1win-c-uz.pu707ev.com Open in urlscan Pro
2606:4700:10::6816:d54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1win-c-uz.pu707ev.com/
Submission: On November 28 via api (November 28th 2024, 3:29:32 pm UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 39 HTTP transactions. The main IP is 2606:4700:10::6816:d54, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-c-uz.pu707ev.com.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.

This is the only time 1win-c-uz.pu707ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:10:... 2606:4700:10::6816:d54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	3.69.69.101 3.69.69.101	16509 (AMAZON-02) (AMAZON-02)
7	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
3	65.9.66.117 65.9.66.117	16509 (AMAZON-02) (AMAZON-02)
1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
39	11

17 2606:4700:10::6816:d54 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

1win-c-uz.pu707ev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.69.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-69-101.eu-central-1.compute.amazonaws.com

fs.pudaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-117.fra56.r.cloudfront.net

f.pudaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f5cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	pu707ev.com 1 redirects 1win-c-uz.pu707ev.com	68 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	393 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
4	pudaf.com fs.pudaf.com — Cisco Umbrella Rank: 619949 f.pudaf.com — Cisco Umbrella Rank: 527261	75 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 740	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	187 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
39	9

	Domain	Requested by
17	1win-c-uz.pu707ev.com	1 redirects 1win-c-uz.pu707ev.com
7	fonts.gstatic.com	fonts.googleapis.com
4	region1.google-analytics.com	www.googletagmanager.com
3	f.pudaf.com	fs.pudaf.com
2	unpkg.com	1 redirects
2	www.googletagmanager.com	1win-c-uz.pu707ev.com www.googletagmanager.com
2	www.google.com	1win-c-uz.pu707ev.com www.gstatic.com
1	pagead2.googlesyndication.com	fs.pudaf.com
1	www.gstatic.com	www.google.com
1	fs.pudaf.com	1win-c-uz.pu707ev.com
1	fonts.googleapis.com	1win-c-uz.pu707ev.com
39	11

This site contains links to these domains. Also see Links.

Domain
tdsio.com

Subject Issuer	Validity	Valid
1win-c-uz.pu707ev.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.pinup-antifraud.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
frogo-aft.com Amazon RSA 2048 M02	`2024-10-07` - `2025-11-05`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://1win-c-uz.pu707ev.com/
Frame ID: AC1AAD9F7BD15269B7917D3FFDEB3E2B
Requests: 35 HTTP requests in this frame

Frame: https://1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 85F4E3E4C29DEB9787E5DAF8F7A586B6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly8xd2luLWMtdXoucHU3MDdldi5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=j9hyjw57j3bf
Frame ID: 908AF671759C1B17B469708A3AB98A3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

65 000 000 SO’M + 250 FS BIRINCHI DEPOZITGA!

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

39
Requests

95 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

729 kB
Transfer

1717 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tdsio.com/p6M
Title: Maxfiylik siyosatin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

Request Chain 31

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
1win-c-uz.pu707ev.com/ 22 KB
7 KB 347ms
108ms Document
text/html 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7281356e731601b70f571021251b0e4a71c190840221ad5634b5c16bd107bf9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e9b647c9d5d71e2-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 15:29:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XG5gOmNw7R%2BXabsPyqROSLolDhlG3DJ9XKEZbux7%2BVUg456md6bO1km9M%2FMEI%2Fwju%2FJP21qEnaium2FqSwD50p0OBjcG5Kr0xcDRqi38l09RVlMc4hTLe0iB1j7K9VVaCqZxBnWKRQYE9YHcygtgoTYIkmA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
2 KB 424ms
51ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2087e8cfd339b01309cb96af7e11eef05444c793cf1b768d30a076826c1f501e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 15:29:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:29:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 28 Nov 2024 15:29:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 main.css
1win-c-uz.pu707ev.com/ 25 KB
5 KB 82ms
81ms Stylesheet
text/css 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-uz.pu707ev.com/main.css

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5484b5c2479edf6e7200c7498f75772f2d074b89b2c31e2dc12de159f957282

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"ebf0ed2e70332e7b35a80f6681110aaa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZTARVSEx886SIXSJYXxeqkR84vp7gYfPZGfQazH5Yv3X0D42IDcxzKanLqiZi1RiDs54ppLH%2FzBZnOpn67B3RQKcp8PD5L5p4PJkpXJmbYL5SyReOniyhALgmGybVBxi0HVy1IUR4SI1PNqJirkgVxCito%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b647dae2271e2-FRA
access-control-allow-origin: *
date: Thu, 28 Nov 2024 15:29:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 azerbaijan.png
1win-c-uz.pu707ev.com/img/header/lang/ 2 KB
2 KB 98ms
97ms Image
image/png 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/header/lang/azerbaijan.png

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbdbaae09a9fefe1eac886940fb71dc8694145eb2841e5415ec3d67a44401e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "33d0c4d4b59a30bb8c614b3ecf281c46"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CM3%2FJzTSP2vejujQ%2Bm1VuDn0fHuKdpjUfgsq2%2FD8eG5NLNj6IDBhOOj1tc5RnMmW6m9ikR3kl4Cl1AMEPcHqLpwjlNp7%2FVnojw0NSOjGaKZG9Xwu1w0StYBzQq52X6r0xGv9qWd4zLh4xsLZIe5XFHmOV4o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b647dae2371e2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1664
date: Thu, 28 Nov 2024 15:29:16 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 indian.png
1win-c-uz.pu707ev.com/img/header/lang/ 1 KB
1 KB 86ms
86ms Image
image/png 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/header/lang/indian.png

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "d8a19eb68791c63572c9bfc16ea175fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yjBsAgjrUSlQyqMnIBG0eIYmAYrzr3OMZf%2BwUsXixlMWX5K0cuBZV0eyflUaPQ29MkACfxJegMQuG3L%2Fo6iDlIhLswWZzpaTXO67f96ak88yjYnde9YoS53ZCP8S697rJcTxMnn9esulh%2BgkYq3a4fADWDM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b647dae2471e2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1063
date: Thu, 28 Nov 2024 15:29:16 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 uzbek.png
1win-c-uz.pu707ev.com/img/header/lang/ 1 KB
2 KB 104ms
104ms Image
image/png 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/header/lang/uzbek.png

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c96e6cc271262f86a2f2c172d248a69e8a121c82f2465529a506d2e8fe352e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "758f303bb86e51f12522bef78ce1d8fd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOXnzpE1%2FweeVfjqJJl1skhgiQLdjIn6%2BtuZy%2BPp4bALkvOzzm9JUvUp1lsSN%2FQ07J1eTmgFxtY19Rn9w2snvxQaH%2B%2BWlmyPpJz6p96W5C1PKxIjBp6lcQQ8xSSQECZDqIPQeIHPeen%2F8FDR6AkKEnt4Iz4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6480a86b71e2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1530
date: Thu, 28 Nov 2024 15:29:16 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 870ms
54ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f4.1e100.net

Software

ESF /

Resource Hash

2799a4af3a0ac139f661132aec2c94ade60ed0fe097bb6f4ba42da9cd1580152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 15:29:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 28 Nov 2024 15:29:17 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 bundle.js Show response
1win-c-uz.pu707ev.com/ 82 KB
21 KB 104ms
101ms Script
application/javascript 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-uz.pu707ev.com/bundle.js

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a445f128d9f8afc66b472ddc266e97b4df636f3e032476cdce5321f3425bcbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"0d0e72de897477a6efb8d45b3bc52d0c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QxK%2B4EmDta%2FW0UdNCTy8L5uTeAdqnM16fGH1B5qH20ByNt5vNxiC8um2WfPeDOIwiItHqHcFEmn3%2FsE%2Flt9qYo1Py01Bty6luOyh9Cfg2YEwHwr4jvTIX4XCTEBhXTa8r1CGDVoiNWTK6eThm7kfYtaR0So%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6481690171e2-FRA
access-control-allow-origin: *
date: Thu, 28 Nov 2024 15:29:17 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
83 KB 916ms
64ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c28753736cc0917829a0543b8c97e14689f5287db0ac5b8bda7412251106776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 28 Nov 2024 15:29:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:29:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84708
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 fp.js Show response
fs.pudaf.com/ 242 KB
73 KB 924ms
93ms Script
application/javascript 3.69.69.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.pudaf.com/fp.js
Requested by: Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.69.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-69-101.eu-central-1.compute.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: 2605c063257beca9b2bfba501c645a3b32eb15e364859ad01b935cc286aea016

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

content-encoding: gzip
date: Thu, 28 Nov 2024 15:29:17 GMT
etag: W/"671b9df7-3c6b8"
content-type: application/javascript
last-modified: Fri, 25 Oct 2024 13:32:39 GMT
server: nginx/1.27.2

GET
H2 200 background.jpg
1win-c-uz.pu707ev.com/img/ 15 KB
15 KB 79ms
78ms Image
image/jpeg 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/background.jpg

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cebc306a12a1d374fe7e16172f7e08d2b47275ccc92ed524ebe5658da956f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "8e6273ba24b3dbf724821f0e80b66df0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DBtF8FJlUqCKpySf55D4P9KXC9QWkS1HMJ7kPFx0eEW9naOV86auN%2BzZZwwc8JIrsf1Y8Mv7FLmm6LMc0IrwjaZKY8d8zFSXaKGto01yQcQqRW2TixFTfaS8QiXCns6pdty9dcdYnMWfXq2jXPo41YYgC3Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6485bc3571e2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15160
date: Thu, 28 Nov 2024 15:29:17 GMT
content-type: image/jpeg
vary: Accept-Encoding
server: cloudflare

GET
H2 200 arrow.svg
1win-c-uz.pu707ev.com/img/ 168 B
620 B 78ms
77ms Image
image/svg+xml 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/arrow.svg

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a00cc69c2da9de0fd87bcca80ba61eae4b6af5d9ae6a3894a7dff375bd2aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"64b96f3da65e5010374b6561799c5efc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhOv83hSiUj7MuCYRow68KXnSbs6F3Hfv%2BxIJHv%2FF3nciFUWKJBHY9si8GgwyVUgAybjP5gheha%2BA5oMRcx1Ku9Tc9qsiiAAnrMF7L7ooKXcd723rXpBRQSV2iTxOTQNKU7O3RxZx9edYhG4vYj%2BSD%2Faa3A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6485bc3671e2-FRA
access-control-allow-origin: *
date: Thu, 28 Nov 2024 15:29:17 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 down-arrow.svg
1win-c-uz.pu707ev.com/img/ 199 B
491 B 109ms
108ms Image
image/svg+xml 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/down-arrow.svg

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d546840626ca223ea62f041908b2d0b0c2e00449e429e40a7a1cc3abee19be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"f667c1d880ee3ff9ccf4e9ab671687f7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAt1MXlU5eASTDXhvhfCWX04d70FZPTSpFCThqNdPdh5r3w1dWancTE4Wb9pEDVW9goF6ZsdJuVhcb0mvDLbc4Io30yuBc2lSLgb7vdPXVotlGfttmOV%2BYuyqdgmhyfmzHyfYHI2teRIHFNjV4zL2WGtdZI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6485bc3771e2-FRA
access-control-allow-origin: *
date: Thu, 28 Nov 2024 15:29:17 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 checkbox.svg
1win-c-uz.pu707ev.com/img/ 297 B
545 B 78ms
78ms Image
image/svg+xml 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/checkbox.svg

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62db9f94d0b8b486a06f8d2ceaf553dfa7a291d633497100daae02f27bed323

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"8e2f5f13abb2663dcc219e1457660206"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxZdQDAJ0E2FG5XHlCJ6lJ2kSswgQYwZO1%2BrR05pws2F%2Bv6TZuzPRDJgStIVNjHTMJRfseJQksdBVkjGIJ%2BPQcw6FjBLikLrKh6nrag4JIT6mujIVIGiKRDEpRbFVzb%2BaRWgbdjoz0F4VoDt1lnxx8RFtFk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6485bc3971e2-FRA
access-control-allow-origin: *
date: Thu, 28 Nov 2024 15:29:17 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H3 200 NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3...
fonts.gstatic.com/s/robotoflex/v26/ 83 KB
83 KB 195ms
70ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoflex/v26/NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3e0O-gn5rrZCu20YNau4OPE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

7c979a9dc3a699adb9561b6ecf0d5d4e27b74bea9bdaf01e91259efecbefbcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 149679
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 21:54:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:54:38 GMT
last-modified: Wed, 28 Feb 2024 18:00:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84552
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 211ms
86ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 222392
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 171ms
47ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 85121
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:50:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:50:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 168ms
44ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 180635
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 549 KB
218 KB 159ms
46ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://1win-c-uz.pu707ev.com/

Response headers

content-encoding: gzip
age: 5328
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 14:00:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 14:00:29 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222835
x-xss-protection: 0
server: sffe

GET
H2 200 uzbekistan.png
1win-c-uz.pu707ev.com/img/country/ 1 KB
2 KB 95ms
41ms Image
image/png 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/country/uzbekistan.png

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c96e6cc271262f86a2f2c172d248a69e8a121c82f2465529a506d2e8fe352e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "758f303bb86e51f12522bef78ce1d8fd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pyIaeN%2Bbi4BaVzW%2BhcSpAqGWM6MuIokfyR8Ie8Wo9W81snfoZqJqn6wBdNS%2FqZlgGUwC0023oDNzgPHB09neWzwH%2FFcHbV3pBQ1bqCdPcLaKKjDLrnm4srmILb35gJCDczDFA3CPwnYgS%2BQ%2FIvaNJcYnH0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b64866cac71e2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1530
date: Thu, 28 Nov 2024 15:29:17 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 uzbek.png
1win-c-uz.pu707ev.com/img/header/lang/ 1 KB
0 10ms
10ms Image
image/png 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-uz.pu707ev.com/img/header/lang/uzbek.png

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c96e6cc271262f86a2f2c172d248a69e8a121c82f2465529a506d2e8fe352e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "758f303bb86e51f12522bef78ce1d8fd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOXnzpE1%2FweeVfjqJJl1skhgiQLdjIn6%2BtuZy%2BPp4bALkvOzzm9JUvUp1lsSN%2FQ07J1eTmgFxtY19Rn9w2snvxQaH%2B%2BWlmyPpJz6p96W5C1PKxIjBp6lcQQ8xSSQECZDqIPQeIHPeen%2F8FDR6AkKEnt4Iz4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6480a86b71e2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1530
date: Thu, 28 Nov 2024 15:29:16 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 icomoon.ttf
1win-c-uz.pu707ev.com/fonts/src/icon-fonts/ 7 KB
4 KB 92ms
92ms Font
font/ttf 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-uz.pu707ev.com/fonts/src/icon-fonts/icomoon.ttf

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://1win-c-uz.pu707ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"0ccca3332ef19e77300d721a51280b31"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KOrtJxotNSm5G3XJ2bwp6SR6IeeywJfcjoUKWtq0zMmkZiiIEUV48ntxJJPcNqH24udRov8mBYcX%2FBP8Mc56IP%2F%2BpIBsI6jloYV5R7wzsJuZexiAOi0B9eybcB2GU0WFiwxNKsp9CuirnO2OrZ23tXlrRrE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6486dcf971e2-FRA
access-control-allow-origin: *
date: Thu, 28 Nov 2024 15:29:17 GMT
content-type: font/ttf
vary: Accept-Encoding
server: cloudflare

GET
H2

200

main.js Show response
1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 85F4
Redirect Chain

https://1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

9 KB
4 KB

57ms
57ms

Script
application/javascript

2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

Requested by

Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/

Protocol

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c9b7e951812147f058f75c4bec471ebc8dc4fc87b6fcd3db08868c92d65319e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8e9b648d79d971e2-FRA
date: Thu, 28 Nov 2024 15:29:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cf-ray: 8e9b64876d5b71e2-FRA
access-control-allow-origin: *
content-length: 0
date: Thu, 28 Nov 2024 15:29:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 908A 0
0 354ms
182ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly8xd2luLWMtdXoucHU3MDdldi5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=j9hyjw57j3bf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-88pYus9OiPF2YVH0iWfeyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1win-c-uz.pu707ev.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-88pYus9OiPF2YVH0iWfeyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 15:29:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 303 KB
103 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79775438ff4a28f1c5fbd0bb30f00219578d8d027769476d5c9cd853549c9012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 28 Nov 2024 15:29:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:29:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105588
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 8e9b647c9d5d71e2 Show response
1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 85F4 0
635 B 310ms
152ms XHR
text/plain 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e9b647c9d5d71e2
Requested by: Host: 1win-c-uz.pu707ev.com
URL: https://1win-c-uz.pu707ev.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8e9b6491cce471e2-FRA
content-length: 0
date: Thu, 28 Nov 2024 15:29:19 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

POST
H2 200 p Show response
f.pudaf.com/ 137 B
1 KB 57ms
54ms Fetch
application/json 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Requested by: Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-117.fra56.r.cloudfront.net
Software: /
Resource Hash: dc24f03f9955da9d12b5f62f5cda5b379f8b71bb231118f6f09b54cfbe8427d4

Request headers

ak: vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer: https://1win-c-uz.pu707ev.com/
x-ctr: vY2s2Wtkteyxwr_T17WdBg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/html, text/plain
ri: 5be2e11b5b314ea4ba2390eb304798bc
Content-Type: application/octet-stream
si: 8842abc9b7e945b1a447fae56a3b70af

Response headers

access-control-max-age: 43200
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
etag: 67488c50cc70f228d5240ae7
accept-ch: sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id: bface69c38ef011e7d4a5596c40f6fb2
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 137
x-amz-cf-id: Mwu49XFFFtKeF0MYjmPK6vuJbAS42W9H1tL-kv4lLVZGxCPk33-BUg==
date: Thu, 28 Nov 2024 15:29:20 GMT
content-type: application/json
last-modified: Thu, 28 Nov 2024 15:27:40 GMT
x-amz-cf-pop: FRA56-C1

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 403ms
68ms Fetch
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

content-encoding: br
etag: 5224205192509218475
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 15:29:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 28 Nov 2024 15:29:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53314
x-xss-protection: 0
server: cafe

OPTIONS
H2 204 p
f.pudaf.com/ Frame 0
0 383ms
40ms Preflight 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-117.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ak,content-type,ri,si,x-ctr
Access-Control-Request-Method: POST
Origin: https://1win-c-uz.pu707ev.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type,if-none-match,x-ctr,ak,si,ui,ri
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
access-control-max-age: 43200
date: Thu, 28 Nov 2024 15:29:20 GMT
vary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-id: 1zGG3fUVyO3cmq-pCAcozYm8EGtMYe37FERRz844sJbzvqMrLjdu4g==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 19 KB
19 KB 137ms
118ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 114504
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 07:40:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 07:40:56 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19780
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 134ms
115ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 117531
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 06:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 06:50:29 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12456
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 7 KB
7 KB 133ms
116ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

b73c1098eed65e61418b5f54ba17ba07a9760a9b9d93f188833b3874cfda5ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-uz.pu707ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 84378
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 16:03:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 16:03:02 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7096
x-xss-protection: 0
server: sffe

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

7 KB
3 KB

76ms
72ms

Script
application/javascript

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
age: 1948517
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 15:29:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JBZM06NK2TFC276D1TEPBJB2-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e9b649adbe49f36-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@4.2.4/dist/web-vitals.iife.js
content-encoding: br
cf-cache-status: HIT
age: 48
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e9b649a7b7b9f36-FRA
access-control-allow-origin: *
date: Thu, 28 Nov 2024 15:29:21 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JDSP6R82BJZCSZCS8FA4AH08-fra
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 596ms
25ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001z89181226602za200zb9181226602&_p=1732807757007&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1558664487.1732807760&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dr=&sid=1732807760&sct=1&seg=0&dl=https%3A%2F%2F1win-c-uz.pu707ev.com%2F&dt=65%20000%20000%20SO%E2%80%99M%20%2B%20250%20FS%20BIRINCHI%20DEPOZITGA!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.user_fp=67472890cc4afe4b706b6591&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A29%3A20&up.is_exist_player=false&up.language_site=&up.platform=desktop&up.screen_resolution=1600x1200&up.is_incognito=false&tfd=4473
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://1win-c-uz.pu707ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:29:21 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 578ms
24ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001z89181226602za200zb9181226602&_p=1732807757007&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1558664487.1732807760&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dr=&sid=1732807760&sct=1&seg=0&dl=https%3A%2F%2F1win-c-uz.pu707ev.com%2F&dt=65%20000%20000%20SO%E2%80%99M%20%2B%20250%20FS%20BIRINCHI%20DEPOZITGA!&en=registration&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.user_fp=67472890cc4afe4b706b6591&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A29%3A19&ep.event_category=registration&ep.category=registration&ep.type=short&ep.mode=phone&ep.event_action=view&_et=2&tfd=4488
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://1win-c-uz.pu707ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:29:21 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 495ms
24ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001za200zb9181226602&_p=1732807757007&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1558664487.1732807760&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&dr=&sid=1732807760&sct=1&seg=0&dl=https%3A%2F%2F1win-c-uz.pu707ev.com%2F&dt=65%20000%20000%20SO%E2%80%99M%20%2B%20250%20FS%20BIRINCHI%20DEPOZITGA!&en=scroll&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.user_fp=67472890cc4afe4b706b6591&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A29%3A20&epn.percent_scrolled=90&_et=1&tfd=4547
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://1win-c-uz.pu707ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:29:21 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 favicon-32x32.png
1win-c-uz.pu707ev.com/img/favicon/ 2 KB
2 KB 357ms
67ms Other
image/png 2606:4700:10::6816:d54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-uz.pu707ev.com/img/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "ab1156a8eb2af8e913fe675d02676f04"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QyztK34xE%2FRadI7T1k9M2AfTfgiLgQTdvtVE4lWoSg370vxzrd%2FyTFKPgnb8hGGediD8YftfTsXl9JsufJGsco1wNX6AAEluyXtoF%2BZhT2v12aW8Pf84PfYAyIM0eKHe4zU3fpx3dZZL7a7cI4J76CPL1I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b6498eb2171e2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1671
date: Thu, 28 Nov 2024 15:29:20 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

POST
H2 200 p Show response
f.pudaf.com/ 137 B
1 KB 478ms
7ms Fetch
application/json 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Requested by: Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-117.fra56.r.cloudfront.net
Software: /
Resource Hash: dc24f03f9955da9d12b5f62f5cda5b379f8b71bb231118f6f09b54cfbe8427d4

Request headers

ak: vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer: https://1win-c-uz.pu707ev.com/
x-ctr: QaaKGlc9xCM42QBhYroUOQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/html, text/plain
ri: 5be2e11b5b314ea4ba2390eb304798bc
Content-Type: application/octet-stream
si: 8842abc9b7e945b1a447fae56a3b70af

Response headers

access-control-max-age: 43200
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
etag: 67488c52ba7cfcdd3ce53f73
accept-ch: sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id: c0db61b23aef137e0d5d8bafd907136a
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 137
x-amz-cf-id: q7VBMGWWarKyHpT4Dlge8s0YnJQJuULhkNXdNXdLqCQen5rtJ0Fj4A==
date: Thu, 28 Nov 2024 15:29:22 GMT
content-type: application/json
last-modified: Thu, 28 Nov 2024 15:27:42 GMT
x-amz-cf-pop: FRA56-C1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 89ms
54ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001z89181226602za200zb9181226602&_p=1732807757007&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1558664487.1732807760&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dr=&sid=1732807760&sct=1&seg=0&dl=https%3A%2F%2F1win-c-uz.pu707ev.com%2F&dt=65%20000%20000%20SO%E2%80%99M%20%2B%20250%20FS%20BIRINCHI%20DEPOZITGA!&_s=4&tfd=9550
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://1win-c-uz.pu707ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://1win-c-uz.pu707ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:29:25 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pu707ev.com/	1970-01-21 01:20:09	Name: __cf_bm Value: .LhUb5BCripSWB1y5Vrmj1D76HpJS3zhBE11vytJHY8-1732807756-1.0.1.1-_CXBTzNVAJRQ4yI.kiKq0yW.DiGI1anD.sb0a5M1kL9NURHHKcCN4IgyVoFtq4K5fN8GzA_4KduFBWxWK4NQug
1win-c-uz.pu707ev.com/	1970-01-21 05:39:19	Name: ga-x3sdiid0 Value: YYWcwYjEzNmU1YWdmNDE0MWViNDU5N2liYzFiMmg0OD
.pu707ev.com/	1970-01-21 10:05:43	Name: cf_clearance Value: rx2AOIMrP_VvBIxeeCHBLDahu743QtTf1aw2B4jXRDk-1732807759-1.2.1.1-BL10S2pne13xonkMOjl8zykHlPstjLFFpTbeEYVSfpLcuEscM_wKsQHCc4WWBMHMY_yijhFfdNnD2rayDUQQGSTcAxKFzU3MHRYKNy_9l9LbhK8DX9W9P2cMy4MgRSq5p9jicDi9APnBgH_j9_3S3X6NDo4V9IzL24LkfCv3ceJok8XITqgWOJdiEjANqNUqh6.5MBnaoOnL9mNoAOtVvX1kZsKXSsoc.8D9ZDaOP1Jug9ty1ZD8ui3fBKu1dkIv9.6NqGN6KNYbmh3mkn1xo4YmVNdbiDuxVY0E4aAxX1ucervtCmrBPtcXht5_a8OJ.oMRSlXfgrG3UTJTVm47F8SnPkQId9fHdli.bA1N566LGRRmlw6OO6Hm7.zfb5LZ
.pu707ev.com/	1970-01-21 10:56:07	Name: _ga Value: GA1.1.1558664487.1732807760
1win-c-uz.pu707ev.com/	1970-01-21 05:39:19	Name: ga-d98gkkii Value: 67472890cc4afe4b706b6591
.pu707ev.com/	1970-01-21 10:56:07	Name: _ga_FSDW78HQ4L Value: GS1.1.1732807760.1.0.1732807761.0.0.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://1win-c-uz.pu707ev.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://1win-c-uz.pu707ev.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0108D025C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://1win-c-uz.pu707ev.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E019025C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://1win-c-uz.pu707ev.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0306E045C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://1win-c-uz.pu707ev.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0906E045C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-c-uz.pu707ev.com
f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
pagead2.googlesyndication.com
region1.google-analytics.com
unpkg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.185.227
142.250.186.163
172.217.18.4
2001:4860:4802:32::36
216.58.206.66
2606:4700:10::6816:d54
2606:4700::6811:f5cb
2a00:1450:4001:800::200a
2a00:1450:4001:81c::2008
3.69.69.101
65.9.66.117
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
1c28753736cc0917829a0543b8c97e14689f5287db0ac5b8bda7412251106776
2087e8cfd339b01309cb96af7e11eef05444c793cf1b768d30a076826c1f501e
2605c063257beca9b2bfba501c645a3b32eb15e364859ad01b935cc286aea016
2799a4af3a0ac139f661132aec2c94ade60ed0fe097bb6f4ba42da9cd1580152
42c96e6cc271262f86a2f2c172d248a69e8a121c82f2465529a506d2e8fe352e
54a00cc69c2da9de0fd87bcca80ba61eae4b6af5d9ae6a3894a7dff375bd2aca
5c9b7e951812147f058f75c4bec471ebc8dc4fc87b6fcd3db08868c92d65319e
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
71d546840626ca223ea62f041908b2d0b0c2e00449e429e40a7a1cc3abee19be
7281356e731601b70f571021251b0e4a71c190840221ad5634b5c16bd107bf9e
79775438ff4a28f1c5fbd0bb30f00219578d8d027769476d5c9cd853549c9012
7c979a9dc3a699adb9561b6ecf0d5d4e27b74bea9bdaf01e91259efecbefbcc5
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
a445f128d9f8afc66b472ddc266e97b4df636f3e032476cdce5321f3425bcbb9
a6cebc306a12a1d374fe7e16172f7e08d2b47275ccc92ed524ebe5658da956f9
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b62db9f94d0b8b486a06f8d2ceaf553dfa7a291d633497100daae02f27bed323
b73c1098eed65e61418b5f54ba17ba07a9760a9b9d93f188833b3874cfda5ddf
bbdbaae09a9fefe1eac886940fb71dc8694145eb2841e5415ec3d67a44401e2e
d5484b5c2479edf6e7200c7498f75772f2d074b89b2c31e2dc12de159f957282
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dc24f03f9955da9d12b5f62f5cda5b379f8b71bb231118f6f09b54cfbe8427d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd

1win-c-uz.pu707ev.com Open in urlscan Pro 2606:4700:10::6816:d54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

95 %HTTPS

45 %IPv6

9 Domains

11 Subdomains

11 IPs

2 Countries

729 kBTransfer

1717 kBSize

6 Cookies

1 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1win-c-uz.pu707ev.com Open in urlscan Pro
2606:4700:10::6816:d54 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

729 kB
Transfer

1717 kB
Size

6
Cookies

39 HTTP transactions
0 data transactions