fe19a4ce220b0b4b574e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 22 Jun 2024 13:52:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 62208
etag: "6639a5ad-437"
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=86400
content-length: 560
expires: Sun, 23 Jun 2024 13:52:45 GMT

GET
H2 200 jquery.min.js Show response
1win29.top/js/ 85 KB
30 KB 53ms
52ms Script
application/javascript 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1win29.top/js/jquery.min.js

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 22 Jun 2024 12:30:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 67149
etag: "6639a5ad-155ed"
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=86400
content-length: 30627
expires: Sun, 23 Jun 2024 12:30:24 GMT

GET
H2 200 scripts.js Show response
1win29.top/js/ 640 B
431 B 31ms
30ms Script
application/javascript 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1win29.top/js/scripts.js

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

8c9372ade2132ee77551b5379bf1e083a60d1ec271f7de4a3fde6eff645f3a8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 23 Jun 2024 03:59:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 11398
etag: "6639a5ad-280"
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=86400
content-length: 327
expires: Mon, 24 Jun 2024 03:59:35 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 201 KB
70 KB 316ms
177ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

78ed30ffd8883c55678252b0d846ea07a2b22e00721227dd8b5f72bbc48e9045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:09:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 17 Jun 2024 09:09:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "666ffd34-11486"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70790
expires: Sun, 23 Jun 2024 08:09:33 GMT

GET
H2 200 logo.png
1win29.top/images/ 4 KB
4 KB 30ms
30ms Image
image/png 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win29.top/images/logo.png

Requested by

Host: 1win29.top
URL: https://1win29.top/js/mainh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

acf1aeb5f742abf485482337b9a36fe119333631ac51e91ab632bbb09b60d4f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 23 Jun 2024 03:59:35 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:18 GMT
server: ddos-guard
age: 11398
etag: "6639a5ae-e9b"
content-type: image/png
ddg-cache-status: HIT
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3739
expires: Mon, 24 Jun 2024 03:59:35 GMT

GET
H2

404

embed
de.pornhub.org/ Frame 2AE9
Redirect Chain

https://www.pornhub.com/embed/
https://www.pornhub.com/embed
https://de.pornhub.org/embed

0
0

85ms
38ms

Document
text/html

66.254.114.41
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL

https://de.pornhub.org/embed

Requested by

Host: 1win29.top
URL: https://1win29.top/js/mainh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.254.114.41 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

reflectededge.reflected.net

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1win29.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 23 Jun 2024 07:09:33 GMT
server: openresty
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: sameorigin

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 23 Jun 2024 07:09:33 GMT
location: https://de.pornhub.org/embed
ph-redirect: 1023
pragma: no-cache
rating: RTA-5042-1996-1400-1577-RTA
server: openresty
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent
x-frame-options: SAMEORIGIN

GET
H2 200 Montserrat-Regular.woff2
1win29.top/fonts/ 90 KB
89 KB 110ms
109ms Font
font/woff2 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1win29.top/fonts/Montserrat-Regular.woff2

Requested by

Host: 1win29.top
URL: https://1win29.top/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

fa88ed6dcc00cf660ae6cb9c4bf4fa279d3ce55549ac439f18a87af2f03f1579

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/css/style.css
Origin: https://1win29.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 22 Jun 2024 10:45:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 73422
etag: W/"6639a5ad-166a4"
vary: Accept-Encoding
content-type: font/woff2
ddg-cache-status: HIT
cache-control: max-age=86400
accept-ranges: bytes
content-length: 90858
expires: Sun, 23 Jun 2024 10:45:51 GMT

GET
H2 200 Montserrat-Bold.woff2
1win29.top/fonts/ 90 KB
89 KB 109ms
109ms Font
font/woff2 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1win29.top/fonts/Montserrat-Bold.woff2

Requested by

Host: 1win29.top
URL: https://1win29.top/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

f052bcffa2e3fee9733296a15176435d83d94fdc6621ea7f32af6f0711d0816f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/css/style.css
Origin: https://1win29.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 22 Jun 2024 22:21:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 31705
etag: "6639a5ad-16634"
vary: Accept-Encoding
content-type: font/woff2
ddg-cache-status: HIT
cache-control: max-age=86400
accept-ranges: bytes
content-length: 90774
expires: Sun, 23 Jun 2024 22:21:08 GMT

GET
H2 200 banner.png
1win29.top/images/ 330 KB
331 KB 43ms
43ms Image
image/png 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win29.top/images/banner.png

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

286b4e4c6bd7c5ba025ed44f3ac3e2338b19ecaf91de6cf6ee80e6e32783d909

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 22 Jun 2024 21:35:31 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 34442
etag: "6639a5ad-529ae"
content-type: image/png
ddg-cache-status: HIT
cache-control: max-age=86400
accept-ranges: bytes
content-length: 338350
expires: Sun, 23 Jun 2024 21:35:31 GMT

GET
H2 200 bonus.jpg
1win29.top/images/ 132 KB
132 KB 110ms
110ms Image
image/jpeg 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win29.top/images/bonus.jpg

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

9065b4efb6fae0ecb8ce72d3e81969057672979a492a7dab91782cae8a9f3608

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 22 Jun 2024 17:00:33 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 50940
etag: "6639a5ad-20f94"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=86400
accept-ranges: bytes
content-length: 135060
expires: Sun, 23 Jun 2024 17:00:33 GMT

GET
H2 200 app.jpg
1win29.top/images/ 56 KB
56 KB 110ms
109ms Image
image/jpeg 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win29.top/images/app.jpg

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

aac4cee483b6be75d169e4a427e23cd70409ffa3f600e824c39193e99050ad39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 23 Jun 2024 05:01:23 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:17 GMT
server: ddos-guard
age: 7690
etag: "6639a5ad-e06a"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=86400
accept-ranges: bytes
content-length: 57450
expires: Mon, 24 Jun 2024 05:01:23 GMT

GET
H2 200 rega.jpg
1win29.top/images/ 99 KB
99 KB 110ms
109ms Image
image/jpeg 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win29.top/images/rega.jpg

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

d9b8d5263c8a934ec5168fb742b22e364eb4c5014a17b7a3c81945ecf7b1e309

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 22 Jun 2024 17:00:33 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:18 GMT
server: ddos-guard
age: 50940
etag: "6639a5ae-18c8b"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=86400
accept-ranges: bytes
content-length: 101515
expires: Sun, 23 Jun 2024 17:00:33 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10409.WZ09NXannehDb7Efv7KC2Cg1kxeNcFEfxevPUZx526zIOnQtkujSgTkbcNEm9e83.epxEzR6yofidsXUXQXCKw-rXJdg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10409.GLHd_4kUvOWWKiTPwaNAkxdfeDRAEi1-UoCrTwb9YGav0kG3Hxf8IafL3afNhKmVmurTz1v9MVbD6DncsAz2F1FU14Q2QxqsxpCSwvUedIpWwSPMmeZ5myEb6jnj-mln0zKvrwrtzA...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10409.Z9Yv7jjz_S8sGQYXVLV-67lbk4VvSwATQae2HxSba23Wdgpvi7CkXEG-pG89mrznJMenX1MQqZLAeC2Z5elW7M7I42Fb-d-o2VskEEnFGF3aq...

43 B
583 B

64ms
64ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10409.Z9Yv7jjz_S8sGQYXVLV-67lbk4VvSwATQae2HxSba23Wdgpvi7CkXEG-pG89mrznJMenX1MQqZLAeC2Z5elW7M7I42Fb-d-o2VskEEnFGF3aq5podKa1u_85EkKW_yhtUWIiu2qaEs6ltbafJhSTrfoa048nJ-7zw41hQ4j23-i5n3zq-fVGOQROYfxztkKcGt2wN8gIsORounxSilpHlw%2C%2C.tjl5JbXOde-Q16fgVYOzYslGB5U%2C

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1win29.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 07:09:34 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10409.Z9Yv7jjz_S8sGQYXVLV-67lbk4VvSwATQae2HxSba23Wdgpvi7CkXEG-pG89mrznJMenX1MQqZLAeC2Z5elW7M7I42Fb-d-o2VskEEnFGF3aq5podKa1u_85EkKW_yhtUWIiu2qaEs6ltbafJhSTrfoa048nJ-7zw41hQ4j23-i5n3zq-fVGOQROYfxztkKcGt2wN8gIsORounxSilpHlw%2C%2C.tjl5JbXOde-Q16fgVYOzYslGB5U%2C
date: Sun, 23 Jun 2024 07:09:34 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
573 B 107ms
107ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:09:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 17 Jun 2024 09:09:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "666ffd34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 23 Jun 2024 08:09:33 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 48AD 0
0 245ms
111ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1win29.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1048
content-type: text/html
date: Sun, 23 Jun 2024 07:09:34 GMT
etag: "666ffd34-418"
expires: Sun, 23 Jun 2024 08:09:34 GMT
last-modified: Mon, 17 Jun 2024 09:09:08 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/96816813/
Redirect Chain

https://mc.yandex.com/watch/96816813?wmode=7&page-url=https%3A%2F%2F1win29.top%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%...
https://mc.yandex.com/watch/96816813/1?wmode=7&page-url=https%3A%2F%2F1win29.top%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%2...

447 B
567 B

77ms
77ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/96816813/1?wmode=7&page-url=https%3A%2F%2F1win29.top%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A981853710232%3Ahid%3A222568286%3Az%3A120%3Ai%3A20240623090933%3Aet%3A1719126574%3Ac%3A1%3Arn%3A732710533%3Arqn%3A1%3Au%3A1719126574724597773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A480%3Awv%3A2%3Ads%3A0%2C55%2C89%2C1%2C199%2C0%2C%2C80%2C0%2C%2C%2C%2C486%3Aco%3A0%3Acpf%3A1%3Ans%3A1719126573019%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719126574%3At%3A1Win%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%BC%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Requested by

Host: 1win29.top
URL: https://1win29.top/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ec891938ef23551da60196e2dd67c32b8ef2dd902a0ce4ec2c4eab3650b4dfc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1win29.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 07:09:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 23-Jun-2024 07:09:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1win29.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Sun, 23-Jun-2024 07:09:34 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Jun 2024 07:09:34 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23-Jun-2024 07:09:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/96816813/1?wmode=7&page-url=https%3A%2F%2F1win29.top%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A981853710232%3Ahid%3A222568286%3Az%3A120%3Ai%3A20240623090933%3Aet%3A1719126574%3Ac%3A1%3Arn%3A732710533%3Arqn%3A1%3Au%3A1719126574724597773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A480%3Awv%3A2%3Ads%3A0%2C55%2C89%2C1%2C199%2C0%2C%2C80%2C0%2C%2C%2C%2C486%3Aco%3A0%3Acpf%3A1%3Ans%3A1719126573019%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719126574%3At%3A1Win%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%BC%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
access-control-allow-origin: https://1win29.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 23-Jun-2024 07:09:34 GMT

GET
H2 200 favicon-32x32.png
1win29.top/images/favicon/ 2 KB
2 KB 31ms
31ms Other
image/png 190.115.24.47
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1win29.top/images/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.47 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

bd76de78a0d6c680bd4561ba0ddfa06b3c8eb70abddacd1595fcc50800b6bbe6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1win29.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 23 Jun 2024 06:02:53 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 07 May 2024 03:53:18 GMT
server: ddos-guard
age: 4001
etag: "6639a5ae-68c"
content-type: image/png
ddg-cache-status: HIT
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1676
expires: Mon, 24 Jun 2024 06:02:53 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pornhub.com/embed	1969-12-31 23:59:59	Name: __s Value: 6677CA2D-42FE722901BB156FF8-386499D1
www.pornhub.com/embed	1970-01-21 06:18:03	Name: __l Value: 6677CA2D-42FE722901BB156FF8-386499D1
.spkdzm.ru/	1970-01-21 06:17:42	Name: __ddg1_ Value: e4hJ33wYFDChuYEE73Tx
.1win29.top/	1970-01-21 06:17:42	Name: __ddg1_ Value: Bwaf5HudSAtCvVIOfZjJ
de.pornhub.org/	1969-12-31 23:59:59	Name: __s Value: 6677CA2D-42FE722901BB1A78B8-3858F374
de.pornhub.org/	1970-01-21 06:18:03	Name: __l Value: 6677CA2D-42FE722901BB1A78B8-3858F374
.yandex.ru/	1970-01-21 06:17:42	Name: yashr Value: 5061537771719126573
mc.yandex.ru/	1970-01-21 06:17:42	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.1win29.top/	1970-01-21 06:17:42	Name: _ym_uid Value: 1719126574724597773
.1win29.top/	1970-01-21 06:17:42	Name: _ym_d Value: 1719126574
.mc.yandex.com/	1970-01-20 21:32:07	Name: sync_cookie_csrf Value: 3043880484fake
mc.yandex.com/	1970-01-21 06:17:42	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.yandex.com/	1970-01-21 07:08:06	Name: i Value: uXaMewkOpfB4S39NJ2f7tWGzBUQf0y32d6mzr+mtmxo6hBcRqQtSRRG9RiQHIw0VPpjmwz2LNpY6nwa0SP0y93LyMdU=
.yandex.com/	1970-01-21 06:17:42	Name: yandexuid Value: 2380165151719126573
.yandex.com/	1970-01-21 06:17:42	Name: yashr Value: 5561007451719126573
.1win29.top/	1970-01-20 21:33:18	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 21:32:07	Name: sync_cookie_csrf Value: 1119368302fake
.mc.yandex.com/	1970-01-20 21:33:32	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 07:08:06	Name: yandexuid Value: 2380165151719126573
.yandex.ru/	1970-01-21 07:08:06	Name: yuidss Value: 2380165151719126573
.yandex.ru/	1970-01-21 07:08:06	Name: i Value: uXaMewkOpfB4S39NJ2f7tWGzBUQf0y32d6mzr+mtmxo6hBcRqQtSRRG9RiQHIw0VPpjmwz2LNpY6nwa0SP0y93LyMdU=
.yandex.ru/	1970-01-21 07:08:06	Name: yp Value: 1719212974.yu.4996037831719126573
.yandex.ru/	1970-01-21 06:17:42	Name: ymex Value: 1721718574.oyu.4996037831719126573
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 15322191719126574
.yandex.com/	1970-01-21 06:17:42	Name: yuidss Value: 2380165151719126573
.yandex.com/	1970-01-21 06:17:42	Name: ymex Value: 1750662574.yrts.1719126574
.yandex.com/	1970-01-21 06:17:42	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 06:17:42	Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiECIxMjYuMC42NDc4LjExNCIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIk5vdC9BKUJyYW5kIjt2PSI4LjAuMC4wIiwiQ2hyb21pdW0iO3Y9IjEyNi4wLjY0NzguMTE0IiwiR29vZ2xlIENocm9tZSI7dj0iMTI2LjAuNjQ3OC4xMTQiIg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win29.top
de.pornhub.org
mc.yandex.com
mc.yandex.ru
spkdzm.ru
www.pornhub.com
190.115.24.47
2a02:6b8::1:119
66.254.114.41
025ebb268fff6d82b59cd2920204e53dbd27470648517b0cbaa913b7c037dae2
1f13b277723516b1d159366e5e8474ce45a239c3791fe19a4ce220b0b4b574e2
286b4e4c6bd7c5ba025ed44f3ac3e2338b19ecaf91de6cf6ee80e6e32783d909
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
78ed30ffd8883c55678252b0d846ea07a2b22e00721227dd8b5f72bbc48e9045
8c9372ade2132ee77551b5379bf1e083a60d1ec271f7de4a3fde6eff645f3a8a
9065b4efb6fae0ecb8ce72d3e81969057672979a492a7dab91782cae8a9f3608
9cfba19cbfeb3340117deafdf223bbda18aa935b0e603c6c6c94c78517944c77
aac4cee483b6be75d169e4a427e23cd70409ffa3f600e824c39193e99050ad39
acf1aeb5f742abf485482337b9a36fe119333631ac51e91ab632bbb09b60d4f7
bd76de78a0d6c680bd4561ba0ddfa06b3c8eb70abddacd1595fcc50800b6bbe6
d9b8d5263c8a934ec5168fb742b22e364eb4c5014a17b7a3c81945ecf7b1e309
ec891938ef23551da60196e2dd67c32b8ef2dd902a0ce4ec2c4eab3650b4dfc8
f052bcffa2e3fee9733296a15176435d83d94fdc6621ea7f32af6f0711d0816f
fa88ed6dcc00cf660ae6cb9c4bf4fa279d3ce55549ac439f18a87af2f03f1579
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

1win29.top Open in urlscan Pro 190.115.24.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

3 IPs

3 Countries

913 kBTransfer

1117 kBSize

28 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

28 Cookies

Security Headers

Indicators

1win29.top Open in urlscan Pro
190.115.24.47 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

913 kB
Transfer

1117 kB
Size

28
Cookies

19 HTTP transactions
0 data transactions