1win-c-in-hi.pu207ev.com Open in urlscan Pro
2606:4700:20::ac43:442a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1win-c-in-hi.pu207ev.com/
Submission: On November 28 via api (November 28th 2024, 3:20:24 pm UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2606:4700:20::ac43:442a, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-c-in-hi.pu207ev.com.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.

This is the only time 1win-c-in-hi.pu207ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:20:... 2606:4700:20::ac43:442a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	3.69.69.101 3.69.69.101	16509 (AMAZON-02) (AMAZON-02)
8	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	65.9.66.14 65.9.66.14	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
38	11

14 2606:4700:20::ac43:442a (United States)

ASN13335 (CLOUDFLARENET, US)

1win-c-in-hi.pu207ev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.69.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-69-101.eu-central-1.compute.amazonaws.com

fs.pudaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-14.fra56.r.cloudfront.net

f.pudaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	pu207ev.com 1win-c-in-hi.pu207ev.com	66 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	450 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
4	pudaf.com fs.pudaf.com — Cisco Umbrella Rank: 619949 f.pudaf.com — Cisco Umbrella Rank: 527261	75 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 740	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	187 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
38	9

	Domain	Requested by
14	1win-c-in-hi.pu207ev.com	1win-c-in-hi.pu207ev.com
8	fonts.gstatic.com	fonts.googleapis.com
4	region1.google-analytics.com	www.googletagmanager.com
3	f.pudaf.com	fs.pudaf.com
2	unpkg.com	1 redirects
2	www.googletagmanager.com	1win-c-in-hi.pu207ev.com www.googletagmanager.com
2	www.google.com	1win-c-in-hi.pu207ev.com www.gstatic.com
1	pagead2.googlesyndication.com	fs.pudaf.com
1	www.gstatic.com	www.google.com
1	fs.pudaf.com	1win-c-in-hi.pu207ev.com
1	fonts.googleapis.com	1win-c-in-hi.pu207ev.com
38	11

This site contains links to these domains. Also see Links.

Domain
tdsio.com

Subject Issuer	Validity	Valid
1win-c-in-hi.pu207ev.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.pinup-antifraud.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
frogo-aft.com Amazon RSA 2048 M02	`2024-10-07` - `2025-11-05`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://1win-c-in-hi.pu207ev.com/
Frame ID: B85C9BD431386308ED134A14006301F7
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly8xd2luLWMtaW4taGkucHUyMDdldi5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=cethfsteaioc
Frame ID: 146101E817095E1293A803315B951782
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

₹4,50,000 + 250 FS

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

38
Requests

97 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

784 kB
Transfer

1765 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tdsio.com/p6M
Title: और शर्तों से सहमत हूँ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
1win-c-in-hi.pu207ev.com/ 23 KB
7 KB 116ms
64ms Document
text/html 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1d8282a7ade3fafe2ce021d86c8ccf9ad1ce6852bfe35d7064f16ed8be9f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e9b574a7ad69125-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 15:20:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfeOLqqgYQD%2BFf1smXXt7jQOZCYzieBpu5%2BR9E9yBWX3BS%2B6MXswA62xLR2aSKA1BQj0QqXLbEHf4zekiYiFBIvt84kMG2vzqFEdxWj9FSlrWOk9rMDL%2BqleWiaggIG2awG0GYFtYXajfI5bIvTxPj4rmLlmgyI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=11039&min_rtt=5845&rtt_var=10868&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4023&recv_bytes=2364&delivery_rate=621771&cwnd=254&unsent_bytes=0&cid=0e312cf0a560485f&ts=78&x=0"
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
2 KB 145ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2087e8cfd339b01309cb96af7e11eef05444c793cf1b768d30a076826c1f501e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 15:20:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:20:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 28 Nov 2024 15:16:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 main.css
1win-c-in-hi.pu207ev.com/ 25 KB
5 KB 67ms
65ms Stylesheet
text/css 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-in-hi.pu207ev.com/main.css

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5484b5c2479edf6e7200c7498f75772f2d074b89b2c31e2dc12de159f957282

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"ebf0ed2e70332e7b35a80f6681110aaa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OpyRwpsZDbn38mkjNHtezyp55goHjCH5JPjzn%2BcGCL9k1AbNRKiqU7C%2BJ7p%2B077GfMREzdjmFcKrH30uXsLFdZ%2FSzoJywUzCbQXi4vEzgGG%2B4razsk1NPpeGoOJS9NABfinhaVw%2B5H3iwKaLDJrOtVw3xua%2FPs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574afb479125-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=7334&min_rtt=5827&rtt_var=1521&sent=29&recv=30&lost=0&retrans=0&sent_bytes=15269&recv_bytes=2967&delivery_rate=1991137&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=153&x=0"
date: Thu, 28 Nov 2024 15:20:15 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 azerbaijan.png
1win-c-in-hi.pu207ev.com/img/header/lang/ 2 KB
2 KB 60ms
58ms Image
image/png 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/header/lang/azerbaijan.png

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbdbaae09a9fefe1eac886940fb71dc8694145eb2841e5415ec3d67a44401e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cf-cache-status: MISS
etag: "33d0c4d4b59a30bb8c614b3ecf281c46"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jgt4MdXAqQPW3%2B2EF85ds7gvdAg6sY4WssmyXPXJK2APBprZ1%2BZJwh%2FzlSMfzLMXsN2m5rZoUX98f5HIljlyS1vDl2T%2FDqXzvv13qiG8uSz9fQSliSLVW%2FwcS7jB8CsrndPqa2r2P2AYP7zokIAixfCIgCKIeQE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=7260&min_rtt=5827&rtt_var=1829&sent=24&recv=29&lost=0&retrans=0&sent_bytes=13038&recv_bytes=2967&delivery_rate=1991137&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=143&x=0"
date: Thu, 28 Nov 2024 15:20:15 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574afb489125-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1664
server: cloudflare

GET
H2 200 indian.png
1win-c-in-hi.pu207ev.com/img/header/lang/ 1 KB
2 KB 61ms
60ms Image
image/png 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/header/lang/indian.png

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cf-cache-status: MISS
etag: "d8a19eb68791c63572c9bfc16ea175fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wi1t%2F09xNqPR0ixq7K%2BQ3MFag9wQnGwzA9zVFnlEc0COuhuXgj8K%2F%2Bdc%2FKFzemVxMCi4fnuucNaEpIZuVKaQeFLKoV6lhbScsdC9%2BBci%2F0FrRqETTJ8wcvFGuvZeB4arDp9cEWcNTlIks%2BsNvnwP7Xpa1AhpXTQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=7260&min_rtt=5827&rtt_var=1829&sent=21&recv=29&lost=0&retrans=0&sent_bytes=11380&recv_bytes=2967&delivery_rate=1991137&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=140&x=0"
date: Thu, 28 Nov 2024 15:20:15 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574afb4a9125-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1063
server: cloudflare

GET
H2 200 uzbek.png
1win-c-in-hi.pu207ev.com/img/header/lang/ 1 KB
2 KB 60ms
58ms Image
image/png 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/header/lang/uzbek.png

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c96e6cc271262f86a2f2c172d248a69e8a121c82f2465529a506d2e8fe352e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cf-cache-status: MISS
etag: "758f303bb86e51f12522bef78ce1d8fd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zU5ocp4DChBXqWenUaY1V5j1nt0ZS35Z5qde2LIt842%2B8ADVQRcqCgnc6iu%2BXKHXd4JjvMLtwPxbD7VthU3vxsp%2FTiuvVoQE0e6Mm1WszVgSfWU10BZSyBVS3T02OEwS4WBMhe59%2BHe5EZcSPbglteG7FKQgKfw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=8006&min_rtt=5827&rtt_var=2014&sent=37&recv=32&lost=0&retrans=0&sent_bytes=20765&recv_bytes=2967&delivery_rate=1991137&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=174&x=0"
date: Thu, 28 Nov 2024 15:20:15 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574b2b799125-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1530
server: cloudflare

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 142ms
58ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

ESF /

Resource Hash

2799a4af3a0ac139f661132aec2c94ade60ed0fe097bb6f4ba42da9cd1580152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 15:20:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 28 Nov 2024 15:20:15 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 bundle.js Show response
1win-c-in-hi.pu207ev.com/ 82 KB
21 KB 91ms
90ms Script
application/javascript 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-in-hi.pu207ev.com/bundle.js

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a445f128d9f8afc66b472ddc266e97b4df636f3e032476cdce5321f3425bcbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"0d0e72de897477a6efb8d45b3bc52d0c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqcDzAVGcb9gw1C6sCRtOQUF0ycc36qbQegNPLJWWIPE6ivVi%2FusPv0P83Lxy4nkwZpyTdj7M0Lm0my11Z2D88umLjcOn28sZl3lfIwi2Nd6%2BN9fmYwlddn0VxhuYRCFjj%2FBbbh6cyAJX5LwVyPvc0z6UE7unm0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574b2b7a9125-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=7817&min_rtt=5827&rtt_var=1887&sent=42&recv=33&lost=0&retrans=0&sent_bytes=23008&recv_bytes=2967&delivery_rate=1991137&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=210&x=0"
date: Thu, 28 Nov 2024 15:20:15 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
83 KB 154ms
54ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e0647a91c8cb9550b6fd282f58f581b6849f2af0d544748717c8fe79bbbae5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 28 Nov 2024 15:20:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:20:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84700
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 fp.js Show response
fs.pudaf.com/ 242 KB
73 KB 91ms
27ms Script
application/javascript 3.69.69.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.pudaf.com/fp.js
Requested by: Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.69.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-69-101.eu-central-1.compute.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: 2605c063257beca9b2bfba501c645a3b32eb15e364859ad01b935cc286aea016

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

content-encoding: gzip
date: Thu, 28 Nov 2024 15:20:15 GMT
etag: W/"671b9df7-3c6b8"
content-type: application/javascript
last-modified: Fri, 25 Oct 2024 13:32:39 GMT
server: nginx/1.27.2

GET
H2 200 background.jpg
1win-c-in-hi.pu207ev.com/img/ 15 KB
15 KB 71ms
68ms Image
image/jpeg 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/background.jpg

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cebc306a12a1d374fe7e16172f7e08d2b47275ccc92ed524ebe5658da956f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/main.css

Response headers

cf-cache-status: MISS
etag: "8e6273ba24b3dbf724821f0e80b66df0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lskxsAelKlnZnWtAqWNdRZZz%2BGxzPyNs5O5Cj1a9%2BBctLKbBAe%2BhNKp%2B6H3UkU4fYP%2B1rp7NTqOcYCgwWrFiWTBkxC2LQH%2BLf2HHqDj%2FKq27%2BcqICEGOs7c8n4cQbYaYc3d%2FqOnWxQl%2B1vhmlKyIyQrTxrymC3I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=8526&min_rtt=5827&rtt_var=2821&sent=84&recv=42&lost=0&retrans=0&sent_bytes=46835&recv_bytes=3328&delivery_rate=4069731&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=321&x=0"
date: Thu, 28 Nov 2024 15:20:16 GMT
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574bfc289125-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15160
server: cloudflare

GET
H2 200 arrow.svg
1win-c-in-hi.pu207ev.com/img/ 168 B
635 B 64ms
61ms Image
image/svg+xml 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/arrow.svg

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a00cc69c2da9de0fd87bcca80ba61eae4b6af5d9ae6a3894a7dff375bd2aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"64b96f3da65e5010374b6561799c5efc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qyrfunOuagEJMeQg4WYfAkRrkVeDl6pxeTP73zbKLeXJ5HlbWIGZFGFz5A8P51od27Dd8wIjWbqswlk9u4Fdyi3AznVSrR9PPDzUST%2B7AQBRt9oJuXba%2BykwacL46kDxoJqzosIPm7qUp97eUS2ynFJ2KQ%2BYOhM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574bfc2d9125-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=8124&min_rtt=5827&rtt_var=2028&sent=78&recv=40&lost=0&retrans=0&sent_bytes=45410&recv_bytes=3328&delivery_rate=4069731&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=309&x=0"
date: Thu, 28 Nov 2024 15:20:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 down-arrow.svg
1win-c-in-hi.pu207ev.com/img/ 199 B
658 B 70ms
68ms Image
image/svg+xml 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/down-arrow.svg

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d546840626ca223ea62f041908b2d0b0c2e00449e429e40a7a1cc3abee19be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"f667c1d880ee3ff9ccf4e9ab671687f7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pFIet0hA5KwP7dZ7An48z9HaYtv4VtNI%2FAxGr%2FA4kxLHSSCWdB%2F1rruUV0Qngp8EPaXy8ALzkjigckh5Upta5q%2Fb6q%2BQekT7BRjM1rtebWyj7SSg6wuaoA%2FM%2ByL5oTQnq%2F0HkeWdUHG%2F7B9ASE920edeiYc7%2Fs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574bfc2f9125-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=8526&min_rtt=5827&rtt_var=2821&sent=81&recv=42&lost=0&retrans=0&sent_bytes=46111&recv_bytes=3328&delivery_rate=4069731&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=317&x=0"
date: Thu, 28 Nov 2024 15:20:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 checkbox.svg
1win-c-in-hi.pu207ev.com/img/ 297 B
770 B 59ms
57ms Image
image/svg+xml 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/checkbox.svg

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62db9f94d0b8b486a06f8d2ceaf553dfa7a291d633497100daae02f27bed323

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"8e2f5f13abb2663dcc219e1457660206"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wE5S65zLihCYjXuK8e5ZJIaXaAoRYvGZoW6K4y8GVBREj5G1RQFpy2enF%2FseSw9zNP2rjJXf6A29jkh82re7AQZRRg4nEDrfgRttZ8tcJz%2FYeRNN4rAbRqYmruDngnjPsUY9raZy9DTf4AR%2BC28QQGhbCsCRXgg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574bfc319125-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=8124&min_rtt=5827&rtt_var=2028&sent=74&recv=38&lost=0&retrans=0&sent_bytes=44574&recv_bytes=3256&delivery_rate=4069731&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=298&x=0"
date: Thu, 28 Nov 2024 15:20:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H3 200 NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3...
fonts.gstatic.com/s/robotoflex/v26/ 57 KB
57 KB 203ms
110ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoflex/v26/NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3e0O-gn5rrZCu20YNau2OPF80A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b8acb10ee4d4fa5282718add726e9ee2cfec819ffbdb8249adc8466256f1ed33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 147983
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 22:13:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 22:13:53 GMT
last-modified: Wed, 28 Feb 2024 18:05:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58112
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 155ms
63ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 180094
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3...
fonts.gstatic.com/s/robotoflex/v26/ 83 KB
83 KB 197ms
104ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

7c979a9dc3a699adb9561b6ecf0d5d4e27b74bea9bdaf01e91259efecbefbcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 149138
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 21:54:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:54:38 GMT
last-modified: Wed, 28 Feb 2024 18:00:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84552
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 129ms
37ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 221851
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 187ms
95ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 84580
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:50:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:50:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 549 KB
218 KB 135ms
44ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

content-encoding: gzip
age: 90528
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 14:11:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 14:11:28 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222835
x-xss-protection: 0
server: sffe

GET
H2 200 india.png
1win-c-in-hi.pu207ev.com/img/country/ 1 KB
2 KB 75ms
35ms Image
image/png 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/country/india.png

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cf-cache-status: MISS
etag: "d8a19eb68791c63572c9bfc16ea175fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FZAsc5V3bGjv7JFWBSLvrqRw1YIxUz%2BNFIdEeEwMwGbEVXYdNoMsbvz9IttTjqM8jzJjS8udie9akDqHWvo5djak0LlXkczdWNWRNrIJFDnzpop9p%2FHzLwVlPXeRnQr%2BokrxL8rjWindOjDgc9%2BvDKkfOyzWA20%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=7083&min_rtt=5827&rtt_var=1598&sent=102&recv=53&lost=0&retrans=0&sent_bytes=64387&recv_bytes=3578&delivery_rate=4069731&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=407&x=0"
date: Thu, 28 Nov 2024 15:20:16 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574c8cb59125-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1063
server: cloudflare

GET
H2 200 hi.png
1win-c-in-hi.pu207ev.com/img/header/lang/ 1 KB
2 KB 66ms
24ms Image
image/png 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-c-in-hi.pu207ev.com/img/header/lang/hi.png

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cf-cache-status: MISS
etag: "d8a19eb68791c63572c9bfc16ea175fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30LpFdzlynUWXoTQE77vchNCHKdN4WHSV5%2B8bPiouGuqv21uk8uOnnNN84agQNIDlXab%2Fwc78Py30ma3tnJj73sa%2BeEYN8X8oD%2BOzJsVgB1hd8nPnjX9WYu6BtF9tRSMIlkHUiEOAPsdBYjdJoH%2F4ft2bpM4IJg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=7083&min_rtt=5827&rtt_var=1598&sent=99&recv=53&lost=0&retrans=0&sent_bytes=62765&recv_bytes=3578&delivery_rate=4069731&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=398&x=0"
date: Thu, 28 Nov 2024 15:20:16 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574c8cb69125-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1063
server: cloudflare

GET
H2 200 icomoon.ttf
1win-c-in-hi.pu207ev.com/fonts/src/icon-fonts/ 7 KB
4 KB 93ms
57ms Font
font/ttf 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-in-hi.pu207ev.com/fonts/src/icon-fonts/icomoon.ttf

Requested by

Host: 1win-c-in-hi.pu207ev.com
URL: https://1win-c-in-hi.pu207ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://1win-c-in-hi.pu207ev.com/main.css

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"0ccca3332ef19e77300d721a51280b31"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVoWTcP8z2kWonjYCiJY9xEi5elNKvVm56GGztoJ2I%2FwxG2z3lzMuzvViURCs2lERImUgyGdzp9IXw3TS2Wx418lNQvVtiJpxOoQWQcyrBbA6W%2FGSityupz4nCIYu06ojEofZwCgeXzFlo5g8kNY3KJavK0iI10%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b574cbce59125-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=7484&min_rtt=5827&rtt_var=1567&sent=105&recv=55&lost=0&retrans=0&sent_bytes=66036&recv_bytes=3578&delivery_rate=4069731&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=426&x=0"
date: Thu, 28 Nov 2024 15:20:16 GMT
content-type: font/ttf
vary: Accept-Encoding
server: cloudflare

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 1461 0
0 132ms
54ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly8xd2luLWMtaW4taGkucHUyMDdldi5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=cethfsteaioc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ax--AfxQx41z1KQMI581PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1win-c-in-hi.pu207ev.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ax--AfxQx41z1KQMI581PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 15:20:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 303 KB
103 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a1ecdb2245d3f2eafefbba0c8973802be59e862f9f76e2b4dabf8b17c147013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 28 Nov 2024 15:20:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:20:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105580
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

7 KB
3 KB

27ms
21ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
age: 1947973
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 15:20:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JBZM06NK2TFC276D1TEPBJB2-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e9b575748cfdbb3-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@4.2.4/dist/web-vitals.iife.js
content-encoding: br
cf-cache-status: HIT
age: 105
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e9b57565eb1dbb3-FRA
access-control-allow-origin: *
date: Thu, 28 Nov 2024 15:20:17 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JDSNMCAZAVB85VYJH0BS53H6-fra
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 145ms
34ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001z89181226602za200zb9181226602&_p=1732807215859&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2124083624.1732807218&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dr=&sid=1732807217&sct=1&seg=0&dl=https%3A%2F%2F1win-c-in-hi.pu207ev.com%2F&dt=%E2%82%B94%2C50%2C000%20%2B%20250%20FS&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A20%3A17&up.is_exist_player=false&up.language_site=&up.platform=desktop&up.screen_resolution=1600x1200&up.is_incognito=false&tfd=1851
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://1win-c-in-hi.pu207ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:20:17 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 121ms
33ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001z89181226602za200zb9181226602&_p=1732807215859&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2124083624.1732807218&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dr=&sid=1732807217&sct=1&seg=0&dl=https%3A%2F%2F1win-c-in-hi.pu207ev.com%2F&dt=%E2%82%B94%2C50%2C000%20%2B%20250%20FS&en=registration&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A20%3A16&ep.event_category=registration&ep.category=registration&ep.type=short&ep.mode=phone&ep.event_action=view&_et=6&tfd=1871
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://1win-c-in-hi.pu207ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:20:17 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 108ms
33ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001za200zb9181226602&_p=1732807215859&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2124083624.1732807218&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&dr=&sid=1732807217&sct=1&seg=0&dl=https%3A%2F%2F1win-c-in-hi.pu207ev.com%2F&dt=%E2%82%B94%2C50%2C000%20%2B%20250%20FS&en=scroll&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-28%2016%3A20%3A17&epn.percent_scrolled=90&_et=1&tfd=1886
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://1win-c-in-hi.pu207ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:20:17 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 favicon-32x32.png
1win-c-in-hi.pu207ev.com/img/favicon/ 2 KB
2 KB 55ms
48ms Other
image/png 2606:4700:20::ac43:442a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-c-in-hi.pu207ev.com/img/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:442a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cf-cache-status: MISS
etag: "ab1156a8eb2af8e913fe675d02676f04"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LAWBkhBdk0RZkD3xL9SMJQ26r83DMaqVV2rxvvH7%2BT%2FVYgbgNOkecuSm4ZA6tv0HiQPBRjwU2T3X%2Fydk6uJvZrzzIWB1Wcby6aUJ%2BnDsNkofWJTeJ35rLkI2jLP4mXYZ%2BL5VuOnY7a8678LGdfVEHf9dnrdfys%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=8163&min_rtt=5827&rtt_var=2532&sent=112&recv=57&lost=0&retrans=0&sent_bytes=70615&recv_bytes=3769&delivery_rate=4069731&cwnd=257&unsent_bytes=0&cid=0e312cf0a560485f&ts=1916&x=0"
date: Thu, 28 Nov 2024 15:20:17 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9b57560d1f9125-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1671
server: cloudflare

POST
H2 200 p Show response
f.pudaf.com/ 137 B
1 KB 33ms
30ms Fetch
application/json 65.9.66.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Requested by: Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-14.fra56.r.cloudfront.net
Software: /
Resource Hash: f060fa1d41741f41dfb801fdf76e19714321bd704af64f0badcb6edd1d6d40b1

Request headers

ak: vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer: https://1win-c-in-hi.pu207ev.com/
x-ctr: HKIKwbBvk_vA80T8kOB0Tg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/html, text/plain
ri: ff7541934f5c446fbe699f642838e36a
Content-Type: application/octet-stream
si: b6dd6b15bda14d5e8fb72916c3d5e657

Response headers

access-control-max-age: 43200
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
etag: 67488a3174c45fc69b182e5c
accept-ch: sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id: fe62d5bc0b29372ce46ef1dbb81481ff
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 137
x-amz-cf-id: zRjMBPt-QQl-gta2RuhETCBDvBCuAsw1b3RMuQ_HSC7pw7ZfF5cKYw==
date: Thu, 28 Nov 2024 15:20:17 GMT
content-type: application/json
last-modified: Thu, 28 Nov 2024 15:18:37 GMT
x-amz-cf-pop: FRA56-C1

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 181ms
73ms Fetch
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

content-encoding: br
etag: 5090715927824983798
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 15:20:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 28 Nov 2024 15:20:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53314
x-xss-protection: 0
server: cafe

OPTIONS
H2 204 p
f.pudaf.com/ Frame 0
0 70ms
13ms Preflight 65.9.66.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-14.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ak,content-type,ri,si,x-ctr
Access-Control-Request-Method: POST
Origin: https://1win-c-in-hi.pu207ev.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type,if-none-match,x-ctr,ak,si,ui,ri
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
access-control-max-age: 43200
date: Thu, 28 Nov 2024 15:20:17 GMT
vary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
x-amz-cf-id: xuzF2oSC4UOH5DxSIE_7-U-DvZez2ZxNwOKC50M12p5L54azzCvkmw==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 19 KB
19 KB 57ms
54ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 113961
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 07:40:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 07:40:56 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19780
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 55ms
52ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 116988
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 06:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 06:50:29 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12456
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 7 KB
7 KB 65ms
63ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b73c1098eed65e61418b5f54ba17ba07a9760a9b9d93f188833b3874cfda5ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1win-c-in-hi.pu207ev.com
Referer: https://fonts.googleapis.com/

Response headers

age: 83835
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 16:03:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 16:03:02 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7096
x-xss-protection: 0
server: sffe

POST
H2 200 p Show response
f.pudaf.com/ 137 B
1 KB 27ms
19ms Fetch
application/json 65.9.66.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Requested by: Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-14.fra56.r.cloudfront.net
Software: /
Resource Hash: f060fa1d41741f41dfb801fdf76e19714321bd704af64f0badcb6edd1d6d40b1

Request headers

ak: vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer: https://1win-c-in-hi.pu207ev.com/
x-ctr: ZfCkfJi48fHJHvYLz7ZNQg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/html, text/plain
ri: ff7541934f5c446fbe699f642838e36a
Content-Type: application/octet-stream
si: b6dd6b15bda14d5e8fb72916c3d5e657

Response headers

access-control-max-age: 43200
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
etag: 67488a33ba7cfcdd3ce4e7f2
accept-ch: sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id: 843f66a474c09c48fc3d8197c4a12312
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 137
x-amz-cf-id: fSbpQrtkXWJMDEJ1eHyZ0NCgBdj4MXDbyXEeyNxr4fyFYWwOkZqdxA==
date: Thu, 28 Nov 2024 15:20:19 GMT
content-type: application/json
last-modified: Thu, 28 Nov 2024 15:18:39 GMT
x-amz-cf-pop: FRA56-C1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 21ms
19ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4bk0v893553001z89181226602za200zb9181226602&_p=1732807215859&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2124083624.1732807218&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dr=&sid=1732807217&sct=1&seg=0&dl=https%3A%2F%2F1win-c-in-hi.pu207ev.com%2F&dt=%E2%82%B94%2C50%2C000%20%2B%20250%20FS&_s=4&tfd=6887
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4bk0v9181226602za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://1win-c-in-hi.pu207ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://1win-c-in-hi.pu207ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 15:20:22 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pu207ev.com/	1970-01-21 01:20:09	Name: __cf_bm Value: YIxDFjQzy8xZ_Vry.G266GVsxuFusUEsmk.A11HWiMU-1732807215-1.0.1.1-EIvFfqpkcNWlgxX3PMvxfLt224mOIPzg7c4VS0ZkYd.W9bSVuVPEb59QmKUab.bFT44OhV8OerWnW4sxCA5UnA
1win-c-in-hi.pu207ev.com/	1970-01-21 05:39:19	Name: ga-x3sdiid0 Value: cNTU2NWNkYzE2OTcyYjhmZTQ1NGExZGViMTZiZDZkYj
.pu207ev.com/	1970-01-21 10:56:07	Name: _ga Value: GA1.1.2124083624.1732807218
.pu207ev.com/	1970-01-21 10:56:07	Name: _ga_FSDW78HQ4L Value: GS1.1.1732807217.1.0.1732807217.0.0.0
1win-c-in-hi.pu207ev.com/	1970-01-21 05:39:19	Name: ga-d98gkkii Value: 67448e03ef60ac99d7ab55f1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://1win-c-in-hi.pu207ev.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://1win-c-in-hi.pu207ev.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A030D0125C340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://1win-c-in-hi.pu207ev.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A020A3065C340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://1win-c-in-hi.pu207ev.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A090D0125C340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://1win-c-in-hi.pu207ev.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A090D0125C340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-c-in-hi.pu207ev.com
f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
pagead2.googlesyndication.com
region1.google-analytics.com
unpkg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.185.131
142.250.185.67
172.217.18.2
172.217.18.4
2001:4860:4802:32::36
2606:4700:20::ac43:442a
2606:4700::6811:f8cb
2a00:1450:4001:800::200a
2a00:1450:4001:81c::2008
3.69.69.101
65.9.66.14
0e0647a91c8cb9550b6fd282f58f581b6849f2af0d544748717c8fe79bbbae5a
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
2087e8cfd339b01309cb96af7e11eef05444c793cf1b768d30a076826c1f501e
2605c063257beca9b2bfba501c645a3b32eb15e364859ad01b935cc286aea016
2799a4af3a0ac139f661132aec2c94ade60ed0fe097bb6f4ba42da9cd1580152
3a1ecdb2245d3f2eafefbba0c8973802be59e862f9f76e2b4dabf8b17c147013
42c96e6cc271262f86a2f2c172d248a69e8a121c82f2465529a506d2e8fe352e
54a00cc69c2da9de0fd87bcca80ba61eae4b6af5d9ae6a3894a7dff375bd2aca
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6a38232f525d6dd825bf22acb0cea17d5b640cefc781cc8132c752038110bfc7
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
71d546840626ca223ea62f041908b2d0b0c2e00449e429e40a7a1cc3abee19be
7c979a9dc3a699adb9561b6ecf0d5d4e27b74bea9bdaf01e91259efecbefbcc5
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
a445f128d9f8afc66b472ddc266e97b4df636f3e032476cdce5321f3425bcbb9
a6cebc306a12a1d374fe7e16172f7e08d2b47275ccc92ed524ebe5658da956f9
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b62db9f94d0b8b486a06f8d2ceaf553dfa7a291d633497100daae02f27bed323
b73c1098eed65e61418b5f54ba17ba07a9760a9b9d93f188833b3874cfda5ddf
b8acb10ee4d4fa5282718add726e9ee2cfec819ffbdb8249adc8466256f1ed33
bbdbaae09a9fefe1eac886940fb71dc8694145eb2841e5415ec3d67a44401e2e
d5484b5c2479edf6e7200c7498f75772f2d074b89b2c31e2dc12de159f957282
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
f060fa1d41741f41dfb801fdf76e19714321bd704af64f0badcb6edd1d6d40b1
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
ff1d8282a7ade3fafe2ce021d86c8ccf9ad1ce6852bfe35d7064f16ed8be9f8d

1win-c-in-hi.pu207ev.com Open in urlscan Pro 2606:4700:20::ac43:442a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

97 %HTTPS

45 %IPv6

9 Domains

11 Subdomains

11 IPs

2 Countries

784 kBTransfer

1765 kBSize

5 Cookies

1 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1win-c-in-hi.pu207ev.com Open in urlscan Pro
2606:4700:20::ac43:442a Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

97 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

784 kB
Transfer

1765 kB
Size

5
Cookies

38 HTTP transactions
0 data transactions