urlscan.io logo urlscan.io
SecurityTrails logo

1win-2024-fyk.buzz Open in urlscan Pro
2606:4700:3037::6815:2448  Public Scan

Go To Rescan Add Verdict Report
URL: https://1win-2024-fyk.buzz/
Submission: On September 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3037::6815:2448, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-2024-fyk.buzz.
TLS certificate: Issued by WE1 on September 24th 2024. Valid for: 3 months.
This is the only time 1win-2024-fyk.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
14 172.67.188.135 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 9 2a02:6b8::1:119 13238 (YANDEX)
2 142.250.184.195 15169 (GOOGLE)
23 5
1    2606:4700:3037::6815:2448 (United States)

ASN13335 (CLOUDFLARENET, US)
1win-2024-fyk.buzz
14    172.67.188.135 (United States)

ASN13335 (CLOUDFLARENET, US)
1win-2024-fyk.buzz
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 1win-2024-fyk.buzz
1win-2024-fyk.buzz
509 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8052
4 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3718
70 KB
2 gstatic.com
fonts.gstatic.com
66 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
23 5
Domain Requested by
15 1win-2024-fyk.buzz 1win-2024-fyk.buzz
6 mc.yandex.com 3 redirects 1win-2024-fyk.buzz
mc.yandex.ru
3 mc.yandex.ru 1 redirects 1win-2024-fyk.buzz
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com 1win-2024-fyk.buzz
23 5

This site contains no links.

Subject Issuer Validity Valid
1win-2024-fyk.buzz
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1win-2024-fyk.buzz/
Frame ID: 2FA60E582D962A5D445DE143ADCE6F76
Requests: 22 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: C92A8046E107B37AD47A1E4C80330BAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1Win — лицензионное казино с топовыми играми

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

23
Requests

91 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

647 kB
Transfer

839 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10503.pYdOL1_MPZ8JEYi19l_yxe0SQG7Iw6q-LnEPgV7vdM317QMfrfvAjtBQlqcbAr4J.UaWVlXUAu0mX6ZYOJ82ykhM9Kog%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10503.JQu8Q23Jc1khDAehbFlCqWXrOzDjW1mY1zj4sa0_4p80FcFAu0GJoL5agmxziHuCoBzQajqKpY8z1uQYC54mKrARoZQzRsYvvrv8c6SaP_OZpno0Ud_Er7cckokE-MIG4PmP3hRHdXQbOjBUFNo_vrzQcedTvUKx2yypdPtfM9ekKn3gPpa6Ka6-G_7GhXe2xilkjbR0hJqmwRCnw-mrO4AcXshZg2v65uI19ddclqc%2C.vKGgW4ELnFppfxWMOuBOM4Fg5Ls%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10503.jMOSvrFh3PdH_8l4ARkT_boXeWOCN7Rg9GR0_AE-YrMpqxSuo36cXAFKzZ7azDGn22BAoSNLp_MNLAfYwxJFyrcRMZw-srP3jWb0TznWCob7oTk-1QB2kXUEZq_dCvhRt13ENqMXWuK27aMTiDVblJu9au99L1B9zSxCvvSQPpNSr3M9zOLn-FSfYq8EaXKWN-Gjoz0lGCPs_thZdPoqxA%2C%2C.BmO9XvCJVOiFVzIbzbhNNcJes6I%2C
Request Chain 20
  • https://mc.yandex.com/watch/98436527?wmode=7&page-url=https%3A%2F%2F1win-2024-fyk.buzz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ao9c5bf6xvm0ltj7jomr8aqekm3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1460%3Acn%3A1%3Adp%3A0%3Als%3A878514688379%3Ahid%3A195156909%3Az%3A120%3Ai%3A20240925141034%3Aet%3A1727266234%3Ac%3A1%3Arn%3A1015782703%3Arqn%3A1%3Au%3A1727266234750925253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A811%3Awv%3A2%3Ads%3A17%2C42%2C65%2C7%2C1%2C0%2C%2C520%2C0%2C%2C%2C%2C653%3Aco%3A0%3Acpf%3A1%3Ans%3A1727266233445%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1727266235%3At%3A1Win%20%E2%80%94%20%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%BE%D0%BF%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8%20%D0%B8%D0%B3%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
  • https://mc.yandex.com/watch/98436527/1?wmode=7&page-url=https%3A%2F%2F1win-2024-fyk.buzz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ao9c5bf6xvm0ltj7jomr8aqekm3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1460%3Acn%3A1%3Adp%3A0%3Als%3A878514688379%3Ahid%3A195156909%3Az%3A120%3Ai%3A20240925141034%3Aet%3A1727266234%3Ac%3A1%3Arn%3A1015782703%3Arqn%3A1%3Au%3A1727266234750925253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A811%3Awv%3A2%3Ads%3A17%2C42%2C65%2C7%2C1%2C0%2C%2C520%2C0%2C%2C%2C%2C653%3Aco%3A0%3Acpf%3A1%3Ans%3A1727266233445%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1727266235%3At%3A1Win%20%E2%80%94%20%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%BE%D0%BF%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8%20%D0%B8%D0%B3%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1win-2024-fyk.buzz/ 		49 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1win-2024-fyk.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2448 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77817d3798044cf4426e311e7bfb324a412d04127ae8a0d911df3bc9c89d39da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c8ae9676e74bb80-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 25 Sep 2024 12:10:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2BLXaJ0pr5u6g4tO2LswMh3qm1mS%2B%2FSRRB0%2FqtL4oITEL0eir5u0x8acC%2FfU71x0FCNsqUg%2BYGbW1TkL1Q4VfBktk2rQhvAfYF9J6Zy2y5juPkHK9cTlHDW0uHPlDiZOQrisZL83WpHUgdcaujFATSM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.min.css
1win-2024-fyk.buzz/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-2024-fyk.buzz/css/main.min.css?ver=3.4.0
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66f24127-4c6c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmcAbdqO0iq1QI6T7aO%2Flc8NcBY0pcDltoTzN%2Fq0Tjtoux5%2Bo%2FzGkyPoMxbS0mx6tECDbA2seiMNXr2KDNL3FCmN0cE3FyZo8jDX7W5myIkBlI4E7c6sVceIS2mU0gigglI6Cx4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae9682de2d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 04:33:43 GMT
vary
Accept-Encoding
server
cloudflare
style.css
1win-2024-fyk.buzz/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-2024-fyk.buzz/css/style.css?ver=1724108803
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb9b5c3ffb9255280f758cbc324b5392728603e3bcf1a6206bcd8de5555fab6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66f24127-569"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPpuKNK5uwrBpWIRf1dFKiMiQzzicZTsmNMdA5h38JR1x9gJOlZum4f9p1WdIDimsjV2A1nUlOxbAXXJ7eGJicb4gx3AkWLVgOA%2B6WknLuNLpZOkG2sM1MCFQspqjbLADWUKVE8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae9682de5d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 04:33:43 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900;display=auto;ver=3.4.0
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7a9916beb839326aed6d885298db1abc027b8cd458e993d133a90b683636ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 25 Sep 2024 12:10:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 25 Sep 2024 12:10:33 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style-george.css
1win-2024-fyk.buzz/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-2024-fyk.buzz/css/style-george.css
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cbaed2e14a6b492f3e406aa72c93aa3de1738d0024d48ec6f7336cc3e6b067

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66f24127-de5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3W7Cqf0er4E9mDRaneg3SuviLHcVq4Q%2BmQNJj6QcjeOufrOALyvw3%2FQIXlD6HzrRlQ9RoPRELWVSMgTlM6tkVpV7K6zqcvPmF8fb5pZNN6hKsloQmexl7ZxT%2F10Z1iuOtozwHGc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae9682de7d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 04:33:43 GMT
vary
Accept-Encoding
server
cloudflare
1.webp
1win-2024-fyk.buzz/images/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/1.webp
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4dffd553e64900c324bd541f61bc6d795b7d079e65b8347dbdb375d04d6e950

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c92-1a422"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZtKOjSpPYB8r6o78ISySv04xJUsOZEob8%2FSpHQCQhvPbf7t2jRJCUDkaVe4Np7KNIHE605qPLQvOXgWqmvrcekypgeCdfCAQh%2BKosmO0UGufX%2Bc7iYO%2FHRrPL59LZsiRqKwI14%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae9682decd29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
107554
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 06:30:42 GMT
vary
Accept-Encoding
server
cloudflare
2.webp
1win-2024-fyk.buzz/images/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/2.webp
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c770d99c88bbd1186fb820c24315e4da58bbd85d7549a81de153235caac406a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c91-16146"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOfTj5UxvB1qN5eh5d%2BWrX8FTVRh3dXwZSWSl%2B%2Bgl%2FXI00BXHiiYQFrGdHbNxkxpEwl6SxUdU5jSNG%2FAkz5YtJ8bWoprM8PfmncdBgHfMn0QCQ585v2rmG9nQCy2SPJecedPUTE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae9682df2d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
90438
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 06:30:41 GMT
vary
Accept-Encoding
server
cloudflare
3.webp
1win-2024-fyk.buzz/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/3.webp
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc7fd53a5fda8ccb4a91db1e919beceba767cb5c62ad82361d52bcdeaf76f82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c92-11e58"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=16j43h18XgD9tvbDo7Ju1dKMsJHmcWlLdavYfA75RQZ9q8QJQ7lR3z6trpMT5ikDrP9uMAUoLK3vwnXDpla1YIJVQUCj1EbTdu3ys1zXTJ8vJCdkfSCq7qdr6TBOzXVqK132wuE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae9690954d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
73304
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 06:30:42 GMT
vary
Accept-Encoding
server
cloudflare
7.webp
1win-2024-fyk.buzz/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/7.webp
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a04bf7439775787584cb8d4279b26e1dfb202f81f703196f3f7fca37f2fc5cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c92-6ea6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrW23dh%2FW9cUoX1KvRswUYjkExoYfBJWUNh6e8nLuzkOGroougvDyGBAkMK%2BuuAw0Okk8huTnWYcN4Tg%2FbaQK7V97S46iu7jK7k9kT%2B6y4O9mar8M5kBUEUSmC6nwfFEAsf3vnw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae969cc70d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
28326
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 06:30:42 GMT
vary
Accept-Encoding
server
cloudflare
5.webp
1win-2024-fyk.buzz/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/5.webp
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
753221c62da6534873a1b8103be8a3ad8d0db7f6f371b14e955dde5d8dbbb556

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c92-11b24"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNL4TtxmPYLKdglaBZPyxoC4%2FD4jZtpfoMAXtW3nboF6de9vNuXNInGHOtvlD5MT%2B1L%2BLfaL6WUU5f7K1GtGuGgXUW9EKLNE6ypHpblSsR7mBWJmRuZ19QCRpkeUjOYRwU0e5NY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae969cc88d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
72484
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 06:30:42 GMT
vary
Accept-Encoding
server
cloudflare
6.webp
1win-2024-fyk.buzz/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/6.webp
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52df9a75c19d3268a10dc91e78cc13df882391b81bd33908a08b8058192b73f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c93-ffc8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IvbUDa2HkCAp2zBQpoTxxZWURr6%2FP3Nxp96Hz2K3PSZxOVwdr2VGgVIMVg8qAZKB9qQu6AyIBjCdk%2BDJ%2F9Vquo65FVxrzLWELQabnpZaQFeTJaTDN8t0SN64iaTi6rnK2F%2BAhhk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae96a7ed6d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
65480
date
Wed, 25 Sep 2024 12:10:34 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 06:30:43 GMT
vary
Accept-Encoding
server
cloudflare
4.webp
1win-2024-fyk.buzz/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/4.webp
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8488499f1e63c17bb17a0989d127f87f9287e4d539393dba8e1ea783e3054118

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c91-2b46"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Etp7u1uWCYV1G9g192KPLJdx1YhwA5qHO8YtqB5B7ZDVAmVWKPCVzy3AxrwuCauQorgirvLRxI57kmC5ds%2FhNKjyTnVjdFV8MTSOIENa0Aq5LLfg%2BMydVHvYdVjVTqql7aCn7%2Bk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae96a7ee2d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
11078
date
Wed, 25 Sep 2024 12:10:34 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 06:30:41 GMT
vary
Accept-Encoding
server
cloudflare
email-decode.min.js
1win-2024-fyk.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-2024-fyk.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66e7fb1c-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dEzrNg3juGW9%2F5dFqTmrUuwlFmsXhfBU5uKJuvu1vx8UQ85%2BJpF1ZWZyHeEdnyW4fxLaXLFlpNdaYTVoD7FfwYbRjuGcLweUxD%2FhJwW9qFUfGDNirM8366mc8m7boholrOrXs1E%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c8ae96a7ebcd29a-FRA
expires
Fri, 27 Sep 2024 12:10:33 GMT
date
Wed, 25 Sep 2024 12:10:33 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 09:32:12 GMT
server
cloudflare
vary
Accept-Encoding
tag.js
mc.yandex.ru/metrika/ 		197 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
44c6b3c3984f666f874ade4352c32f1b27aec771c617c79b94da176407ac75fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"66f3c085-10f66"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Wed, 25 Sep 2024 13:10:34 GMT
access-control-allow-origin
*
content-length
69478
date
Wed, 25 Sep 2024 12:10:34 GMT
content-type
application/javascript
last-modified
Wed, 25 Sep 2024 07:49:25 GMT
top1.png
1win-2024-fyk.buzz/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/top1.png
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/css/style-george.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f052cd3777b23846b11b91107aad46cd0931ce1e84453f6fb0e93d3bb831b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/css/style-george.css

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c92-4f7d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ax7CGMivd1m6Q%2FzC5HQx9X1zjkmPBVcCMKofsFL4t0nRB6tJGp18IHj2bZfQjpVqCuDpKFH0v7TFFAkjWaMpV3llvn3aFgIkPrRz%2BSAR%2BEbofR924ZmOpG%2BR8s3a4O48YXH5ug8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae96a8f24d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
20349
date
Wed, 25 Sep 2024 12:10:34 GMT
content-type
image/png
last-modified
Tue, 24 Sep 2024 06:30:42 GMT
vary
Accept-Encoding
server
cloudflare
football.webp
1win-2024-fyk.buzz/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-2024-fyk.buzz/images/football.webp
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/css/style-george.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a1eaa2ca40432568835e18e468ec4965d830d24c98fc4840f1ca156330aa5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/css/style-george.css

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f25c93-58c2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4ftD8TQVbuhwA2JgsVJeVVkcbSuDJ6hrl1CyNE%2FBokn9SocU%2FVaT%2FN2KSaEGt8%2B9x%2B2bkwQcyGbtWDTF33OFwNl3AQD6opMwqtd9uA3o%2B0xbe2W4AzTx65uk93IPqB4fpGK6xU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae96a8f27d29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
22722
date
Wed, 25 Sep 2024 12:10:34 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 06:30:43 GMT
vary
Accept-Encoding
server
cloudflare
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v18/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900;display=auto;ver=3.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://1win-2024-fyk.buzz
Referer
https://fonts.googleapis.com/

Response headers

age
99459
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 08:32:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 08:32:55 GMT
last-modified
Mon, 29 Jul 2024 22:47:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18740
x-xss-protection
0
server
sffe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900;display=auto;ver=3.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://1win-2024-fyk.buzz
Referer
https://fonts.googleapis.com/

Response headers

age
101461
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 07:59:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 07:59:33 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10503.pYdOL1_MPZ8JEYi19l_yxe0SQG7Iw6q-LnEPgV7vdM317QMfrfvAjtBQlqcbAr4J.UaWVlXUAu0mX6ZYOJ82ykhM9Kog%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10503.JQu8Q23Jc1khDAehbFlCqWXrOzDjW1mY1zj4sa0_4p80FcFAu0GJoL5agmxziHuCoBzQajqKpY8z1uQYC54mKrARoZQzRsYvvrv8c6SaP_OZpno0Ud_Er7cckokE-MIG4PmP3hRHdX...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10503.jMOSvrFh3PdH_8l4ARkT_boXeWOCN7Rg9GR0_AE-YrMpqxSuo36cXAFKzZ7azDGn22BAoSNLp_MNLAfYwxJFyrcRMZw-srP3jWb0TznWCob7o...
43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10503.jMOSvrFh3PdH_8l4ARkT_boXeWOCN7Rg9GR0_AE-YrMpqxSuo36cXAFKzZ7azDGn22BAoSNLp_MNLAfYwxJFyrcRMZw-srP3jWb0TznWCob7oTk-1QB2kXUEZq_dCvhRt13ENqMXWuK27aMTiDVblJu9au99L1B9zSxCvvSQPpNSr3M9zOLn-FSfYq8EaXKWN-Gjoz0lGCPs_thZdPoqxA%2C%2C.BmO9XvCJVOiFVzIbzbhNNcJes6I%2C
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Wed, 25 Sep 2024 12:10:34 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10503.jMOSvrFh3PdH_8l4ARkT_boXeWOCN7Rg9GR0_AE-YrMpqxSuo36cXAFKzZ7azDGn22BAoSNLp_MNLAfYwxJFyrcRMZw-srP3jWb0TznWCob7oTk-1QB2kXUEZq_dCvhRt13ENqMXWuK27aMTiDVblJu9au99L1B9zSxCvvSQPpNSr3M9zOLn-FSfYq8EaXKWN-Gjoz0lGCPs_thZdPoqxA%2C%2C.BmO9XvCJVOiFVzIbzbhNNcJes6I%2C
date
Wed, 25 Sep 2024 12:10:34 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66f3c085-2b"
expires
Wed, 25 Sep 2024 13:10:34 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Wed, 25 Sep 2024 12:10:34 GMT
content-type
image/gif
last-modified
Wed, 25 Sep 2024 07:49:25 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame C92A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://1win-2024-fyk.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Wed, 25 Sep 2024 12:10:35 GMT
etag
"66f3c085-416"
expires
Wed, 25 Sep 2024 13:10:35 GMT
last-modified
Wed, 25 Sep 2024 07:49:25 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/98436527/
Redirect Chain
  • https://mc.yandex.com/watch/98436527?wmode=7&page-url=https%3A%2F%2F1win-2024-fyk.buzz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ao9c5bf6xvm0ltj7jomr8aqekm3%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/98436527/1?wmode=7&page-url=https%3A%2F%2F1win-2024-fyk.buzz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ao9c5bf6xvm0ltj7jomr8aqekm3%3Afu%3A0%3Aen%3Autf-8%...
603 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/98436527/1?wmode=7&page-url=https%3A%2F%2F1win-2024-fyk.buzz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ao9c5bf6xvm0ltj7jomr8aqekm3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1460%3Acn%3A1%3Adp%3A0%3Als%3A878514688379%3Ahid%3A195156909%3Az%3A120%3Ai%3A20240925141034%3Aet%3A1727266234%3Ac%3A1%3Arn%3A1015782703%3Arqn%3A1%3Au%3A1727266234750925253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A811%3Awv%3A2%3Ads%3A17%2C42%2C65%2C7%2C1%2C0%2C%2C520%2C0%2C%2C%2C%2C653%3Aco%3A0%3Acpf%3A1%3Ans%3A1727266233445%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1727266235%3At%3A1Win%20%E2%80%94%20%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%BE%D0%BF%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8%20%D0%B8%D0%B3%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
Requested by
Host: 1win-2024-fyk.buzz
URL: https://1win-2024-fyk.buzz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
df9afcc5a720391a8526b7b9743eae8449fa77cbc610f1ba9f51b2859da6578f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Wed, 25-Sep-2024 12:10:35 GMT
access-control-allow-origin
https://1win-2024-fyk.buzz
content-length
603
date
Wed, 25 Sep 2024 12:10:35 GMT
x-xss-protection
1; mode=block
last-modified
Wed, 25-Sep-2024 12:10:35 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/98436527/1?wmode=7&page-url=https%3A%2F%2F1win-2024-fyk.buzz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ao9c5bf6xvm0ltj7jomr8aqekm3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1460%3Acn%3A1%3Adp%3A0%3Als%3A878514688379%3Ahid%3A195156909%3Az%3A120%3Ai%3A20240925141034%3Aet%3A1727266234%3Ac%3A1%3Arn%3A1015782703%3Arqn%3A1%3Au%3A1727266234750925253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A811%3Awv%3A2%3Ads%3A17%2C42%2C65%2C7%2C1%2C0%2C%2C520%2C0%2C%2C%2C%2C653%3Aco%3A0%3Acpf%3A1%3Ans%3A1727266233445%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1727266235%3At%3A1Win%20%E2%80%94%20%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%BE%D0%BF%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8%20%D0%B8%D0%B3%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 25-Sep-2024 12:10:34 GMT
access-control-allow-origin
https://1win-2024-fyk.buzz
date
Wed, 25 Sep 2024 12:10:34 GMT
x-xss-protection
1; mode=block
last-modified
Wed, 25-Sep-2024 12:10:34 GMT
favicon-32x32.png
1win-2024-fyk.buzz/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1win-2024-fyk.buzz/img/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f341807358c4c268bd7b8888a220e0d2afad3e3e08daae36da60e047009f71e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1win-2024-fyk.buzz/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f24129-6d6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cww1exJRowjfE6EVPrRMz0c8akrLUGLrseIVnNMji1PnC%2FIeeMgKHP%2Fu%2B1dzOXuQzHcSI0H1eVfpl9OeKtQ%2FPhdsvIsn6ll1FxZPwGZdAddmAY8ur5D7FhzEtHsNhljJubsD6fw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8ae973f98fd29a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
1750
date
Wed, 25 Sep 2024 12:10:35 GMT
content-type
image/png
last-modified
Tue, 24 Sep 2024 04:33:45 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ym object| Ya object| yaCounter98436527

20 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: yashr
Value: 8964108811727266234
.1win-2024-fyk.buzz/ Name: _ym_uid
Value: 1727266234750925253
.1win-2024-fyk.buzz/ Name: _ym_d
Value: 1727266234
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4077560912fake
.yandex.com/ Name: i
Value: 1stJ7galwrLMb6ouuvEXStaapgDnX3qprrV+r6K1FvpQ13y1wxr4aU9++cKhjFy6KKaZC4hTSDd/apT78OP4xL15RQc=
.yandex.com/ Name: yandexuid
Value: 9924396071727266234
.yandex.com/ Name: yashr
Value: 3469823101727266234
.1win-2024-fyk.buzz/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 571320002fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 9924396071727266234
.yandex.ru/ Name: yuidss
Value: 9924396071727266234
.yandex.ru/ Name: i
Value: 1stJ7galwrLMb6ouuvEXStaapgDnX3qprrV+r6K1FvpQ13y1wxr4aU9++cKhjFy6KKaZC4hTSDd/apT78OP4xL15RQc=
.yandex.ru/ Name: yp
Value: 1727352634.yu.3413301141727266234
.yandex.ru/ Name: ymex
Value: 1729858234.oyu.3413301141727266234
mc.yandex.com/ Name: yabs-sid
Value: 2172368651727266234
.yandex.com/ Name: yuidss
Value: 9924396071727266234
.yandex.com/ Name: ymex
Value: 1758802234.yrts.1727266234
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGC7+8+3Bg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-2024-fyk.buzz
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
142.250.184.195
172.67.188.135
2606:4700:3037::6815:2448
2a00:1450:4001:829::200a
2a02:6b8::1:119
04cbaed2e14a6b492f3e406aa72c93aa3de1738d0024d48ec6f7336cc3e6b067
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
44c6b3c3984f666f874ade4352c32f1b27aec771c617c79b94da176407ac75fc
52df9a75c19d3268a10dc91e78cc13df882391b81bd33908a08b8058192b73f7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
6a04bf7439775787584cb8d4279b26e1dfb202f81f703196f3f7fca37f2fc5cc
753221c62da6534873a1b8103be8a3ad8d0db7f6f371b14e955dde5d8dbbb556
77817d3798044cf4426e311e7bfb324a412d04127ae8a0d911df3bc9c89d39da
8488499f1e63c17bb17a0989d127f87f9287e4d539393dba8e1ea783e3054118
91f052cd3777b23846b11b91107aad46cd0931ce1e84453f6fb0e93d3bb831b0
94a1eaa2ca40432568835e18e468ec4965d830d24c98fc4840f1ca156330aa5c
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
bfc7fd53a5fda8ccb4a91db1e919beceba767cb5c62ad82361d52bcdeaf76f82
c770d99c88bbd1186fb820c24315e4da58bbd85d7549a81de153235caac406a7
c7a9916beb839326aed6d885298db1abc027b8cd458e993d133a90b683636ed0
df9afcc5a720391a8526b7b9743eae8449fa77cbc610f1ba9f51b2859da6578f
e4dffd553e64900c324bd541f61bc6d795b7d079e65b8347dbdb375d04d6e950
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f341807358c4c268bd7b8888a220e0d2afad3e3e08daae36da60e047009f71e5
fb9b5c3ffb9255280f758cbc324b5392728603e3bcf1a6206bcd8de5555fab6b