urlscan.io logo urlscan.io
SecurityTrails logo

wheel-crazy-time-tr.pu267ev.com Open in urlscan Pro
2606:4700:20::681a:67f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go-pupromo.com/EKhF64zx?subId1=clickadilla&subId2=%5BCLICK_ID%5D&subId3=clickadilla-push
Effective URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevo...
Submission: On August 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 35 HTTP transactions. The main IP is 2606:4700:20::681a:67f, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheel-crazy-time-tr.pu267ev.com.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time wheel-crazy-time-tr.pu267ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.159.247.247 209242 (CLOUDFLAR...)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.184.228 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 3.64.117.214 16509 (AMAZON-02)
1 18.66.122.11 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.185.159.253 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
35 11
1    185.159.247.247 (São Paulo, Brazil)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
go-pupromo.com
16    2606:4700:20::681a:67f (United States)

ASN13335 (CLOUDFLARENET, US)
wheel-crazy-time-tr.pu267ev.com
2    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    3.64.117.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
fs.pudaf.com
f.pudaf.com
1    18.66.122.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-11.fra60.r.cloudfront.net
js.datadome.co
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.185.159.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-159-253.eu-central-1.compute.amazonaws.com
api-js.datadome.co
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
16 pu267ev.com
wheel-crazy-time-tr.pu267ev.com
1 MB
7 pudaf.com
fs.pudaf.com — Cisco Umbrella Rank: 333230
f.pudaf.com — Cisco Umbrella Rank: 287255
67 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
310 B
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 6926
api-js.datadome.co — Cisco Umbrella Rank: 6331
29 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
173 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
24 B
1 gstatic.com
www.gstatic.com
212 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
870 B
1 go-pupromo.com
go-pupromo.com
681 B
35 10
Domain Requested by
16 wheel-crazy-time-tr.pu267ev.com wheel-crazy-time-tr.pu267ev.com
6 f.pudaf.com wheel-crazy-time-tr.pu267ev.com
2 region1.google-analytics.com wheel-crazy-time-tr.pu267ev.com
2 www.googletagmanager.com wheel-crazy-time-tr.pu267ev.com
www.googletagmanager.com
2 www.google.com wheel-crazy-time-tr.pu267ev.com
www.gstatic.com
1 pagead2.googlesyndication.com wheel-crazy-time-tr.pu267ev.com
1 api-js.datadome.co js.datadome.co
1 www.gstatic.com www.google.com
1 fonts.googleapis.com wheel-crazy-time-tr.pu267ev.com
1 js.datadome.co wheel-crazy-time-tr.pu267ev.com
1 fs.pudaf.com wheel-crazy-time-tr.pu267ev.com
1 go-pupromo.com 1 redirects
35 12

This site contains links to these domains. Also see Links.

Domain
tdsnext.com
Subject Issuer Validity Valid
pu267ev.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.pinup-antifraud.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.datadome.co
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-10 -
2024-11-09		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Frame ID: 4C7C1052BF466E139FF78A4C36B8666F
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly93aGVlbC1jcmF6eS10aW1lLXRyLnB1MjY3ZXYuY29tOjQ0Mw..&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=vx8tiiwtd6tu
Frame ID: 3FA308FF2051908267B3B73A0E426C64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

150 000 ₺ + 250 fs

Page URL History Show full URLs

  1. https://go-pupromo.com/EKhF64zx?subId1=clickadilla&subId2=%5BCLICK_ID%5D&subId3=clickadilla-push HTTP 302
    https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=cas... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

97 %
HTTPS

45 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

1776 kB
Transfer

2812 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go-pupromo.com/EKhF64zx?subId1=clickadilla&subId2=%5BCLICK_ID%5D&subId3=clickadilla-push HTTP 302
    https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wheel-crazy-time-tr.pu267ev.com/
Redirect Chain
  • https://go-pupromo.com/EKhF64zx?subId1=clickadilla&subId2=%5BCLICK_ID%5D&subId3=clickadilla-push
  • https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-...
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932313c65ee1bffa5ba2771f458af0a25c645dda963b1d74c5e37ece643fa0f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8aef99836b2e9214-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 14:08:33 GMT
last-modified
Mon, 29 Jul 2024 09:11:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dZwdr9aBswU%2FG3Hju2oW8fb%2BfXyhhADRhuvOhFOUHCo4bCQdzcTN%2FGzfldwojAIK9T0473etsh9DhQINPfntxanE9n%2BOT0FTPFa5wCjraXH58U3n6JzF4pJMcGjG0Y5fg0QRUgVeTAVPZ7OXie3mwVOQJxBLLsiiaQ4lYc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8aef99801bc244f8-TXL
content-length
0
date
Tue, 06 Aug 2024 14:08:33 GMT
location
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
main.css
wheel-crazy-time-tr.pu267ev.com/ 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/main.css
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac096aafa62f48129a54bf856fd215d128a3bf8eada7a6bd9181a04fed4fd32

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3459
etag
W/"66a75cbf-9936"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pliPYuatlljgA5vXzVrPyz6Jg7porMjU2ouvcGB0JdchdgTF9w4oO%2Fya2RJ2PQH672blmFHNvvKT1snpdbx3pv7ai5faBWqFVfXsdtyihmi%2FHeyOMvjKFTWtoaPh2L1Z%2F2VIR%2FCcwd%2F2wrsfq5wxuB9DfrYyN16TJHoDTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8aef99843c0d9214-FRA
crazy_time.png
wheel-crazy-time-tr.pu267ev.com/img/logo/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/logo/crazy_time.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1ac4b6407bba720f490d5409d18fa390947443ae4067a5c6c279fdf949f703

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:33 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1375
etag
"66a75cb9-ac04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKB%2FpVILOotkn70dQWBrlriQJMvTV9lNcNeBPboyrJiDlZpnQOR%2BO2YzEI%2FkSP1bIBTNcZgRSbZfQx1k5NWj6TUdw7DctcUxXIDTbiOmx7PQv2Aer%2F1scfttu0ktCF%2FSUdQtjKjH8CNQRzHvp1JGy3tjDYve6jlbjBpWvXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef99843c119214-FRA
content-length
44036
logo_casino.svg
wheel-crazy-time-tr.pu267ev.com/img/logo/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/logo/logo_casino.svg
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9392ee9abc6973a734d747f6e7bdfe28d1dd2594abca0b0df1b92e3d161fd14f

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1375
etag
W/"66a75cb9-1cc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccdBMALkdRb6HpGIAVnBspPCOPfc1YU%2BSs1QRIVgERq7NXTqa%2F4S7iQD32FARDCqm2TMSY8z3hFG8SmS3kRj8zRyTsY78tcqyvqvE3r2lI%2BQx%2Bc1ADKJtTO7VedFllpEQ7wyD2ZD729VI2skN%2Fw5hZr1DRggvGVEc3JpUVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8aef99843c139214-FRA
woman.png
wheel-crazy-time-tr.pu267ev.com/img/decor/ 		412 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/decor/woman.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d504fbebade88990eafbbde18fbe5364c3c25a9784fbdd85c7b09c6c5a20dfd5

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:33 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1375
etag
"66a75cb9-66fdf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kzblvwLk5b9IorpwIBKg4aBGx6q4w64JEnFCFf1x%2BLTN9wgXzDlmcnnH7h%2BEJn2vZo0QM7BGyOjalwFXfeduK3LUwCE2QziGYD4bu3qd6l9n%2BNbVEtp8fY6AQ2gs%2FDrhjK3ROiLNwh4%2B8Jy5Z9vEbA9cekPjjsWQ4VCZ%2B7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef99845c329214-FRA
content-length
421855
coins.png
wheel-crazy-time-tr.pu267ev.com/img/decor/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/decor/coins.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5677c634481977d00497892ebf81a014c261479dfa8106c8c6d400f42dfbd7e4

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:33 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1375
etag
"66a75cb9-251d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oygZUcS6RcOA6rjoJgBGfF8RkS46SyexHCSlWY1VJVceKOtmmpzR31n5Pqu2uWz6NrY8nNMeV7eb5A5MBp5uh1vnEndLGF3xKkyH8Bm8jXjuuoJ8%2FXzo885v3j576d7B%2FkA0julEvn7M9csraUIZnaMcEyp7XyPKXI7%2BQrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef99845c389214-FRA
content-length
152024
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
4a06fffa1c1d971e4d66366e9bf439486cd58d64120286473fc42b79e26609f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 06 Aug 2024 14:08:34 GMT
bundle.js
wheel-crazy-time-tr.pu267ev.com/ 		93 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/bundle.js
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59be4f26ebbd3d217c718297b47ecccba9fe2d944b8d1af45ab234261901c3ac

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1375
etag
W/"66a75cb5-17353"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6C1Owvxmxn%2FMxPIuwo4IaCw9x0Nopf54TSznK1Tg1Kq5p2biysVtmayxhNDCdzi69dmb%2BYc95ii6j1TeySweu4p6STKTNx7nXn0EUVeY2d8nAr5%2F9Ppk0vp2PD6yjkKJ6vUE8bJG5MoYz%2BzqFOXY6fWYxUgemNJ%2FvKywGZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
8aef99845c3b9214-FRA
gtm.js
www.googletagmanager.com/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TZJH477
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24a3f9ee414952329c4b8da6645d49e3d03f358ea10c6c6a4c291334d6b56fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76856
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Aug 2024 14:08:34 GMT
fp.js
fs.pudaf.com/ 		213 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.pudaf.com/fp.js
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.117.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d9cf47784e8afcf57e1b02f42022e6c75227328ad07ff706edadfde8321a0ce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 29 Jul 2024 08:22:55 GMT
etag
W/"66a7515f-35261"
content-type
application/javascript
tags.js
js.datadome.co/ 		157 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-11.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
xwE673c.fkzJ8mdhNbpSFitxZIm0Cv_u
content-encoding
br
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
date
Tue, 06 Aug 2024 13:45:59 GMT
strict-transport-security
max-age=15768000
x-amz-cf-pop
FRA60-P2
age
1356
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 01 Aug 2024 11:41:36 GMT
server
AmazonS3
etag
W/"ee8364483523f4897404c6a35e76d353"
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
max-age=3600, public
x-amz-cf-id
LgJLNUqPs9WcrEN7DSHit8AjInCVfhHNbk3aYu8p6OhpLdO7ONmbxA==
css2
fonts.googleapis.com/ 		1 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rajdhani:wght@700&display=swap
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda44dc7be2e45d359cebdcb2f958d375fda16aef7caf626aa597aa2cea9570a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 14:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 14:08:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 14:08:34 GMT
bg.jpg
wheel-crazy-time-tr.pu267ev.com/img/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/bg.jpg
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fd59bf9d0b3fd3a4040ba7f5a0e0c30bf0b3fd1ebae27b18c5872df9a300cf

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 29 Jul 2024 09:11:21 GMT
server
cloudflare
age
5428
etag
"66a75cb9-3722b"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GK4n2uo990qQBXVEH4W%2BXWCyIZ4rrQoMf5vv8VycaZZBAkClwPg46kcnI1S5dmpomwkjyAtRxnFWbMgZNb9mfcFemxos%2Bk9IbJ%2BPxfEhCSImhxp63icYJTtFF27L49x2W6CVT5XDwAGqDn3tGi638VkOFpJxSaoCi%2BCj0c0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef9985eee59214-FRA
content-length
225835
wheel-center.png
wheel-crazy-time-tr.pu267ev.com/img/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/wheel-center.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0d41ac4c8053b18a6e09c64c7c7b2e65eb43583e34a7b03b26be44c38163c7

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3460
etag
"66a75cb9-4dbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6iePKmy32VKVUlDAKP3p3OLzQ4M3ft2XwfjSHN5Uf1nLlWZdbYehyTUIUy5142DotHuMtGUKczqfYetfqr%2BFLcIgk0iEbk%2B0U2aO9di3CyGx1f03XTVLHz2nQxTfd4lx2BBmL8gsJAraNyFpJZuGOW%2BihKMj1J4H3Blmv9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef9985eee79214-FRA
content-length
19902
wheel-top.png
wheel-crazy-time-tr.pu267ev.com/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/wheel-top.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8989b0ba795953979f81f0b2c3578193b9970d67a17ff6afe34d31a46236569a

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3460
etag
"66a75cb9-d23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mtBfhkdaL9NJQfo9%2BpU8tEWls%2FJL%2Fm7B5U%2FF%2B2T3yzcp7VGhK7FYFk6tAhPzP4BvBW8vqcvAjKL6%2BowNeCKvZbIXlKger0g9pEB77PgUFruuidy39yAr14CmcVFnemnKFQQrCSuOKgvKtuYg3nuUg9EhIqI08TyPgY%2FWkgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef9985eee89214-FRA
content-length
3363
wheel_sprite-tr.png
wheel-crazy-time-tr.pu267ev.com/img/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/wheel_sprite-tr.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb87f83de7cfb393caa5e970b9382af03901c4be5d54df17491a9fe6c2350247

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3460
etag
"66a75cb9-18f77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xm83mSLLuSvlTLec7E%2FU57my6Khf6KV1NKjYTeACaAJHH7DQlCyXtztG5VCZx9682OiTsHYjL3T6xaPAD059ESkAGlMZ8JOVFc0JlI4TZqREfSwoIXHK5KVcKge2qN66BaxcX3golIdgRQQLnZYQ%2BIWo4mO42aB5%2BRTEBpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef9985eee99214-FRA
content-length
102263
wheel-frame.png
wheel-crazy-time-tr.pu267ev.com/img/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/wheel-frame.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa8363375f1811d2ef52f54a14f2a40a47e96f181ed3462eabf4aa254ac3ed7

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3460
etag
"66a75cb8-21d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=senB1IZBkMzDBZCbrUAY8q90Ywd6N0%2FeV4D223%2F0WpkdVJ%2BtHKkVRAtg5CKu5vsGl7ebW8NSveXMDPWGzNqqsQ2YFk7xWK9vzxszadw4oIdEdIx6%2FqN7pnVi421QA8Lv3%2F8WJ4LawAuwqWR79VSK%2BvkLQMKq43xC3MPrSH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef9985eeea9214-FRA
content-length
138600
Pinup-Black.woff
wheel-crazy-time-tr.pu267ev.com/fonts/src/fonts/Pinup-Black/ 		100 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/fonts/src/fonts/Pinup-Black/Pinup-Black.woff
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0071e5cf68a74c19bd55355486916183bff7afa7f1d16aea03e04736aa621e3

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
Origin
https://wheel-crazy-time-tr.pu267ev.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6711
etag
"66a75cb5-18fec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0pxqeyvFYS5%2BtlA7uhEOgVgeiCDjRTekdmQHBQCgs%2B6kOIF3e8rkiWgBDqnMuB7L0Yp5%2FjpqXI23eRVq7QLSgJH1pxg8Wd6bZkCIKcVYe%2FY4lPHth11aOYiAaOOb0q1oYiiyyLq0pwSn%2F30h63URXfCMb6llTJo9wJ%2BG6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef9985ff039214-FRA
content-length
102380
Roboto-Regular.woff2
wheel-crazy-time-tr.pu267ev.com/fonts/src/fonts/Roboto-Regular/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/fonts/src/fonts/Roboto-Regular/Roboto-Regular.woff2
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
Origin
https://wheel-crazy-time-tr.pu267ev.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6711
etag
"66a75cb8-101c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7IZyPx8co9gM8ZqIE2PSj8YwW4WobPyp%2BzwWl3RoUMbEr9iYK6nsSgzOjeGN1qty0Im%2FJSco1IkWV6FEtMW0O1x%2B1WEvDkiLFUiLq4cUxYzF2WqtZKssWE4u8q8lgvyk6itkMZIOGb9OEwrGYxOK3OPRKFfHnPligQWuCw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef99861f319214-FRA
content-length
65992
7c1a986e-66c6-4137-b579-bce0b41f0482
https://wheel-crazy-time-tr.pu267ev.com/ 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wheel-crazy-time-tr.pu267ev.com/7c1a986e-66c6-4137-b579-bce0b41f0482
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
recaptcha__de.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 		533 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
Origin
https://wheel-crazy-time-tr.pu267ev.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 13:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216180
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 04:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Aug 2025 13:45:29 GMT
turkey.png
wheel-crazy-time-tr.pu267ev.com/img/country/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/country/turkey.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3065
etag
"66a75cbc-4a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSKZ7mz6X8HyNEA0%2Bkp50wt8aw7trA8MIK7lw8GO%2FQ2Woo0EKVA2TV2FQqSXD2TKerLhBzFWq5rW41N0E8Xvt8zV13Jh%2B5G6x5LDCKi0nmAiwmovPDQOylMSUjVuOrlOae5ehM%2BS0gsehFv%2FuljkVUd8By8GS31RWInm2C4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef998758789214-FRA
content-length
1193
js
www.googletagmanager.com/gtag/ 		286 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FSDW78HQ4L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZJH477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1467c02593c7bed650e79f7c46bbc7bc1112dea6aa2faaa5ae9f818d9cc10fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99663
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 14:08:34 GMT
/
api-js.datadome.co/js/ 		232 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.159.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-159-253.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
6cdc3e7b760bc5a6c4452604fd78748dea4941dd58b3b42e7db9f46c89bb1820

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 14:08:35 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
232
expires
0
anchor
www.google.com/recaptcha/enterprise/ Frame 3FA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly93aGVlbC1jcmF6eS10aW1lLXRyLnB1MjY3ZXYuY29tOjQ0Mw..&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=vx8tiiwtd6tu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VzTC4Z7ZEtL8FmO5WUBCHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-VzTC4Z7ZEtL8FmO5WUBCHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 14:08:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je47v0v893553001z8893121458za200zb893121458&_p=1722953313950&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=2032016420.1722953315&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722953315&sct=1&seg=0&dl=https%3A%2F%2Fwheel-crazy-time-tr.pu267ev.com%2F%3Fform_email%3D%257Bform_email%257D%26form_phone%3D%257Bform_phone%257D%26lang%3Dtr%26lrrPath%3Dcasino%252Fprovider%252Fevolution%26pc%3D30%26s1%3Dclickadilla%26s2%3D%255BCLICK_ID%255D%26s3%3Dclickadilla-push%26s4%3D%26s5%3D%26source%3D%26st%3DEKhF64zx%26startTime%3D1722953313391285267%26trId%3Dcqp2soct17i8idsjpto0&dt=150%20000%20%E2%82%BA%20%2B%20250%20fs&en=page_view&_fv=1&_nsi=1&_ss=1&ep.timestamp=2024-08-06T16%3A08%3A34.444%2B02%3A00&ep.gtm_version=GTM-TZJH477%20%7C%20v.%204&up.clientId=&tfd=1862
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 14:08:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wheel-crazy-time-tr.pu267ev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon-32x32.png
wheel-crazy-time-tr.pu267ev.com/img/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:35 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 09:11:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6082
etag
"66a75cb8-687"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZZnlBDFCoov9K3TBBrxcRhma%2Bhj%2FPWS6FlTlIlyN6GOssUelFcyZneuirzKrVKnAO3PD8VitnImLV6GoBQhA%2Bi5Fn5yiJPRTVjVyJAkOrYk3OD3m1wyD%2FRWjbbsx2SFJ5DZUP2wFU91EiKEwpRtwXgFDcWg7MC0OFv%2FWQw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aef998e88dd9214-FRA
content-length
1671
ca1a7507-b4f5-4ebb-afe9-584455a26568
f.pudaf.com/p/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/ca1a7507-b4f5-4ebb-afe9-584455a26568?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ca1a7507-b4f5-4ebb-afe9-584455a26568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.117.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://wheel-crazy-time-tr.pu267ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
43200
date
Tue, 06 Aug 2024 14:08:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ca1a7507-b4f5-4ebb-afe9-584455a26568
f.pudaf.com/p/ 		58 B
848 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/ca1a7507-b4f5-4ebb-afe9-584455a26568?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ca1a7507-b4f5-4ebb-afe9-584455a26568
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.117.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e385845273860c55d7bb2c32e1acc19c80e03ac39c8f323dad8f891b801df561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/html, text/plain
Referer
https://wheel-crazy-time-tr.pu267ev.com/
If-None-Match
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/octet-stream

Response headers

x-trace-id
1ea287708471237a2b0436ddf8d9ede1
date
Tue, 06 Aug 2024 14:08:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 06 Aug 2024 14:06:56 GMT
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
66b22e64bd00226f73226079
vary
Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length
58
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
24 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53079
x-xss-protection
0
server
cafe
etag
9018912253985105472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 06 Aug 2024 14:08:36 GMT
ca1a7507-b4f5-4ebb-afe9-584455a26568
f.pudaf.com/p/ 		58 B
849 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/ca1a7507-b4f5-4ebb-afe9-584455a26568?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ca1a7507-b4f5-4ebb-afe9-584455a26568
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.117.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e385845273860c55d7bb2c32e1acc19c80e03ac39c8f323dad8f891b801df561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/html, text/plain
Referer
https://wheel-crazy-time-tr.pu267ev.com/
If-None-Match
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/octet-stream

Response headers

x-trace-id
ed2073d4cd44fde25c1265c43949e0b0
date
Tue, 06 Aug 2024 14:08:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 06 Aug 2024 14:06:56 GMT
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
66b22e64d4eacaf4844fd554
vary
Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length
58
ca1a7507-b4f5-4ebb-afe9-584455a26568
f.pudaf.com/p/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/ca1a7507-b4f5-4ebb-afe9-584455a26568?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ca1a7507-b4f5-4ebb-afe9-584455a26568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.117.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://wheel-crazy-time-tr.pu267ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
43200
date
Tue, 06 Aug 2024 14:08:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ca1a7507-b4f5-4ebb-afe9-584455a26568
f.pudaf.com/p/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/ca1a7507-b4f5-4ebb-afe9-584455a26568?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ca1a7507-b4f5-4ebb-afe9-584455a26568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.117.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://wheel-crazy-time-tr.pu267ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
43200
date
Tue, 06 Aug 2024 14:08:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ca1a7507-b4f5-4ebb-afe9-584455a26568
f.pudaf.com/p/ 		58 B
848 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/ca1a7507-b4f5-4ebb-afe9-584455a26568?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=ca1a7507-b4f5-4ebb-afe9-584455a26568
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.117.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e385845273860c55d7bb2c32e1acc19c80e03ac39c8f323dad8f891b801df561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/html, text/plain
Referer
https://wheel-crazy-time-tr.pu267ev.com/
If-None-Match
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/octet-stream

Response headers

x-trace-id
d3995c2cc6e6eef2f1f4e34c7528722b
date
Tue, 06 Aug 2024 14:08:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 06 Aug 2024 14:06:57 GMT
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
66b22e6571a503b64160c494
vary
Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length
58
collect
region1.google-analytics.com/g/ 		0
45 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je47v0v893553001za200zb893121458&_p=1722953313950&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=2032016420.1722953315&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722953315&sct=1&seg=0&dl=https%3A%2F%2Fwheel-crazy-time-tr.pu267ev.com%2F%3Fform_email%3D%257Bform_email%257D%26form_phone%3D%257Bform_phone%257D%26lang%3Dtr%26lrrPath%3Dcasino%252Fprovider%252Fevolution%26pc%3D30%26s1%3Dclickadilla%26s2%3D%255BCLICK_ID%255D%26s3%3Dclickadilla-push%26s4%3D%26s5%3D%26source%3D%26st%3DEKhF64zx%26startTime%3D1722953313391285267%26trId%3Dcqp2soct17i8idsjpto0&dt=150%20000%20%E2%82%BA%20%2B%20250%20fs&en=scroll&ep.timestamp=2024-08-06T16%3A08%3A34.444%2B02%3A00&ep.gtm_version=GTM-TZJH477%20%7C%20v.%204&epn.percent_scrolled=90&_et=8&tfd=6870
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 14:08:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wheel-crazy-time-tr.pu267ev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| landingConfig object| dataLayer string| afto function| aft string| ddjskey object| ddoptions boolean| dataDomeProcessed object| dataDomeOptions boolean| ddSbh object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| afti object| google_tag_manager object| google_tag_data object| phonePattern object| links object| pageState object| formNotif function| aftUUID function| aftSID function| aftUID function| aftGenSID object| recaptcha object| closure_lm_372565 function| onYouTubeIframeAPIReady object| gaGlobal string| _D9tysGh2

8 Cookies

Domain/Path Name / Value
go-pupromo.com/ Name: click-2024-08-06
Value: ",EKhF64zx"
.go-pupromo.com/ Name: __cf_bm
Value: w3KDGhTu.BZsgYo.wBwSQ1UorWyaohhJeHeU7gvYSwY-1722953313-1.0.1.1-cGODlg5Ip6x_FSRXNkSjHCQhE1nOvDW4vFerpvq50xLxlBEZzgoDqEP0fsei56jsaC0MacwPPdI2CobVE0HvnA
go-pupromo.com/ Name: __cflb
Value: 02DiuD27RCKFLAvvEgskoieNUhdFiUKVmjHvVa4erf46Q
.pu267ev.com/ Name: __cf_bm
Value: dwdoSeKF9Gk10yuE6V4hoqmwb9ALKKqR0WKcyoFUvaE-1722953313-1.0.1.1-uHbyrFGRH0G7r9qHrutdESONSL2SKLm8_512gJnEMo.f4aPiYJUuC_gg.f_n9TJSvnn3E0jEbZMxtIHBKa_J2w
wheel-crazy-time-tr.pu267ev.com/ Name: ga-x3sdiid0
Value: Y4NTI2YTU1NDg0NTktZTFmLWJiZW00NSRmYjctMDc1YTExY2
.pu267ev.com/ Name: _ga
Value: GA1.1.2032016420.1722953315
.pu267ev.com/ Name: _ga_FSDW78HQ4L
Value: GS1.1.1722953315.1.0.1722953315.0.0.0
.pu267ev.com/ Name: datadome
Value: P0YhxYmqI~vc3tsUWRZTw4n~l6k0iiaMk1XySlBiQ2AnrsnLl3_GqRaA9bjeNFp8_ZH0qqUcn3KdNHGl2fgQr_tfQAzNc1Pw5AAO1~ryMdtAVkjciNxqlFUJlMyB0nyI

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering warning URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1722953313391285267&trId=cqp2soct17i8idsjpto0
Message:
[.WebGL-0x12f4030fb100]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels (this message will no longer repeat)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
f.pudaf.com
fonts.googleapis.com
fs.pudaf.com
go-pupromo.com
js.datadome.co
pagead2.googlesyndication.com
region1.google-analytics.com
wheel-crazy-time-tr.pu267ev.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.184.228
142.250.185.194
18.185.159.253
18.66.122.11
185.159.247.247
2001:4860:4802:32::36
2606:4700:20::681a:67f
2a00:1450:4001:803::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
3.64.117.214
1467c02593c7bed650e79f7c46bbc7bc1112dea6aa2faaa5ae9f818d9cc10fff
24a3f9ee414952329c4b8da6645d49e3d03f358ea10c6c6a4c291334d6b56fa6
2a0d41ac4c8053b18a6e09c64c7c7b2e65eb43583e34a7b03b26be44c38163c7
31fd59bf9d0b3fd3a4040ba7f5a0e0c30bf0b3fd1ebae27b18c5872df9a300cf
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
4a06fffa1c1d971e4d66366e9bf439486cd58d64120286473fc42b79e26609f3
5677c634481977d00497892ebf81a014c261479dfa8106c8c6d400f42dfbd7e4
59be4f26ebbd3d217c718297b47ecccba9fe2d944b8d1af45ab234261901c3ac
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6cdc3e7b760bc5a6c4452604fd78748dea4941dd58b3b42e7db9f46c89bb1820
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22
8989b0ba795953979f81f0b2c3578193b9970d67a17ff6afe34d31a46236569a
932313c65ee1bffa5ba2771f458af0a25c645dda963b1d74c5e37ece643fa0f9
9392ee9abc6973a734d747f6e7bdfe28d1dd2594abca0b0df1b92e3d161fd14f
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91
baa8363375f1811d2ef52f54a14f2a40a47e96f181ed3462eabf4aa254ac3ed7
bb87f83de7cfb393caa5e970b9382af03901c4be5d54df17491a9fe6c2350247
bd1ac4b6407bba720f490d5409d18fa390947443ae4067a5c6c279fdf949f703
d0071e5cf68a74c19bd55355486916183bff7afa7f1d16aea03e04736aa621e3
d504fbebade88990eafbbde18fbe5364c3c25a9784fbdd85c7b09c6c5a20dfd5
d9cf47784e8afcf57e1b02f42022e6c75227328ad07ff706edadfde8321a0ce9
dda44dc7be2e45d359cebdcb2f958d375fda16aef7caf626aa597aa2cea9570a
e385845273860c55d7bb2c32e1acc19c80e03ac39c8f323dad8f891b801df561
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fac096aafa62f48129a54bf856fd215d128a3bf8eada7a6bd9181a04fed4fd32