roxcasino-tr.pu137ev.com Open in urlscan Pro
2606:4700:20::681a:7b3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response roxcasino-tr.pu137ev.com/	18 KB 5 KB	502ms 293ms	Document text/html	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://roxcasino-tr.pu137ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a59a3af6e0ccf94c54e6e33d9514f2f06cea329d9ff9550ec41357cd41984bb2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 83aae6b24dbf67c8-MIA content-encoding br content-type text/html date Sun, 24 Dec 2023 18:27:56 GMT last-modified Wed, 13 Dec 2023 15:29:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FWoSbgv4PWe2%2F4iqoCjURZoGJpWBamqnAQpiHoBvY5IzW8or5P%2FrBBEKtEC5NmYGPkgByo3ZXjUbOTlenU0g2QXq4R4s1tTgaQw8EoQyDNEh2Ek0L1UFyt6Ps3gq7lsI8AEtf3JDpV5mbBks%2BLz07hfQekwqA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	169ms 61ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,600,700,900&display=swap&subset=cyrillic Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e8841ae28cd23a195102486ffe06cf53f51d1beb8e024ce760b3f6379c3e3c25 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 24 Dec 2023 18:27:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Dec 2023 18:27:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 Dec 2023 18:27:56 GMT
GET H2	200	main.css roxcasino-tr.pu137ev.com/	20 KB 4 KB	171ms 169ms	Stylesheet text/css	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://roxcasino-tr.pu137ev.com/main.css Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84bd81553ca94f64222fd150614e3a492ecf76cdafc20ffb0be50f08ae9c3a64 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:56 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdf0-5012" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyjTkT3jyEPZDz7bWbwu9fXj%2FJNZyzrXs62ITc47wqvjIf%2BeL04fvphjMKsTj7sUQi%2B96QvdunrPoewyIHLjTdun00eipZmCZdubjuFqCJG9asczkD%2BQ7IsIROmy0u16CsboKcFlLena07F1%2B8r3Kv1a9vh50g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 83aae6b59a8167c8-MIA
GET H2	200	roxcasino-modal-img-desk.png roxcasino-tr.pu137ev.com/img/modal/	28 KB 28 KB	429ms 428ms	Image image/png	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu137ev.com/img/modal/roxcasino-modal-img-desk.png Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7178777b0bbcfb16bc95cae31fbf75d07eea332ef0015af706e2fcef0e7673ee Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:56 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdea-6e55" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuIZC6fKcy7%2FMdWpzyav7k0lC4jJvj4XQ0205bKuHFeEk1hZvVtniZSS4zpvRpNsfB%2FbKnpJbs3NFuDdGlo1Fh03LWo1icLH2aZicjTn0NZ6poTPz2MP%2F%2Bkr0ednZ4%2BWZ3qSFiRujgkHee6oH7ch35eYuJbRkA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 83aae6b59a8267c8-MIA
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	1 KB 1 KB	177ms 70ms	Script text/javascript	2607:f8b0:4004:c09::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50 Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ce3c7b9aa7606bd64b6dbf60299b7a21d8a87e69c98b45c05201c3f4faefd3d2 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sun, 24 Dec 2023 18:27:56 GMT
GET H2	200	bundle.js Show response roxcasino-tr.pu137ev.com/	77 KB 19 KB	433ms 432ms	Script application/javascript	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://roxcasino-tr.pu137ev.com/bundle.js Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d65c13c6cc536a884c136555082a1cb3db39eaced1d00cdbb0063f64e85a6ac6 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:56 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cde8-135d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG4b6IqlNLuIu2fj6kbpa3nUdZAWT2myQBKrpjaReAsgWnDavAKe1beAV9xagdLqhotuKNse%2FPV19w%2B1AFPlPowPPfkdUq5h%2FHoi8Bnemugdjz3mcBFptxhPKnHhWY7sLUpfSncarHl%2Fpu3DPCvOzFf4%2Bk43Yw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 83aae6b5bab467c8-MIA
GET H2	200	fp.js Show response fs.pudaf.com/	377 KB 71 KB	449ms 156ms	Script application/javascript	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs.pudaf.com/fp.js Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash dea35e1e512b9c5e6b6c2c813e2590fe41f3af3d15a2a1c84cc46b2b9481d68b Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:56 GMT content-encoding gzip last-modified Thu, 07 Dec 2023 14:38:20 GMT etag W/"6571d8dc-5e448" content-type application/javascript
GET H2	200	custom_background.jpg roxcasino-tr.pu137ev.com/img/	55 KB 55 KB	296ms 296ms	Image image/jpeg	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu137ev.com/img/custom_background.jpg Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d60095bab9c9c1dc55b60683b5c7b86b2a3f735acbc6fb9677e8126b560d3af8 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:56 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdea-daab" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWlN1HsRgUTP%2BbDdV4TAUApBcvyJx11HY8P%2FXtwNV4LzUJZaDkYNREtv%2BWNUrTB%2BUEn6ylJDrPAAyvpN71CGpumWNsbKPa4XTjjw%2BjnsRwk9fzD1sUI%2FRIPT4Am6ybUxdkU6JqwrS50y9ZdGQ606KaaI2dl8GQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 83aae6b6bbff67c8-MIA
GET H2	200	custom_down-arrow.svg roxcasino-tr.pu137ev.com/img/	188 B 467 B	298ms 297ms	Image image/svg+xml	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu137ev.com/img/custom_down-arrow.svg Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c9dcc4fb62b1dd4c6f1c44ee40efe583333fdf7166a98c5de85d0bf9b18aee2 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:56 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdea-bc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0HTtMt5b%2FDXzhnlGdfq5m%2FZbee9snDOMaF1B5bYltCMeA1YXG%2Bu8ZE8tD2TVQ8negcnCmnbCbLVQNwDiShvEfc2Ubpy9PpR3LIiTdOpsVCCZXNxczFVBSJWWkgWFAhjUJDKrEugxGJ%2FWB1XQylAdlzPpjjamQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 83aae6b6bc0367c8-MIA
GET H2	200	custom_checkbox.svg roxcasino-tr.pu137ev.com/img/	176 B 450 B	298ms 298ms	Image image/svg+xml	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu137ev.com/img/custom_checkbox.svg Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f73e4d5d9be7cd1607f193655b8fc80510b38e4ebda87f0656885095014bc7cd Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:56 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdea-b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1MNv22FbLvfrSDFdON5z4xOK%2BNj6JBR5%2BJmUH4LlL5I3ohZQHVj9yVAmXD7nJPzg0474acwdxBZQLpPW4GnTY54weW3LZil2lMR0NQMpWf5KpGhMfqYQ5Gl6N8EG%2FAeSTgwGc4bTPeh2HQeyNPFaRn7B%2FMBvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 83aae6b6bc0567c8-MIA
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/	503 KB 202 KB	158ms 53ms	Script text/javascript	2607:f8b0:4004:c06::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://roxcasino-tr.pu137ev.com/ Origin https://roxcasino-tr.pu137ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 17:03:41 GMT content-encoding gzip x-content-type-options nosniff age 5055 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205927 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 23 Dec 2024 17:03:41 GMT
GET H2	200	turkey.png roxcasino-tr.pu137ev.com/img/country/	1 KB 2 KB	294ms 293ms	Image image/png	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu137ev.com/img/country/turkey.png Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:57 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cded-4a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjOQ%2Fj5fdTZEBGCWFyB1VpWHTxsWVQU87YPXljk0wRrNaOlLDQJLMBVZ9Xwbj3kKzQN537g3JjsAip1iguETolYDUrmU45UNFf5mMaM0q32HTlIgxsBVxD3V%2FGY9h8V%2FYMskUFx7tEnRguRkMl8w9vAFAO9G2A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 83aae6b87e5a67c8-MIA
GET H2	200	icomoon.ttf roxcasino-tr.pu137ev.com/fonts/src/icon-fonts/	7 KB 7 KB	299ms 298ms	Font application/octet-stream	2606:4700:20::681a:7b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://roxcasino-tr.pu137ev.com/fonts/src/icon-fonts/icomoon.ttf Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f Request headers Referer https://roxcasino-tr.pu137ev.com/main.css Origin https://roxcasino-tr.pu137ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:57 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6579cdea-1a54" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xprSHXAiRaoY2Ox1igA66DO9mZ6Y%2BvLI6rCJTAclnBPLqh3ycduz0hab8qoKkY6d3sMzeZ23R3wgPwXfNVSaTW%2FrFLyENWaxCRhyevOfwwhdHX5Pp4gJeLIvN9ewxQL2AmjP5w1u5dY%2F1euXxqtbk3WKQ%2Bo0vw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 83aae6b88e6367c8-MIA content-length 6740
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame E5C1	7 KB 1 KB	71ms 71ms	Document text/html	2607:f8b0:4004:c09::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9yb3hjYXNpbm8tdHIucHUxMzdldi5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=24uenrzbyosm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9aa315b96c84cc55f64061b1643ac4f1062796fe5856ebe635bdf2cb039abdec Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mV209q2yaeVdnUBtA1rZLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://roxcasino-tr.pu137ev.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-mV209q2yaeVdnUBtA1rZLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 18:27:57 GMT expires Sun, 24 Dec 2023 18:27:57 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E5C1	55 KB 25 KB	156ms 52ms	Stylesheet text/css	2607:f8b0:4004:c06::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9yb3hjYXNpbm8tdHIucHUxMzdldi5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=24uenrzbyosm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 17:18:29 GMT content-encoding gzip x-content-type-options nosniff age 4168 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 23 Dec 2024 17:18:29 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E5C1	503 KB 201 KB	206ms 103ms	Script text/javascript	2607:f8b0:4004:c06::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9yb3hjYXNpbm8tdHIucHUxMzdldi5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=24uenrzbyosm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 17:03:41 GMT content-encoding gzip x-content-type-options nosniff age 5056 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205927 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 23 Dec 2024 17:03:41 GMT
OPTIONS H2	204	f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc f.pudaf.com/p/ Frame	0 0	438ms 144ms	Preflight	18.193.20.245 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.193.20.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-20-245.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://roxcasino-tr.pu137ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Sun, 24 Dec 2023 18:27:57 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc Show response f.pudaf.com/p/	21 B 732 B	145ms 145ms	Fetch application/json	18.193.20.245 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.193.20.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-20-245.eu-central-1.compute.amazonaws.com Software / Resource Hash 4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60 Request headers Accept application/json, text/html, text/plain Referer https://roxcasino-tr.pu137ev.com/ If-None-Match accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/octet-stream Response headers date Sun, 24 Dec 2023 18:27:58 GMT last-modified Sun, 24 Dec 2023 18:26:18 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 6588782ea4d5e9a9a45e069e vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 21
HEAD H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	192ms 85ms	Fetch text/javascript	2607:f8b0:4004:c19::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu137ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 18:27:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51239 x-xss-protection 0 server cafe etag 1239301345388579065 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 24 Dec 2023 18:27:57 GMT
GET BLOB	200 OK	beedbe3f-e500-4b42-af7d-3b7db01214db https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/beedbe3f-e500-4b42-af7d-3b7db01214db Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame E5C1	2 KB 2 KB	54ms 53ms	Image image/png	2607:f8b0:4004:c06::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 23 Dec 2023 05:56:55 GMT x-content-type-options nosniff age 131462 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sat, 30 Dec 2023 05:56:55 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E5C1	15 KB 16 KB	158ms 52ms	Font font/woff2	2607:f8b0:4004:c1d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9yb3hjYXNpbm8tdHIucHUxMzdldi5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=24uenrzbyosm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 22 Dec 2023 20:36:54 GMT x-content-type-options nosniff age 165063 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Dec 2024 20:36:54 GMT
GET BLOB	200 OK	f9e2e1db-ab9f-45f3-8faf-fa97e18a9a08 https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/f9e2e1db-ab9f-45f3-8faf-fa97e18a9a08 Requested by Host: roxcasino-tr.pu137ev.com URL: https://roxcasino-tr.pu137ev.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	a4f2c99b-8338-402a-a69b-95f98bc9bd6c https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/a4f2c99b-8338-402a-a69b-95f98bc9bd6c Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	6356b488-9de2-4e9c-9413-8da86b6b911c https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/6356b488-9de2-4e9c-9413-8da86b6b911c Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	23afde67-a3a3-4dc8-9f21-a984b6df8c7a https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/23afde67-a3a3-4dc8-9f21-a984b6df8c7a Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	c46a48bd-14c9-4922-913c-a8d43e9b55c6 https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/c46a48bd-14c9-4922-913c-a8d43e9b55c6 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	0d54ef67-9e88-4670-b1e9-58fe8e6908b5 https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/0d54ef67-9e88-4670-b1e9-58fe8e6908b5 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	be15b25f-eaaa-48a4-958f-02c1f23392da https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/be15b25f-eaaa-48a4-958f-02c1f23392da Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	3909df7c-0091-4878-89a8-47aba85f33ac https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/3909df7c-0091-4878-89a8-47aba85f33ac Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	e94590eb-a7be-4e00-834d-d5ad3b78ef3f https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/e94590eb-a7be-4e00-834d-d5ad3b78ef3f Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	34e878fa-6b83-44fa-b47b-f452e36eb06a https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/34e878fa-6b83-44fa-b47b-f452e36eb06a Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	5649dec7-e9f3-4cb4-9c65-f54b0f14570a https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/5649dec7-e9f3-4cb4-9c65-f54b0f14570a Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	ea393999-0860-47c5-8d2a-1ed6708acc4d https://roxcasino-tr.pu137ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu137ev.com/ea393999-0860-47c5-8d2a-1ed6708acc4d Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
POST H2	200	f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc Show response f.pudaf.com/p/	21 B 732 B	308ms 308ms	Fetch application/json	18.193.20.245 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.193.20.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-20-245.eu-central-1.compute.amazonaws.com Software / Resource Hash 4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60 Request headers Accept application/json, text/html, text/plain Referer https://roxcasino-tr.pu137ev.com/ If-None-Match accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/octet-stream Response headers date Sun, 24 Dec 2023 18:28:00 GMT last-modified Sun, 24 Dec 2023 18:26:20 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 658878300fdbc2a008f48cd2 vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 21
OPTIONS H2	204	f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc f.pudaf.com/p/ Frame	0 0	174ms 174ms	Preflight	18.193.20.245 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=f237dd1e-09dd-44cb-8f39-fb47c6e5b7fc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.193.20.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-20-245.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://roxcasino-tr.pu137ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Sun, 24 Dec 2023 18:28:00 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| landingConfig string| afto function| aft object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| phonePattern object| links object| pageState object| formNotif object| recaptcha object| closure_lm_206763 string| afti function| aftUUID function| aftSID function| aftUID function| aftGenSID

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pu137ev.com/	1970-01-20 17:10:44	Name: __cf_bm Value: pZ0riS0MM9Ifbm_LLUING8hGNxdXUjth_UwKwzguMag-1703442476-1-AZ6wSS80GJmRwElhEE9s0fjINP9ZKL8MxMCbPKEIyLxMHHhf8+IAik+TOVNiIlReHfSv3gCoNw5iLT2mwTHVOuI=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fs.pudaf.com/fp.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
pagead2.googlesyndication.com
roxcasino-tr.pu137ev.com
www.google.com
www.gstatic.com
18.193.20.245
2606:4700:20::681a:7b3
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::69
2607:f8b0:4004:c19::9d
2607:f8b0:4004:c1d::5e
52.58.237.32
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2c9dcc4fb62b1dd4c6f1c44ee40efe583333fdf7166a98c5de85d0bf9b18aee2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa
7178777b0bbcfb16bc95cae31fbf75d07eea332ef0015af706e2fcef0e7673ee
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
84bd81553ca94f64222fd150614e3a492ecf76cdafc20ffb0be50f08ae9c3a64
9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f
9aa315b96c84cc55f64061b1643ac4f1062796fe5856ebe635bdf2cb039abdec
a59a3af6e0ccf94c54e6e33d9514f2f06cea329d9ff9550ec41357cd41984bb2
ce3c7b9aa7606bd64b6dbf60299b7a21d8a87e69c98b45c05201c3f4faefd3d2
d60095bab9c9c1dc55b60683b5c7b86b2a3f735acbc6fb9677e8126b560d3af8
d65c13c6cc536a884c136555082a1cb3db39eaced1d00cdbb0063f64e85a6ac6
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
dea35e1e512b9c5e6b6c2c813e2590fe41f3af3d15a2a1c84cc46b2b9481d68b
e8841ae28cd23a195102486ffe06cf53f51d1beb8e024ce760b3f6379c3e3c25
f73e4d5d9be7cd1607f193655b8fc80510b38e4ebda87f0656885095014bc7cd