youwin1-tr.pu682ev.com Open in urlscan Pro
2606:4700:20::ac43:4597  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response youwin1-tr.pu682ev.com/	18 KB 5 KB	353ms 256ms	Document text/html	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu682ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d75026d2a9776ff374a6d8d79bf87f14c025c0d75b7f7a3b64b1e46dd6799128 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 84932e11fc404bbb-BUF content-encoding br content-type text/html date Sun, 21 Jan 2024 23:01:35 GMT last-modified Wed, 13 Dec 2023 15:31:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gg7a4Mo%2FkzCkIQYL5sf4w3JHeL4m1bDkIiEvYUnjAfZDr455Xm68J2zuHa3EFHqFuSLK9u6dzDf2SL8xxjFLbiBLVnwWETvVjyCEzcHgyBjL%2B6pxd5wCzGJcX9ievTutMlMnXe8LHKfhCqpY54lomnKDjDM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	115ms 36ms	Stylesheet text/css	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 50c7048be4a2ec1b33e5a933d87d0838c775881215d1d8e1f05d25062a1b35bd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 21 Jan 2024 23:01:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 21 Jan 2024 23:01:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 21 Jan 2024 23:01:36 GMT
GET H2	200	main.css youwin1-tr.pu682ev.com/	20 KB 4 KB	268ms 266ms	Stylesheet text/css	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu682ev.com/main.css Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 275750aeb8aba27e5aba1410c365e72d446436e9a9e87353d6c9632b7d1599ed Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:31:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579ce41-4f14" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK0VD%2Fq4EwWRpHzrhdyiC2U4YiSPZhmL0dD219X1ka%2BuXDZYNhYcuWmqUJiTPs3fLuyauYW5zNnqyB%2BjHEWHQzYX5kgt6bCMOyNVCNziNBhnqLenftZ41O264j0yVKw1iyGCKNyeM2g0ZGzqZ5sJVtlIDEw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 84932e13bddd4bbb-BUF
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	1 KB 1 KB	112ms 50ms	Script text/javascript	2607:f8b0:4006:823::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50 Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ee485098c901da930fd85e271945c18ad37e892f560cf281c76aa9e2455aba12 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sun, 21 Jan 2024 23:01:36 GMT
GET H2	200	bundle.js Show response youwin1-tr.pu682ev.com/	77 KB 19 KB	371ms 369ms	Script application/javascript	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu682ev.com/bundle.js Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d65c13c6cc536a884c136555082a1cb3db39eaced1d00cdbb0063f64e85a6ac6 Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:31:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579ce38-135d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CROYgMtdb9FaojV8jJxsbYfwv%2FlTKU0Fkbp9CEs0SOKsH9nS3Q3zW%2BqpPel07eyjdOP7RmZk25qLmjrSRCRfjPo2XQTK7sUe%2By4oItmBKt2psLuIpwNlHaoa%2FSKiOy9tN%2Bh%2Bcl9ejRn2pNSgbaLO8b8rmI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 84932e13bde14bbb-BUF
GET H2	200	fp.js Show response fs.pudaf.com/	395 KB 73 KB	550ms 208ms	Script application/javascript	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs.pudaf.com/fp.js Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash eb320210e7191910d10b848c43646b60ebdbfd13f75cecb769f97252859a37f1 Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT content-encoding gzip last-modified Thu, 18 Jan 2024 11:42:48 GMT etag W/"65a90eb8-62c30" content-type application/javascript
GET H2	200	custom_background.jpg youwin1-tr.pu682ev.com/img/	65 KB 66 KB	364ms 359ms	Image image/jpeg	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu682ev.com/img/custom_background.jpg Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3ef6ed6f09e1a080b6037a3b6a748639eb4253977d4cc4102f3bce964e98be0 Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:31:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579ce3b-104ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRqUECj%2BjWow2vBECZTMgdD6d4hMDtwPk%2FF7NmHk03ZLeK5QZBLOIQXF%2FqVfORi4779CLy4JogQePgMtm0X21KcpHzv3co6P8WYFy2kIST9T4rg7cMraMo%2BeIPz%2FxR5CNEIPl6J8vSVe1cs85Rb8H67wIfs%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 84932e156f4e4bbb-BUF
GET H2	200	custom-header-bg.png youwin1-tr.pu682ev.com/img/	2 KB 3 KB	257ms 253ms	Image image/png	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu682ev.com/img/custom-header-bg.png Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdfa21c0dbd39e174ca71a2e5405789e31bd9f76bdc7a5c2f2a6ab290aca854e Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:31:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579ce41-97b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ND14OQrDm1L71thQ%2FXGF0Ah%2FHWZjBIK%2Bxtw%2BLreB81SSrHccWvxx4vGb31D2iX8viheAIFeSWxNo8wyvFsSdUcwsubdmD7x6mgVlfm%2BmtrDXhs8yke3jMpMMDOeelerg4Mi%2F3CmuF2jC1gZTphEmP9PQBqM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 84932e156f514bbb-BUF
GET H2	200	down-arrow.svg youwin1-tr.pu682ev.com/img/	190 B 486 B	252ms 249ms	Image image/svg+xml	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu682ev.com/img/down-arrow.svg Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 906db27e6a81cfe14c349434553ba892ae9c66433ba128d68ff395cea765210f Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:31:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579ce3b-be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7RJWvEIn6oCnrXJme%2BIkm%2FaRQLwW2fKJJ1rtBCGHWWJ3Baom8oeUPY3eaXsAQwGGRs%2BL5FRyPZet50RRF3chEcYGg32LELMFF6hZZKQ%2BtGP4xiIfNyv0pshVVw%2BXB9xIw65h0n%2BAZrIqh5F18GzUufU1YA%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 84932e156f524bbb-BUF
GET H2	200	custom_checkbox.svg youwin1-tr.pu682ev.com/img/	367 B 549 B	257ms 255ms	Image image/svg+xml	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu682ev.com/img/custom_checkbox.svg Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf8ff71ac95681775b61e845842fdd33e0657d21c7e6e23e5513c333f5a30b59 Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:31:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579ce3b-16f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4Ry3ny7DnFci%2Flx6ZQw5QkB%2B01xJ%2B3MmfEbH1wKP2jdxWtbXslBDzKI%2FVDRQ3F41LFkbCgy62LWja30a34RbI9bJjZSiQwvsUsKfOll42KsnDLbo6eHpa0Hwuf6DoPpv3ZFS65pImBCPp3vXvrJnEJk%2FdA%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 84932e156f534bbb-BUF
GET H2	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	147ms 45ms	Font font/woff2	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu682ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 19 Jan 2024 13:21:43 GMT x-content-type-options nosniff age 207593 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15752 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Jan 2025 13:21:43 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	119ms 19ms	Font font/woff2	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu682ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 19 Jan 2024 13:17:07 GMT x-content-type-options nosniff age 207869 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Jan 2025 13:17:07 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	125ms 25ms	Font font/woff2	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu682ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 19 Jan 2024 13:24:38 GMT x-content-type-options nosniff age 207418 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Jan 2025 13:24:38 GMT
GET H2	200	KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	11 KB 12 KB	148ms 53ms	Font font/woff2	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu682ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 19 Jan 2024 13:23:08 GMT x-content-type-options nosniff age 207508 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11756 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Jan 2025 13:23:08 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	128ms 59ms	Font font/woff2	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,900;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://youwin1-tr.pu682ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 19 Jan 2024 13:32:00 GMT x-content-type-options nosniff age 206976 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Jan 2025 13:32:00 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/	503 KB 202 KB	95ms 24ms	Script text/javascript	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://youwin1-tr.pu682ev.com/ Origin https://youwin1-tr.pu682ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 03:33:21 GMT content-encoding gzip x-content-type-options nosniff age 70095 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206076 x-xss-protection 0 last-modified Mon, 08 Jan 2024 05:00:33 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 20 Jan 2025 03:33:21 GMT
GET H2	200	turkey.png youwin1-tr.pu682ev.com/img/country/	1 KB 2 KB	260ms 254ms	Image image/png	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youwin1-tr.pu682ev.com/img/country/turkey.png Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370 Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:31:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579ce3e-4a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFlCOe7FTe7YLtNfZ7UzO490C81l8pKB2h%2FgPzHt9m0ts6eU7RysBapv%2F2ndvUvMLq840fYD9oEQ1eCuoKgjhT2dmrSovoHuRFJszOglsXLw2VnkSAtINg%2BM6kw5mmQMTVfpjtbSxblVGay8vVcau4Hk63Y%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 84932e162fe74bbb-BUF
GET H2	200	icomoon.ttf youwin1-tr.pu682ev.com/fonts/src/icon-fonts/	7 KB 7 KB	147ms 143ms	Font application/octet-stream	2606:4700:20::ac43:4597 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youwin1-tr.pu682ev.com/fonts/src/icon-fonts/icomoon.ttf Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f Request headers Referer https://youwin1-tr.pu682ev.com/main.css Origin https://youwin1-tr.pu682ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:36 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:31:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6579ce3a-1a54" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yYw7EEAgy6VYnxJeQPdTsmZ4tJoqOD7zdxgnNNd073y1ZbOSBFK1JlpP5wGc6zs5KDMIQ5xi6Jh0fMhL83UJTOSA9GiCPKoOZpvFr3%2B%2BWYurKi6HM8jnzu1JOAg5ZjjgBUCfGMFsmq%2B5DElxNmfQS%2Bql50%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 84932e162fe84bbb-BUF content-length 6740
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame 30E1	7 KB 1 KB	51ms 45ms	Document text/html	2607:f8b0:4006:823::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly95b3V3aW4xLXRyLnB1NjgyZXYuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=t9r6fr8ogptj Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e3afea31fc837f6b4db30bbb5f02e5d44ff8678271f414191dfab4c3ce822fd9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-YOSdsxIqz9zqXadPFeTrgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://youwin1-tr.pu682ev.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-YOSdsxIqz9zqXadPFeTrgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 23:01:36 GMT expires Sun, 21 Jan 2024 23:01:36 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 30E1	55 KB 24 KB	78ms 24ms	Stylesheet text/css	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly95b3V3aW4xLXRyLnB1NjgyZXYuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=t9r6fr8ogptj Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 20:52:44 GMT content-encoding gzip x-content-type-options nosniff age 7733 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 08 Jan 2024 05:00:33 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 20 Jan 2025 20:52:44 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 30E1	503 KB 201 KB	91ms 38ms	Script text/javascript	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly95b3V3aW4xLXRyLnB1NjgyZXYuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=t9r6fr8ogptj Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 03:33:21 GMT content-encoding gzip x-content-type-options nosniff age 70096 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206076 x-xss-protection 0 last-modified Mon, 08 Jan 2024 05:00:33 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 20 Jan 2025 03:33:21 GMT
OPTIONS H2	204	930aabbf-63d6-43c0-b28a-c37c6c55531a f.pudaf.com/p/ Frame	0 0	371ms 118ms	Preflight	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/930aabbf-63d6-43c0-b28a-c37c6c55531a?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=930aabbf-63d6-43c0-b28a-c37c6c55531a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://youwin1-tr.pu682ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Sun, 21 Jan 2024 23:01:38 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	930aabbf-63d6-43c0-b28a-c37c6c55531a Show response f.pudaf.com/p/	21 B 732 B	128ms 115ms	Fetch application/json	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/930aabbf-63d6-43c0-b28a-c37c6c55531a?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=930aabbf-63d6-43c0-b28a-c37c6c55531a Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash 4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60 Request headers Accept application/json, text/html, text/plain Referer https://youwin1-tr.pu682ev.com/ If-None-Match accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/octet-stream Response headers date Sun, 21 Jan 2024 23:01:38 GMT last-modified Sun, 21 Jan 2024 22:59:58 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 65ada25272ee6c797558079b vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 21
HEAD H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	676ms 54ms	Fetch text/javascript	2607:f8b0:4006:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://youwin1-tr.pu682ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 23:01:38 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51068 x-xss-protection 0 server cafe etag 3190142352405400203 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sun, 21 Jan 2024 23:01:38 GMT
GET BLOB	200 OK	0b3ca48b-4a26-4b1c-a893-d70a062287f5 https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/0b3ca48b-4a26-4b1c-a893-d70a062287f5 Requested by Host: youwin1-tr.pu682ev.com URL: https://youwin1-tr.pu682ev.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 30E1	2 KB 2 KB	26ms 25ms	Image image/png	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 19 Jan 2024 13:19:55 GMT x-content-type-options nosniff age 207702 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Fri, 26 Jan 2024 13:19:55 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 30E1	15 KB 15 KB	26ms 24ms	Font font/woff2	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly95b3V3aW4xLXRyLnB1NjgyZXYuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=t9r6fr8ogptj Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 19 Jan 2024 13:13:59 GMT x-content-type-options nosniff age 208058 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Jan 2025 13:13:59 GMT
GET BLOB	200 OK	832aed5d-5d1a-4a98-b99e-ae6700f0c640 https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/832aed5d-5d1a-4a98-b99e-ae6700f0c640 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	f37b491c-2b66-4b5c-b068-9b7f732aa62f https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/f37b491c-2b66-4b5c-b068-9b7f732aa62f Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	2ded2a21-5cf8-4818-a7c9-bf457a974b2e https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/2ded2a21-5cf8-4818-a7c9-bf457a974b2e Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	241ffa36-0f7c-422d-a497-12c0e2b5c476 https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/241ffa36-0f7c-422d-a497-12c0e2b5c476 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	dc139773-9dd6-46e3-a6c5-ba0ba29e9bca https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/dc139773-9dd6-46e3-a6c5-ba0ba29e9bca Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	a7feba6b-7a6a-48a9-b860-00c84bb73105 https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/a7feba6b-7a6a-48a9-b860-00c84bb73105 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	75893f9b-5833-49a3-9426-b35052ff31e3 https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/75893f9b-5833-49a3-9426-b35052ff31e3 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	3f9fd2e7-43c4-4802-af66-e1787d25782a https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/3f9fd2e7-43c4-4802-af66-e1787d25782a Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	b9905959-4d5a-4f3d-968c-4bae482e6648 https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/b9905959-4d5a-4f3d-968c-4bae482e6648 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	10cd7a3a-863b-4f60-b08b-bb4ee2bc0fec https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/10cd7a3a-863b-4f60-b08b-bb4ee2bc0fec Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	5a3abd09-0c41-4096-b36c-542c4667c8ab https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/5a3abd09-0c41-4096-b36c-542c4667c8ab Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	6948346f-f3bb-42c3-8f10-866d83c46e11 https://youwin1-tr.pu682ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://youwin1-tr.pu682ev.com/6948346f-f3bb-42c3-8f10-866d83c46e11 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
POST H2	200	930aabbf-63d6-43c0-b28a-c37c6c55531a Show response f.pudaf.com/p/	21 B 732 B	122ms 121ms	Fetch application/json	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/930aabbf-63d6-43c0-b28a-c37c6c55531a?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=930aabbf-63d6-43c0-b28a-c37c6c55531a Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash 4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60 Request headers Accept application/json, text/html, text/plain Referer https://youwin1-tr.pu682ev.com/ If-None-Match accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/octet-stream Response headers date Sun, 21 Jan 2024 23:01:40 GMT last-modified Sun, 21 Jan 2024 23:00:00 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 65ada254ce6f8f0a45500008 vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 21
OPTIONS H2	204	930aabbf-63d6-43c0-b28a-c37c6c55531a f.pudaf.com/p/ Frame	0 0	134ms 113ms	Preflight	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/930aabbf-63d6-43c0-b28a-c37c6c55531a?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=930aabbf-63d6-43c0-b28a-c37c6c55531a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://youwin1-tr.pu682ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Sun, 21 Jan 2024 23:01:40 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| landingConfig string| afto function| aft object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| phonePattern object| links object| pageState object| formNotif object| recaptcha object| closure_lm_483322 string| afti function| aftUUID function| aftSID function| aftUID function| aftGenSID

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pu682ev.com/	1970-01-20 17:51:19	Name: __cf_bm Value: FMi7scmhcJWJOX6_8m56pwj6vcfQ8ZwdLvjW0cQtJrQ-1705878095-1-AdwtPscQyKLyxnYvrMgZnys2Fqu7SyDfTvnURrUJGrrlaSLGlWphAI8n2LJRSXXXWj1YFCETYFeN+1+Ml7rZhB8=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fs.pudaf.com/fp.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
pagead2.googlesyndication.com
www.google.com
www.gstatic.com
youwin1-tr.pu682ev.com
2606:4700:20::ac43:4597
2607:f8b0:4006:81c::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2004
2607:f8b0:4006:823::200a
52.58.237.32
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
275750aeb8aba27e5aba1410c365e72d446436e9a9e87353d6c9632b7d1599ed
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa
50c7048be4a2ec1b33e5a933d87d0838c775881215d1d8e1f05d25062a1b35bd
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
906db27e6a81cfe14c349434553ba892ae9c66433ba128d68ff395cea765210f
9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bdfa21c0dbd39e174ca71a2e5405789e31bd9f76bdc7a5c2f2a6ab290aca854e
c3ef6ed6f09e1a080b6037a3b6a748639eb4253977d4cc4102f3bce964e98be0
cf8ff71ac95681775b61e845842fdd33e0657d21c7e6e23e5513c333f5a30b59
d65c13c6cc536a884c136555082a1cb3db39eaced1d00cdbb0063f64e85a6ac6
d75026d2a9776ff374a6d8d79bf87f14c025c0d75b7f7a3b64b1e46dd6799128
e3afea31fc837f6b4db30bbb5f02e5d44ff8678271f414191dfab4c3ce822fd9
eb320210e7191910d10b848c43646b60ebdbfd13f75cecb769f97252859a37f1
ee485098c901da930fd85e271945c18ad37e892f560cf281c76aa9e2455aba12
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615