urlscan.io logo urlscan.io
SecurityTrails logo

1win-c-in-hi.pu212ev.com Open in urlscan Pro
2606:4700:20::681a:6ad  Public Scan

Go To Rescan Add Verdict Report
URL: https://1win-c-in-hi.pu212ev.com/
Submission: On November 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 37 HTTP transactions. The main IP is 2606:4700:20::681a:6ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-c-in-hi.pu212ev.com.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.
This is the only time 1win-c-in-hi.pu212ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.164 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.198.100.38 16509 (AMAZON-02)
8 142.250.185.99 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
3 65.9.66.78 16509 (AMAZON-02)
1 142.250.186.66 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
37 11
14    2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)
1win-c-in-hi.pu212ev.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.198.100.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-100-38.eu-central-1.compute.amazonaws.com
fs.pudaf.com
8    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
www.gstatic.com
3    65.9.66.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-78.fra56.r.cloudfront.net
f.pudaf.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
2    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 pu212ev.com
1win-c-in-hi.pu212ev.com
66 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
450 KB
4 pudaf.com
fs.pudaf.com — Cisco Umbrella Rank: 619949
f.pudaf.com — Cisco Umbrella Rank: 527261
75 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
187 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
37 9
Domain Requested by
14 1win-c-in-hi.pu212ev.com 1win-c-in-hi.pu212ev.com
8 fonts.gstatic.com fonts.googleapis.com
3 region1.google-analytics.com www.googletagmanager.com
3 f.pudaf.com fs.pudaf.com
2 unpkg.com 1 redirects
2 www.googletagmanager.com 1win-c-in-hi.pu212ev.com
www.googletagmanager.com
2 www.google.com 1win-c-in-hi.pu212ev.com
www.gstatic.com
1 pagead2.googlesyndication.com fs.pudaf.com
1 www.gstatic.com www.google.com
1 fs.pudaf.com 1win-c-in-hi.pu212ev.com
1 fonts.googleapis.com 1win-c-in-hi.pu212ev.com
37 11

This site contains links to these domains. Also see Links.

Domain
tdsio.com
Subject Issuer Validity Valid
1win-c-in-hi.pu212ev.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.pinup-antifraud.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
frogo-aft.com
Amazon RSA 2048 M02		 2024-10-07 -
2025-11-05		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1win-c-in-hi.pu212ev.com/
Frame ID: F0018931276D72B94D9E6AA01E67DBD2
Requests: 35 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly8xd2luLWMtaW4taGkucHUyMTJldi5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=euenpnqletnk
Frame ID: 202FF53C916A3A1733C3C87612A73626
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

₹4,50,000 + 250 FS

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

37
Requests

97 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

784 kB
Transfer

1765 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1win-c-in-hi.pu212ev.com/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1d8282a7ade3fafe2ce021d86c8ccf9ad1ce6852bfe35d7064f16ed8be9f8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e9b5c68991d3664-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 28 Nov 2024 15:23:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cu5i28hx6ydmnkXiLT9oHRixeQe8tRmUqG%2Bt6x2vK8%2B7BGaTvch0pGJKRFVQ6V%2B9sgrR1XPJOnyj1RuJKaBQbVYv74M5ngJj6hvxpTHzPb6eqgkJJV0gJyiTVhT9hl6Bc1bWIkN5lZa7BUMxuKbwB3lGvcin5eA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=39189&min_rtt=37157&rtt_var=7546&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4020&recv_bytes=2396&delivery_rate=86963&cwnd=254&unsent_bytes=0&cid=312a85c2bf3377c8&ts=186&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff
css2
fonts.googleapis.com/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2087e8cfd339b01309cb96af7e11eef05444c793cf1b768d30a076826c1f501e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 15:23:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 28 Nov 2024 15:13:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.css
1win-c-in-hi.pu212ev.com/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-c-in-hi.pu212ev.com/main.css
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5484b5c2479edf6e7200c7498f75772f2d074b89b2c31e2dc12de159f957282
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"ebf0ed2e70332e7b35a80f6681110aaa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9YZJXNZqLhIbWq%2Fk%2BYB8ver905ahxbFu4je%2FdqkqocFM243UM00rb2aJ6mrBAhEJE1QQKXYBYluAPnBuQDWojzwVe3qQCeyJX9d6LUsVwVb3DfyMpZWO7YJERfJsURkVTMETgeLo3hyBQkLc73jh%2F8t%2B7XgYdo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6959ee3664-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=37819&min_rtt=36954&rtt_var=1140&sent=19&recv=26&lost=0&retrans=0&sent_bytes=11375&recv_bytes=2855&delivery_rate=332845&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=277&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
azerbaijan.png
1win-c-in-hi.pu212ev.com/img/header/lang/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/header/lang/azerbaijan.png
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdbaae09a9fefe1eac886940fb71dc8694145eb2841e5415ec3d67a44401e2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cf-cache-status
MISS
etag
"33d0c4d4b59a30bb8c614b3ecf281c46"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4OJyWoU26XQR2dlV1Gv1Sj61UCvg63wP84Tr7sMRMvFvqEwrqCIJvsHZK87MSPCigs06maOl25UiBC96SIio5Vxst9CIUvKe%2BQPMqHMd%2BPY66hMfBlkHSJpLH1UcRbye9hOGhP%2B%2FFx9aL5J%2FViikfQKEtE1v7f4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=37819&min_rtt=36954&rtt_var=1140&sent=27&recv=26&lost=0&retrans=0&sent_bytes=16906&recv_bytes=2855&delivery_rate=332845&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=289&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6959f03664-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1664
server
cloudflare
indian.png
1win-c-in-hi.pu212ev.com/img/header/lang/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/header/lang/indian.png
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cf-cache-status
MISS
etag
"d8a19eb68791c63572c9bfc16ea175fe"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1vOXoGpz7N8R%2FcdZva2m5GxblWdDuXeVXm0sKvsvlY26vuDrUPuqgX29DOwaZZc18gonWMmuG8z0YIA9BC3HLk4o20C77YHS8Xmo2n8Lgg1DRyiM%2BbreUUvZ4%2B2j5X7hKkjfo%2FwgKqSYpzx7NWnAILlgM2t48g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=37819&min_rtt=36954&rtt_var=1140&sent=31&recv=26&lost=0&retrans=0&sent_bytes=19152&recv_bytes=2855&delivery_rate=332845&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=289&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6959f13664-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1063
server
cloudflare
uzbek.png
1win-c-in-hi.pu212ev.com/img/header/lang/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/header/lang/uzbek.png
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c96e6cc271262f86a2f2c172d248a69e8a121c82f2465529a506d2e8fe352e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cf-cache-status
MISS
etag
"758f303bb86e51f12522bef78ce1d8fd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGLvvsBjcdTKfoAVa%2FEGyJeoaD0lIwpviBm7iK2XOdxCw83qgO9BHXyr9P3Vb9ZQxIxxnGC0N2deEawyBM8CYB4XMqkoD5alFfmMfVYbm7F%2BZ6VbjIjoqoHHZ64mSdH%2F3%2BEkFUcAgSTE0F4KwnQpO%2BRRpFqgaT8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=37716&min_rtt=36891&rtt_var=1114&sent=35&recv=32&lost=0&retrans=0&sent_bytes=20758&recv_bytes=2925&delivery_rate=393770&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=467&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6a6af73664-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1530
server
cloudflare
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
ESF /
Resource Hash
2799a4af3a0ac139f661132aec2c94ade60ed0fe097bb6f4ba42da9cd1580152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 15:23:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 28 Nov 2024 15:23:45 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
bundle.js
1win-c-in-hi.pu212ev.com/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-c-in-hi.pu212ev.com/bundle.js
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a445f128d9f8afc66b472ddc266e97b4df636f3e032476cdce5321f3425bcbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"0d0e72de897477a6efb8d45b3bc52d0c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvUf3JeFnKQ1av%2BZN1vZ1xBhhbfLKudLJV8ti%2Ffg%2FNOIxNQ5JxkDc4isBDFMxxbF6ZyU2wQWRsSKQWItueJOPUDZutB3eDe%2F5mYJFjYOlG9XIgdbFCag3oqy0QYXXrhShRHmeJC38x5%2F6u3cUuyHatPNiu7ssYY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6b2b8f3664-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=37596&min_rtt=36891&rtt_var=829&sent=43&recv=37&lost=0&retrans=0&sent_bytes=23008&recv_bytes=3159&delivery_rate=393770&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=582&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89337e3a8a9e579f4454b97ac1f344c9f29805d5c1655edefb095037e8dc044f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 28 Nov 2024 15:23:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84706
x-xss-protection
0
server
Google Tag Manager
fp.js
fs.pudaf.com/ 		242 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.pudaf.com/fp.js
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.198.100.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-100-38.eu-central-1.compute.amazonaws.com
Software
nginx/1.27.2 /
Resource Hash
2605c063257beca9b2bfba501c645a3b32eb15e364859ad01b935cc286aea016

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

content-encoding
gzip
date
Thu, 28 Nov 2024 15:23:45 GMT
etag
W/"671b9df7-3c6b8"
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 13:32:39 GMT
server
nginx/1.27.2
background.jpg
1win-c-in-hi.pu212ev.com/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/background.jpg
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6cebc306a12a1d374fe7e16172f7e08d2b47275ccc92ed524ebe5658da956f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"8e6273ba24b3dbf724821f0e80b66df0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kxb9t6Z%2Fxcr7NQTQZ1HRR739Hty6SX3xWIRhPJhi6l%2Bf5Tl6L3vbMvl97KEXDS%2B1YWbMIuDJEu2ZoTxLubPT6rFZ3vO%2FFxnqMHwkvpiOAixLqN1lxINdBKuVmEA5c3BmB40Ww0xZGIKOhE9CkB9sWgz9yDe7LRI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=38445&min_rtt=36891&rtt_var=2320&sent=74&recv=40&lost=0&retrans=0&sent_bytes=46817&recv_bytes=3288&delivery_rate=613570&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=639&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6b7bde3664-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
15160
server
cloudflare
arrow.svg
1win-c-in-hi.pu212ev.com/img/ 		168 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/arrow.svg
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a00cc69c2da9de0fd87bcca80ba61eae4b6af5d9ae6a3894a7dff375bd2aca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/main.css

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"64b96f3da65e5010374b6561799c5efc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q29M61XcHwII9H6nEZf%2FZbuAhmrq%2BbPO%2Bfv8A2B0SsAMS5jqKHT9rFzu6C%2Fk28S3L2Ao5FSfXtwwgqEul3Vg7oKrLjYSb0C9VYct0crP0h8o2YsSjCROGPXF62nqfnTiJbZdeCbisOmIoz5%2BWPZovUMotwqDe%2Bk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6b7bdf3664-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=38445&min_rtt=36891&rtt_var=2320&sent=71&recv=40&lost=0&retrans=0&sent_bytes=46112&recv_bytes=3288&delivery_rate=613570&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=629&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
down-arrow.svg
1win-c-in-hi.pu212ev.com/img/ 		199 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/down-arrow.svg
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71d546840626ca223ea62f041908b2d0b0c2e00449e429e40a7a1cc3abee19be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/main.css

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"f667c1d880ee3ff9ccf4e9ab671687f7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RS9jTexK2tUyYZSEgmkDVgaCQsUUPAqPdUyruXEOkJlNCfDRTdMD%2BvkhUEjEgnLIQfint2YA2w83co1JBxAmsLV4GXbmCEeJK6iddcLyIbTBuKUylRNtvtOe8cJUPoZH0Y1TUK0P73yoTbqMJGESjMGsUEWmabA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6b7be43664-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=37596&min_rtt=36891&rtt_var=829&sent=65&recv=39&lost=0&retrans=0&sent_bytes=44579&recv_bytes=3288&delivery_rate=393770&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=619&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
checkbox.svg
1win-c-in-hi.pu212ev.com/img/ 		297 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/checkbox.svg
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b62db9f94d0b8b486a06f8d2ceaf553dfa7a291d633497100daae02f27bed323
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/main.css

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"8e2f5f13abb2663dcc219e1457660206"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=la0iHw4Bil99efuLEhMDE7bIAuKYbdPtTOLbZYTmQuI1x8XyukdRcCojUGlXrbaFtS%2B4e8VHBIF47kJK%2FC2jF4iv3rqlkJvSK%2FCTad4FJ4nHv0JYVQnRqxoobovPJsL%2BHR%2FJXvjlqvPSacG6Z6hA2aCKlP4vUYE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6b7be53664-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=38445&min_rtt=36891&rtt_var=2320&sent=68&recv=40&lost=0&retrans=0&sent_bytes=45352&recv_bytes=3288&delivery_rate=613570&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=628&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3...
fonts.gstatic.com/s/robotoflex/v26/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoflex/v26/NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3e0O-gn5rrZCu20YNau2OPF80A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b8acb10ee4d4fa5282718add726e9ee2cfec819ffbdb8249adc8466256f1ed33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://fonts.googleapis.com/

Response headers

age
148192
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 22:13:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 22:13:53 GMT
last-modified
Wed, 28 Feb 2024 18:05:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
58112
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://fonts.googleapis.com/

Response headers

age
180303
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 13:18:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 13:18:42 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3...
fonts.gstatic.com/s/robotoflex/v26/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoflex/v26/NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3e0O-gn5rrZCu20YNau4OPE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
7c979a9dc3a699adb9561b6ecf0d5d4e27b74bea9bdaf01e91259efecbefbcc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://fonts.googleapis.com/

Response headers

age
149347
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 21:54:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:54:38 GMT
last-modified
Wed, 28 Feb 2024 18:00:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
84552
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://fonts.googleapis.com/

Response headers

age
222060
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://fonts.googleapis.com/

Response headers

age
84789
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 15:50:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:50:36 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

content-encoding
gzip
age
90737
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 14:11:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 14:11:28 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222835
x-xss-protection
0
server
sffe
india.png
1win-c-in-hi.pu212ev.com/img/country/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/country/india.png
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cf-cache-status
MISS
etag
"d8a19eb68791c63572c9bfc16ea175fe"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hI4TV3uAu0tXRItVvmuMyjRxXb%2BB67ACht8DWbUB3X0yLTUOed%2FxZaRoJMn7fbQhwS6DCx9HwrAN0K18vd1R6tYCBqcx12BXGxR9aK%2FLr7x1vEZi%2Bs2clL%2FCl7sSJwAQGJHL3dJ0YfqQqCJs1h%2B4%2FykYOvRpoOo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=38910&min_rtt=36891&rtt_var=2288&sent=94&recv=52&lost=0&retrans=0&sent_bytes=62765&recv_bytes=3610&delivery_rate=613570&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=716&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6c1c923664-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1063
server
cloudflare
hi.png
1win-c-in-hi.pu212ev.com/img/header/lang/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-c-in-hi.pu212ev.com/img/header/lang/hi.png
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cf-cache-status
MISS
etag
"d8a19eb68791c63572c9bfc16ea175fe"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6l0PavCUevAmaOBm57MOx6qaU%2B%2FnPjbEwDezdfC6YNd19HXZHYKtsAd1N87a%2FP6VWrISNxwqTDKCSeyQGyYPwSxwIAXlwO8YGaPCQ4VvNplC2R3Kkij5qr9KLgj4TpNq4YfmADZQ%2B%2BYiP2s7t6hPzbTsh0jauw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=38910&min_rtt=36891&rtt_var=2288&sent=97&recv=52&lost=0&retrans=0&sent_bytes=64392&recv_bytes=3610&delivery_rate=613570&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=720&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6c1c963664-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1063
server
cloudflare
icomoon.ttf
1win-c-in-hi.pu212ev.com/fonts/src/icon-fonts/ 		7 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1win-c-in-hi.pu212ev.com/fonts/src/icon-fonts/icomoon.ttf
Requested by
Host: 1win-c-in-hi.pu212ev.com
URL: https://1win-c-in-hi.pu212ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://1win-c-in-hi.pu212ev.com/main.css

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"0ccca3332ef19e77300d721a51280b31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiixpDPWVtH%2BQkkByLN%2FEiqc1G01M39dHmK%2FXF%2BRC8AUAAeGiIJhB3s%2FzQXLJQlzdXyUyGYZDmd3fTMK%2F4DpR5G4oz%2BB1KXIuBBXt%2BZ484cE4Ih6Hrhs0aY6nD52dnsbDrzh%2FdhZOKFlqiWsoKtkSoIw9%2FAB3uo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c6c1c9d3664-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=38910&min_rtt=36891&rtt_var=2288&sent=100&recv=52&lost=0&retrans=0&sent_bytes=66016&recv_bytes=3610&delivery_rate=613570&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=741&x=0"
date
Thu, 28 Nov 2024 15:23:45 GMT
content-type
font/ttf
vary
Accept-Encoding
server
cloudflare
anchor
www.google.com/recaptcha/enterprise/ Frame 202F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly8xd2luLWMtaW4taGkucHUyMTJldi5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=euenpnqletnk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AMWZQ0jYjbr7KY7dGNqY5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1win-c-in-hi.pu212ev.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-AMWZQ0jYjbr7KY7dGNqY5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 15:23:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/ 		303 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f04fc7647e1e94413c854b6b28d7d47da0fe08ca4b7353f01072097253be705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Thu, 28 Nov 2024 15:23:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 15:23:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105587
x-xss-protection
0
server
Google Tag Manager
p
f.pudaf.com/ 		137 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p
Requested by
Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-78.fra56.r.cloudfront.net
Software
/
Resource Hash
27858a3d2417ba810f9e3010f8149bfefcda828eb1109a0bb4e4d46289035b1b

Request headers

ak
vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer
https://1win-c-in-hi.pu212ev.com/
x-ctr
rDL_CO8Tv7AEUG-82pB6hg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/html, text/plain
ri
772364c762e64df4ac6c9ebaa2d86bb5
Content-Type
application/octet-stream
si
2957a2663b5b4508b4706f4514ba3be2

Response headers

access-control-max-age
43200
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
etag
67488b03cc70f228d523d71d
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id
d1ef25020b41d81b991182dfe628725a
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
137
x-amz-cf-id
tj9WugSZB4VFHh46VeCeUY9mzoiJLL2abE37qZvyCuUt2WRq3iwseA==
date
Thu, 28 Nov 2024 15:23:47 GMT
content-type
application/json
last-modified
Thu, 28 Nov 2024 15:22:07 GMT
x-amz-cf-pop
FRA56-C1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

content-encoding
br
etag
8626101378972034648
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 15:23:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 28 Nov 2024 15:23:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53309
x-xss-protection
0
server
cafe
p
f.pudaf.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-78.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ak,content-type,ri,si,x-ctr
Access-Control-Request-Method
POST
Origin
https://1win-c-in-hi.pu212ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match,x-ctr,ak,si,ui,ri
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
access-control-max-age
43200
date
Thu, 28 Nov 2024 15:23:47 GMT
vary
Access-Control-Request-Method, Access-Control-Request-Headers, Origin
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-id
nEO9Cdgk1dubyqVAN-_hdNlDjB3gAIyGQBkEYCvwV0dHVAP5AO1c6Q==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://fonts.googleapis.com/

Response headers

age
114171
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 07:40:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 07:40:56 GMT
last-modified
Thu, 01 Aug 2024 20:41:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19780
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://fonts.googleapis.com/

Response headers

age
117198
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 06:50:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 06:50:29 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12456
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b73c1098eed65e61418b5f54ba17ba07a9760a9b9d93f188833b3874cfda5ddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1win-c-in-hi.pu212ev.com
Referer
https://fonts.googleapis.com/

Response headers

age
84045
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 16:03:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 16:03:02 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7096
x-xss-protection
0
server
sffe
web-vitals.iife.js
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
age
1948184
x-content-type-options
nosniff
date
Thu, 28 Nov 2024 15:23:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JBZM06NK2TFC276D1TEPBJB2-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8e9b5c794d493608-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/web-vitals@4.2.4/dist/web-vitals.iife.js
content-encoding
br
cf-cache-status
HIT
age
315
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8e9b5c78fd013608-FRA
access-control-allow-origin
*
date
Thu, 28 Nov 2024 15:23:48 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JDSNMCAZAVB85VYJH0BS53H6-fra
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001z89181226602za200zb9181226602&_p=1732807425763&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=552427473.1732807428&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dr=&sid=1732807427&sct=1&seg=0&dl=https%3A%2F%2F1win-c-in-hi.pu212ev.com%2F&dt=%E2%82%B94%2C50%2C000%20%2B%20250%20FS&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A23%3A47&up.is_exist_player=false&up.language_site=&up.platform=desktop&up.screen_resolution=1600x1200&up.is_incognito=false&tfd=2648
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1win-c-in-hi.pu212ev.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 15:23:47 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001z89181226602za200zb9181226602&_p=1732807425763&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=552427473.1732807428&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dr=&sid=1732807427&sct=1&seg=0&dl=https%3A%2F%2F1win-c-in-hi.pu212ev.com%2F&dt=%E2%82%B94%2C50%2C000%20%2B%20250%20FS&en=registration&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A23%3A46&ep.event_category=registration&ep.category=registration&ep.type=short&ep.mode=phone&ep.event_action=view&_et=7&tfd=2668
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1win-c-in-hi.pu212ev.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 15:23:47 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001za200zb9181226602&_p=1732807425763&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=552427473.1732807428&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&dr=&sid=1732807427&sct=1&seg=0&dl=https%3A%2F%2F1win-c-in-hi.pu212ev.com%2F&dt=%E2%82%B94%2C50%2C000%20%2B%20250%20FS&en=scroll&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A23%3A47&epn.percent_scrolled=90&_et=2&tfd=2692
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1win-c-in-hi.pu212ev.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 15:23:47 GMT
content-type
text/plain
server
Golfe2
favicon-32x32.png
1win-c-in-hi.pu212ev.com/img/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1win-c-in-hi.pu212ev.com/img/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-c-in-hi.pu212ev.com/

Response headers

cf-cache-status
MISS
etag
"ab1156a8eb2af8e913fe675d02676f04"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ej2omYcLM21sTOMqtiRoWIVii7ilP06ZSPTEQZlYs9apO48LOwdNywnmfyHaQQblS8xFCuMUi4GIU2kUljLI5uCj%2F%2BNBEaJiSnPp4ndY5%2FakSHoxDqb4OHTpdGl6A1E4s4q1eN4RsVbbUhEJVJB5R72JnEEavGQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=44709&min_rtt=36891&rtt_var=12637&sent=107&recv=58&lost=0&retrans=0&sent_bytes=70612&recv_bytes=3802&delivery_rate=613570&cwnd=257&unsent_bytes=0&cid=312a85c2bf3377c8&ts=2780&x=0"
date
Thu, 28 Nov 2024 15:23:48 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e9b5c78d9a33664-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1671
server
cloudflare
p
f.pudaf.com/ 		137 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p
Requested by
Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-78.fra56.r.cloudfront.net
Software
/
Resource Hash
27858a3d2417ba810f9e3010f8149bfefcda828eb1109a0bb4e4d46289035b1b

Request headers

ak
vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer
https://1win-c-in-hi.pu212ev.com/
x-ctr
LY7lCItAhTGtmiLdTvIHAA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/html, text/plain
ri
772364c762e64df4ac6c9ebaa2d86bb5
Content-Type
application/octet-stream
si
2957a2663b5b4508b4706f4514ba3be2

Response headers

access-control-max-age
43200
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
etag
67488b05cc70f228d523d74a
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id
f8f663666b3a491332624877195b8833
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
137
x-amz-cf-id
wkPbTb-rjOJHhvI0CY4oGmcNE2NboqpW7J3z3cprC1f1e7t1p6AVlQ==
date
Thu, 28 Nov 2024 15:23:49 GMT
content-type
application/json
last-modified
Thu, 28 Nov 2024 15:22:09 GMT
x-amz-cf-pop
FRA56-C1

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| landingConfig object| dataLayer string| afto function| aft object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| phonePattern object| links object| pageState object| formNotif object| translate object| currency string| formMode object| aftStore function| aftUUID function| aftSID function| aftGenSID function| startBBClicker function| stopBBClicker string| afti object| google_tag_manager object| google_tag_data object| recaptcha object| closure_lm_894100 string| key number| width number| height object| last_10_events object| current_event function| onYouTubeIframeAPIReady object| gaGlobal function| detectIncognito boolean| is_incognito string| _D9tysGh2 object| webVitals

5 Cookies

Domain/Path Name / Value
.pu212ev.com/ Name: __cf_bm
Value: vxgzTUkEFm4e8owtAN42LzDu2bWK2CkXnDKZXd54I1k-1732807425-1.0.1.1-hUG12mKnus.iqMa7VUBX.JMzB7jaGM08rhhy7n3uEVZ54TlfIIywhl8h3gZ4sEWNoSY9MVsORhO1r5C5Z8rDGQ
1win-c-in-hi.pu212ev.com/ Name: ga-x3sdiid0
Value: IZTNiYTRiMTQ1ZjA2NzI0OGUwNDViYjYzNjEyN2k1Mj
.pu212ev.com/ Name: _ga
Value: GA1.1.552427473.1732807428
.pu212ev.com/ Name: _ga_FSDW78HQ4L
Value: GS1.1.1732807427.1.0.1732807428.0.0.0
1win-c-in-hi.pu212ev.com/ Name: ga-d98gkkii
Value: 6744887fcc4afe4b706975b4

5 Console Messages

Source Level URL
Text
recommendation verbose URL: https://1win-c-in-hi.pu212ev.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering warning URL: https://1win-c-in-hi.pu212ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000510B54130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://1win-c-in-hi.pu212ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0D0FD0354130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://1win-c-in-hi.pu212ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070FD0354130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://1win-c-in-hi.pu212ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070A60954130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-c-in-hi.pu212ev.com
f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
pagead2.googlesyndication.com
region1.google-analytics.com
unpkg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.185.164
142.250.185.99
142.250.186.66
172.217.16.195
18.198.100.38
2001:4860:4802:32::36
2606:4700:20::681a:6ad
2606:4700::6811:f7cb
2a00:1450:4001:813::2008
2a00:1450:4001:831::200a
65.9.66.78
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
2087e8cfd339b01309cb96af7e11eef05444c793cf1b768d30a076826c1f501e
2605c063257beca9b2bfba501c645a3b32eb15e364859ad01b935cc286aea016
27858a3d2417ba810f9e3010f8149bfefcda828eb1109a0bb4e4d46289035b1b
2799a4af3a0ac139f661132aec2c94ade60ed0fe097bb6f4ba42da9cd1580152
42c96e6cc271262f86a2f2c172d248a69e8a121c82f2465529a506d2e8fe352e
4f04fc7647e1e94413c854b6b28d7d47da0fe08ca4b7353f01072097253be705
54a00cc69c2da9de0fd87bcca80ba61eae4b6af5d9ae6a3894a7dff375bd2aca
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
71d546840626ca223ea62f041908b2d0b0c2e00449e429e40a7a1cc3abee19be
7c979a9dc3a699adb9561b6ecf0d5d4e27b74bea9bdaf01e91259efecbefbcc5
89337e3a8a9e579f4454b97ac1f344c9f29805d5c1655edefb095037e8dc044f
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
a445f128d9f8afc66b472ddc266e97b4df636f3e032476cdce5321f3425bcbb9
a6cebc306a12a1d374fe7e16172f7e08d2b47275ccc92ed524ebe5658da956f9
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b62db9f94d0b8b486a06f8d2ceaf553dfa7a291d633497100daae02f27bed323
b73c1098eed65e61418b5f54ba17ba07a9760a9b9d93f188833b3874cfda5ddf
b8acb10ee4d4fa5282718add726e9ee2cfec819ffbdb8249adc8466256f1ed33
bbdbaae09a9fefe1eac886940fb71dc8694145eb2841e5415ec3d67a44401e2e
d5484b5c2479edf6e7200c7498f75772f2d074b89b2c31e2dc12de159f957282
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
ff1d8282a7ade3fafe2ce021d86c8ccf9ad1ce6852bfe35d7064f16ed8be9f8d