youwin1-tr.pu263ev.com Open in urlscan Pro
2606:4700:20::681a:e85  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response youwin1-tr.pu263ev.com/	14 KB 5 KB	91ms 42ms	Document text/html	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu263ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8131a9a9e13ec67739bb1fa956b789dc2121baf56830812b9cb6c4f733026cb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 89431a908fb75d50-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 15 Jun 2024 14:03:28 GMT last-modified Wed, 05 Jun 2024 13:32:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J5Ah%2FlNfgTQrMuv8TPCTZcgcZ%2F6kuMl%2FuO1nZD4f%2BU3f5uahs7ovbZQqr%2FZEj7UB5d018HTH6358LgWP%2BbTkSKJ%2F0RY1vNnmB5k2j6jIgrVyyL7lPZtCaz%2BpiVeoUoqxPchRYguzbGgsZURWIUH3JDSW8So%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	44ms 19ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7a4b1c6f0ce3526d6a59c39e77de7a6b2d8a46c20ae0ccf57a9d31165162ae72 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 15 Jun 2024 14:03:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 15 Jun 2024 14:03:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 15 Jun 2024 14:03:28 GMT
GET H2	200	main.css youwin1-tr.pu263ev.com/	20 KB 4 KB	42ms 41ms	Stylesheet text/css	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu263ev.com/main.css Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 275750aeb8aba27e5aba1410c365e72d446436e9a9e87353d6c9632b7d1599ed Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT content-encoding br cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"666068e4-4f14" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJf6pmVHRSLDqzpxAc7H3qVyT1CNfC8n0af1SvjJbrDYz%2F1vTmYEvmIDW8mMU6tmgdBabnET4P0TJWMSRqNasDlF2hQYT3b2bF%2F323pxhLAarHR1OhosqEnLmHUgqNLOFOp1p4oL8fTMZX1NUw3o5RCfxKw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 89431a90e8295d50-FRA
GET H3	200	enterprise.js Show response www.google.com/recaptcha/	2 KB 1014 B	34ms 17ms	Script text/javascript	142.250.185.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50 Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f4.1e100.net Software GSE / Resource Hash 0bbf12037bbda0a0bb652f4eba808536b6f569c66007194b60983ded102ce0c3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sat, 15 Jun 2024 14:03:28 GMT
GET H2	200	bundle.js Show response youwin1-tr.pu263ev.com/	78 KB 19 KB	51ms 50ms	Script application/javascript	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu263ev.com/bundle.js Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41497f7041994db418b3a9b4b0ec3adeb72100686a1ec920891fdb19483c0cb1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT content-encoding br cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"666068dc-13733" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nmzjL2Jx6bARX0JM8GpGPWGH4P5Hcdpm3xXPGbphFz0ukcLXt7jaTGOIRm%2BsSeinkhdz%2BnDb64PSso8Wfukep0WFicQ4gm3x1IAEYGqiPT69jpRt%2BHHzG7LIieXQMWZybXX%2BJn9vhBL2V%2BemhzEf8Xw0r20%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400 cf-ray 89431a90e82d5d50-FRA
GET H2	200	fp.js Show response fs.pudaf.com/	213 KB 65 KB	52ms 18ms	Script application/javascript	52.29.133.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs.pudaf.com/fp.js Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.29.133.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-133-3.eu-central-1.compute.amazonaws.com Software / Resource Hash 58794423667f7f9efaefb609b6c9b9c719aa91f9cee56ecca6b984626b886cff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Wed, 15 May 2024 12:13:47 GMT etag W/"6644a6fb-3544b" content-type application/javascript
GET H2	200	custom_background.jpg youwin1-tr.pu263ev.com/img/	65 KB 66 KB	78ms 78ms	Image image/jpeg	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu263ev.com/img/custom_background.jpg Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3ef6ed6f09e1a080b6037a3b6a748639eb4253977d4cc4102f3bce964e98be0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/main.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "666068de-104ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTTD9ZrGcRjw8NgwiOZpGGjrnEA2wjCzSBHx7wpob41C8sB4gQR%2Bw00%2BKD2U8FxMCa05M8REC20SDcZm4S6TWRWclVqCsIHwybGj8G7FNplcJjfz3LormFhap7a0hwn8jBbYGsBOXvt5IwB0kZcUJZfrgNE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 89431a91288d5d50-FRA content-length 66794
GET H2	200	custom-header-bg.png youwin1-tr.pu263ev.com/img/	2 KB 3 KB	56ms 55ms	Image image/png	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu263ev.com/img/custom-header-bg.png Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdfa21c0dbd39e174ca71a2e5405789e31bd9f76bdc7a5c2f2a6ab290aca854e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/main.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "666068e4-97b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlu%2FTKe3QpJW7wE6VPI5%2Ftdy%2FhQ0UI83hD6mYcbOzy3JQATD5cfMsoWPmrDvYx7n9a4dqONIHvCXOT7t2bYNt51ydO3o5DD3G1UHl6sefaapikWHu2CxDYrwdWuaKNwtGqk77Tf4fOlbEuyxyNTSDLdN72U%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89431a91288f5d50-FRA content-length 2427
GET H2	200	down-arrow.svg youwin1-tr.pu263ev.com/img/	190 B 485 B	45ms 45ms	Image image/svg+xml	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu263ev.com/img/down-arrow.svg Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 906db27e6a81cfe14c349434553ba892ae9c66433ba128d68ff395cea765210f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/main.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT content-encoding br cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"666068de-be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yi4rGowEIAz2t5a5eEyhqD%2BS1E57hTyRGn25jYQjfNj5OapmmPAxr7Z%2B7o%2FVAeVUZLM9Jn2CUZIjU1UIKKwqCyaEjQWo%2FbvnY%2BD10mHOu6zEtMtJveTsrUCIypqzTs806BGQG8u1ODpbN5MC0RnZkoukcEQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 89431a9128915d50-FRA
GET H2	200	custom_checkbox.svg youwin1-tr.pu263ev.com/img/	367 B 552 B	54ms 54ms	Image image/svg+xml	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu263ev.com/img/custom_checkbox.svg Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf8ff71ac95681775b61e845842fdd33e0657d21c7e6e23e5513c333f5a30b59 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/main.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT content-encoding br cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"666068de-16f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JefQjS1lMN%2BN8gQZ3Drnlhw95VaLn1HVS8%2BQBEFDVnkSWuW%2BqrMyywMcfcjRRs2Ojsbw%2B0BIXkFee%2FYjdD7Ax3TExGZL6u9UWh6oaHeaj8L18CTvvLabWP57OwwephyPGaZomaa%2FOzAnghp8pGIqgFCinPk%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 89431a9128965d50-FRA
GET H2	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	44ms 18ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 18:03:05 GMT x-content-type-options nosniff age 158423 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15752 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 18:03:05 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	41ms 15ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 22:54:18 GMT x-content-type-options nosniff age 227350 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Jun 2025 22:54:18 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	34ms 8ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 05:20:49 GMT x-content-type-options nosniff age 204159 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 05:20:49 GMT
GET H2	200	KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	11 KB 12 KB	47ms 21ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 05:05:38 GMT x-content-type-options nosniff age 205070 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11756 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 05:05:38 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	35ms 10ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 23:19:48 GMT x-content-type-options nosniff age 398620 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 10 Jun 2025 23:19:48 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/	518 KB 206 KB	33ms 8ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 15:18:33 GMT content-encoding gzip x-content-type-options nosniff age 81895 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 210217 x-xss-protection 0 last-modified Mon, 10 Jun 2024 16:44:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Jun 2025 15:18:33 GMT
GET H2	200	turkey.png youwin1-tr.pu263ev.com/img/country/	1 KB 1 KB	39ms 39ms	Image image/png	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu263ev.com/img/country/turkey.png Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "666068e1-4a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dBz3t4ToAdkEWQKc8MFf3VdQ%2B81inBhCAe2Xn9Q%2Fh0Qe93IMoAaeB2aj2JR6SfX3Bdu0zcgkqOCK03I0OcWuetRIDdiZThYa1pOlzLjAgrHyRrsaeh0Cy7Xtknv5y1yHIZloAcjhwLIrYjN8afgWICBQkP4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89431a9148b95d50-FRA content-length 1193
GET H2	200	icomoon.ttf youwin1-tr.pu263ev.com/fonts/src/icon-fonts/	7 KB 7 KB	62ms 61ms	Font application/octet-stream	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu263ev.com/fonts/src/icon-fonts/icomoon.ttf Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/main.css Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:28 GMT cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "666068de-1a54" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrweXZr4WWgS%2BfTsVWPU7zsHhpo0bMWgb5P8ehpRScSu4zjYyrVR6YN45EO5ENfBc3cOW5bgOCRl%2BqYFefb6sdWFcJi8vymcqp42pPGSzjlQ64kXTERwVsol1J7JJqGeNYWb0TPXSDumJIuArqPt13QEgMc%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 89431a9158cc5d50-FRA content-length 6740
OPTIONS H2	204	ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 f.pudaf.com/p/ Frame	0 0	276ms 104ms	Preflight	3.121.84.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-84-39.eu-central-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://youwin1-tr.pu263ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Sat, 15 Jun 2024 14:03:29 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Show response f.pudaf.com/p/	58 B 849 B	27ms 26ms	Fetch application/json	3.121.84.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-84-39.eu-central-1.compute.amazonaws.com Software / Resource Hash e67bbbf06ac680984895e3a295180996906471eb3b84335f805db2cc079e074f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/octet-stream Accept application/json, text/html, text/plain Referer https://youwin1-tr.pu263ev.com/ If-None-Match sec-ch-ua-platform "Win32" Response headers x-trace-id 59bbea91d3b7ccffd714e99268a7de17 date Sat, 15 Jun 2024 14:03:29 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Sat, 15 Jun 2024 14:01:49 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 666d9f31ea48da43716ff661 vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 58
HEAD H3	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	269ms 117ms	Fetch text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51980 x-xss-protection 0 server cafe etag 15605623038300106863 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sat, 15 Jun 2024 14:03:29 GMT
GET H2	200	KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 fonts.gstatic.com/s/roboto/v30/	17 KB 17 KB	86ms 86ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 05:11:33 GMT x-content-type-options nosniff age 204716 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17032 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 05:11:33 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4WxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	7 KB 7 KB	87ms 87ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu263ev.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 02:20:02 GMT x-content-type-options nosniff age 128607 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7112 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Jun 2025 02:20:02 GMT
OPTIONS H2	204	ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 f.pudaf.com/p/ Frame	0 0	76ms 75ms	Preflight	3.121.84.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-84-39.eu-central-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://youwin1-tr.pu263ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Sat, 15 Jun 2024 14:03:29 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Show response f.pudaf.com/p/	58 B 849 B	25ms 25ms	Fetch application/json	3.121.84.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-84-39.eu-central-1.compute.amazonaws.com Software / Resource Hash e67bbbf06ac680984895e3a295180996906471eb3b84335f805db2cc079e074f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/octet-stream Accept application/json, text/html, text/plain Referer https://youwin1-tr.pu263ev.com/ If-None-Match sec-ch-ua-platform "Win32" Response headers x-trace-id 3b6024db6a3f9f8437659d4e085d4f56 date Sat, 15 Jun 2024 14:03:29 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Sat, 15 Jun 2024 14:01:49 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 666d9f31ca7ee9110a0225e1 vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 58
GET H3	200	anchor www.google.com/recaptcha/enterprise/ Frame 9232	0 0	55ms 20ms	Document text/html	142.250.185.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly95b3V3aW4xLXRyLnB1MjYzZXYuY29tOjQ0Mw..&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=3wdalw3mziq9 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Fwo74H2EG2oG-GU3BiU8Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://youwin1-tr.pu263ev.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Fwo74H2EG2oG-GU3BiU8Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 15 Jun 2024 14:03:29 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET BLOB	200 OK	d4d14c52-9860-48a3-bc80-bdd887c73f20 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/d4d14c52-9860-48a3-bc80-bdd887c73f20 Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	99fa3f48-96ad-4791-98ea-5ca6b68e4c13 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/99fa3f48-96ad-4791-98ea-5ca6b68e4c13 Requested by Host: youwin1-tr.pu263ev.com URL: https://youwin1-tr.pu263ev.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET H2	200	favicon-32x32.png youwin1-tr.pu263ev.com/img/favicon/	2 KB 2 KB	47ms 47ms	Other image/png	2606:4700:20::681a:e85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu263ev.com/img/favicon/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://youwin1-tr.pu263ev.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 14:03:29 GMT cf-cache-status MISS last-modified Wed, 05 Jun 2024 13:32:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "666068de-687" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qulv%2B3aCmCY9liWh4y4g%2B7Z5v8N9DX0MOQbSZl9yDsHV%2BIfy4IhVGVT6Har2COJQURB9HrCd%2FU9sF30JzRDkAWaX5PQqeIF%2FYcfYCuBK76bD8HxXCjJowiiJBgpfkRAQUotifoC37tnCfiELqpDWuRLxIIw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89431a961e8d5d50-FRA content-length 1671
GET BLOB	200 OK	86a323cc-77e8-4903-8481-e63439198d14 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/86a323cc-77e8-4903-8481-e63439198d14 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	99ce7b95-35eb-4ff3-acfd-e725a9db590e https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/99ce7b95-35eb-4ff3-acfd-e725a9db590e Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	c6a77f44-a647-4014-8f88-4d9e3256f0a9 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/c6a77f44-a647-4014-8f88-4d9e3256f0a9 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	5253cfc4-038b-49a4-9283-48b7dee5240b https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/5253cfc4-038b-49a4-9283-48b7dee5240b Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	524253af-5af0-4f6a-935b-f3183e56ac18 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/524253af-5af0-4f6a-935b-f3183e56ac18 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	a51a7e73-eaa9-43e0-9c7f-609e56de2862 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/a51a7e73-eaa9-43e0-9c7f-609e56de2862 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	26b8fd4c-888a-4afd-95f1-4c2ba5964ff9 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/26b8fd4c-888a-4afd-95f1-4c2ba5964ff9 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	e0180236-2b26-4dc3-8ef0-f20795e258c2 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/e0180236-2b26-4dc3-8ef0-f20795e258c2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	3ca87e65-27df-4fd7-bd96-e343b2372401 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/3ca87e65-27df-4fd7-bd96-e343b2372401 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	e4faa0bf-d8dc-409d-a2d1-2512f803644a https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/e4faa0bf-d8dc-409d-a2d1-2512f803644a Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
GET BLOB	200 OK	f7870dce-6d98-4a16-a77e-00105b2c8a31 https://youwin1-tr.pu263ev.com/	392 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu263ev.com/f7870dce-6d98-4a16-a77e-00105b2c8a31 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 392 Content-Type application/javascript
OPTIONS H2	204	ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 f.pudaf.com/p/ Frame	0 0	10ms 10ms	Preflight	3.121.84.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-84-39.eu-central-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://youwin1-tr.pu263ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Sat, 15 Jun 2024 14:03:31 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Show response f.pudaf.com/p/	58 B 849 B	18ms 18ms	Fetch application/json	3.121.84.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ce3a47ad-de23-4dd8-8e4a-c7e2c4bc6ba9 Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-84-39.eu-central-1.compute.amazonaws.com Software / Resource Hash e67bbbf06ac680984895e3a295180996906471eb3b84335f805db2cc079e074f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/octet-stream Accept application/json, text/html, text/plain Referer https://youwin1-tr.pu263ev.com/ If-None-Match sec-ch-ua-platform "Win32" Response headers x-trace-id 428cc33f20217e7ba3187f18920a0639 date Sat, 15 Jun 2024 14:03:31 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Sat, 15 Jun 2024 14:01:51 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 666d9f330cf044e92b67db4a vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 58

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| landingConfig string| afto function| aft object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| phonePattern object| links object| pageState object| formNotif string| afti function| aftUUID function| aftSID function| aftUID function| aftGenSID object| recaptcha object| closure_lm_994113 string| _D9tysGh2

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pu263ev.com/	1970-01-20 21:21:02	Name: __cf_bm Value: Go86gumMScHK.sR7DwFv8lKFYrPQj0IU4i_yL4wvKow-1718460208-1.0.1.1-PN1GjMilyfMYR5lcvnwpEfxHzV9McqVKqqW1wdlxWynw.mGo87l8tOUolxCluqSlQ.IiDN1MXi4u.GiZ7yzfzA
			youwin1-tr.pu263ev.com/	1970-01-21 01:40:12	Name: ga-x3sdiid0 Value: E5YmM2YmM0MmdlYzEtNGhlLTQ4ZG00MyUyZGQtYWQ3YTUzY2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://youwin1-tr.pu263ev.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://fs.pudaf.com/fp.js(Line 39) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
pagead2.googlesyndication.com
www.google.com
www.gstatic.com
youwin1-tr.pu263ev.com
142.250.185.164
142.250.186.34
2606:4700:20::681a:e85
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:81d::2003
3.121.84.39
52.29.133.3
0bbf12037bbda0a0bb652f4eba808536b6f569c66007194b60983ded102ce0c3
16c0a38d0e2cbbc72f1d1dab655c1d75cf95a45361e4e3d896b3251d273f9913
275750aeb8aba27e5aba1410c365e72d446436e9a9e87353d6c9632b7d1599ed
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
41497f7041994db418b3a9b4b0ec3adeb72100686a1ec920891fdb19483c0cb1
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
58794423667f7f9efaefb609b6c9b9c719aa91f9cee56ecca6b984626b886cff
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
7a4b1c6f0ce3526d6a59c39e77de7a6b2d8a46c20ae0ccf57a9d31165162ae72
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
906db27e6a81cfe14c349434553ba892ae9c66433ba128d68ff395cea765210f
9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bdfa21c0dbd39e174ca71a2e5405789e31bd9f76bdc7a5c2f2a6ab290aca854e
c3ef6ed6f09e1a080b6037a3b6a748639eb4253977d4cc4102f3bce964e98be0
cf8ff71ac95681775b61e845842fdd33e0657d21c7e6e23e5513c333f5a30b59
d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578
daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0
e67bbbf06ac680984895e3a295180996906471eb3b84335f805db2cc079e074f
e8131a9a9e13ec67739bb1fa956b789dc2121baf56830812b9cb6c4f733026cb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615