wheel-girls-pinco-ru.pu220ev.com Open in urlscan Pro
2606:4700:20::681a:2d3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apkiranna.com/group
Effective URL:
https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3...
Submission Tags: falconsandbox
Submission: On September 29 via api (September 29th 2024, 8:59:02 am UTC) from US — Scanned from NL

Summary HTTP 51 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 51 HTTP transactions. The main IP is 2606:4700:20::681a:2d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheel-girls-pinco-ru.pu220ev.com.
TLS certificate: Issued by WE1 on August 16th 2024. Valid for: 3 months.

This is the only time wheel-girls-pinco-ru.pu220ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	37.252.15.57 37.252.15.57	58061 (SCALAXY-AS) (SCALAXY-AS)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	45.147.176.74 45.147.176.74	198610 (BEGET-AS) (BEGET-AS)
1 1	45.67.214.8 45.67.214.8	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
29	2606:4700:20:... 2606:4700:20::681a:2d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	3.122.77.146 3.122.77.146	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.18 18.66.122.18	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1	3.65.45.255 3.65.45.255	16509 (AMAZON-02) (AMAZON-02)
3	18.158.54.55 18.158.54.55	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
51	15

1 37.252.15.57 (Netherlands)

ASN58061 (SCALAXY-AS, LV)

apkiranna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.147.176.74 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)

qchista12.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.67.214.8 (Russian Federation) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

partnerprofitboost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:20::681a:2d3 (United States)

ASN13335 (CLOUDFLARENET, US)

wheel-girls-pinco-ru.pu220ev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.77.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-77-146.eu-central-1.compute.amazonaws.com

fs.pudaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-18.fra60.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.45.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-45-255.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.54.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-54-55.eu-central-1.compute.amazonaws.com

f.pudaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	pu220ev.com wheel-girls-pinco-ru.pu220ev.com	1 MB
4	pudaf.com fs.pudaf.com — Cisco Umbrella Rank: 453922 f.pudaf.com — Cisco Umbrella Rank: 443524	67 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3391	662 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 870	4 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 4401 api-js.datadome.co — Cisco Umbrella Rank: 4276	32 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	183 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	24 B
1	gstatic.com www.gstatic.com	214 KB
1	partnerprofitboost.com 1 redirects partnerprofitboost.com — Cisco Umbrella Rank: 794534	839 B
1	qchista12.ru qchista12.ru	1 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 749	32 KB
1	apkiranna.com apkiranna.com	25 KB
0	nr-data.net Failed bam.nr-data.net Failed
51	14

	Domain	Requested by
29	wheel-girls-pinco-ru.pu220ev.com	qchista12.ru wheel-girls-pinco-ru.pu220ev.com
3	region1.google-analytics.com	wheel-girls-pinco-ru.pu220ev.com
3	f.pudaf.com	wheel-girls-pinco-ru.pu220ev.com
2	unpkg.com	1 redirects
2	www.googletagmanager.com	wheel-girls-pinco-ru.pu220ev.com www.googletagmanager.com
2	www.google.com	wheel-girls-pinco-ru.pu220ev.com www.gstatic.com
1	pagead2.googlesyndication.com	wheel-girls-pinco-ru.pu220ev.com
1	api-js.datadome.co	js.datadome.co
1	www.gstatic.com	www.google.com
1	js.datadome.co	wheel-girls-pinco-ru.pu220ev.com
1	fs.pudaf.com	wheel-girls-pinco-ru.pu220ev.com
1	partnerprofitboost.com	1 redirects
1	qchista12.ru	apkiranna.com
1	js-agent.newrelic.com	apkiranna.com
1	apkiranna.com
0	bam.nr-data.net Failed	apkiranna.com
51	16

This site contains links to these domains. Also see Links.

Domain
tdssvc.com

Subject Issuer	Validity	Valid
apkiranna.com E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
qchista12.ru E6	`2024-08-23` - `2024-11-21`	3 months	crt.sh
wheel-girls-pinco-ru.pu220ev.com WE1	`2024-08-16` - `2024-11-14`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.pinup-antifraud.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
Frame ID: 29B058C4E1C26D146D7833BFFBD239C8
Requests: 48 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly93aGVlbC1naXJscy1waW5jby1ydS5wdTIyMGV2LmNvbTo0NDM.&hl=nl&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=xxzn436i2qro
Frame ID: 7ADADD095A8704D6DDAE9EC78EC526EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

100 000 ₺ + 250 fs

Page URL History Show full URLs

https://apkiranna.com/group Page URL
https://qchista12.ru/ Page URL
https://partnerprofitboost.com/ofkvLVVC/ HTTP 302
https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=cas... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

51
Requests

92 %
HTTPS

33 %
IPv6

14
Domains

16
Subdomains

15
IPs

4
Countries

1841 kB
Transfer

3371 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://tdssvc.com/p6M?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Search URL Search Domain Scan URL

URL: https://tdssvc.com/zw7?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
Title: с правилами и условиями

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apkiranna.com/group Page URL
https://qchista12.ru/ Page URL
https://partnerprofitboost.com/ofkvLVVC/ HTTP 302
https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 group Show response
apkiranna.com/ 62 KB
25 KB 98ms
43ms Document
text/html 37.252.15.57
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apkiranna.com/group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.252.15.57 , Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software: Caddy nginx/1.18.0 (Ubuntu) /
Resource Hash: 22a079cc6b15cb43cffba44a87bb07bec04fb3ca7915decc0e20b3a10e79853c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 08:58:54 GMT
server: Caddy nginx/1.18.0 (Ubuntu)

GET
H2 200 nr-spa-1.265.1.min.js
js-agent.newrelic.com/ 109 KB
32 KB 55ms
16ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.265.1.min.js

Requested by

Host: apkiranna.com
URL: https://apkiranna.com/group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://apkiranna.com
Referer

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "5b9d8baa112d5d1fe1575bc547a2d11c"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 32119
date: Sun, 29 Sep 2024 08:58:55 GMT
last-modified: Fri, 06 Sep 2024 15:19:57 GMT
content-type: application/javascript
x-served-by: cache-ams21043-AMS
x-cache-hits: 451971
vary: Accept-Encoding

GET
H/1.1 200
OK /
qchista12.ru/ 650 B
1 KB 275ms
87ms Document
text/html 45.147.176.74
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qchista12.ru/
Requested by: Host: apkiranna.com
URL: https://apkiranna.com/group
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 45.147.176.74 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 650
Content-Type: text/html; charset=utf-8
Date: Sun, 29 Sep 2024 08:58:55 GMT
Expires: Sun, 29 Sep 2024 08:58:55 GMT
Server: nginx
Vary: Accept-Encoding

GET favicon.ico
apkiranna.com/ 0
0

POST NRJS-70d296500a1ce2f6999
bam.nr-data.net/1/ 0
0

GET
H2

200

Primary Request / Show response
wheel-girls-pinco-ru.pu220ev.com/
Redirect Chain

https://partnerprofitboost.com/ofkvLVVC/?
https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&s...

14 KB
5 KB

148ms
97ms

Document
text/html

2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Requested by

Host: qchista12.ru
URL: https://qchista12.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f29c7e9f5da8f32a594db77e2929d764f1772d1811eef4339815f0deeafe00f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qchista12.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8caac631c8efb994-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 29 Sep 2024 08:58:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UE0kE2lrL4YtWEpbibpYsIEBjj3m4BM0hvlu2p5DT1ylFX6f9PfJhJIbhKaoOeRYvY2tEgiteA2dmpCq2adg6cvjvQixtSbfBQzjbNW6cObOUdBQbj3%2Bn%2FteKCah4%2BcklySVDLyXhb32Pa9S7T9e%2Fr%2FXVtXvTTWIVhXDEn51ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8caac6303f2fb950-AMS
content-length: 0
date: Sun, 29 Sep 2024 08:58:55 GMT
location: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fE426OG55f8zOzoxTlYrzrkr4PiNPvjyqzYN9Q49IKBJ%2FCVltjtUSxHP4sp47sUXo%2BmIyFkYZ9dt90G1F0oDkw5EvMeHCu1KbkO5bGkR3vDmP2Hx9npeoiwzlVfJhQ15pKWt7wC87Ho%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 speculation
wheel-girls-pinco-ru.pu220ev.com/cdn-cgi/ 2 B
325 B 62ms
62ms Other
application/speculationrules+json 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheel-girls-pinco-ru.pu220ev.com/cdn-cgi/speculation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wheel-girls-pinco-ru.pu220ev.com
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dKtbuEAJzB%2F0h8lSEk25uGciVuUlbYf3xV%2F2tbNlEYZ7dX8NMIa6mFErXAiwP5y3007uPVOSc5Elk%2BhQ9Qi6nPVHR4ejWd0paAcThn0q9FAUpMfvbtlASjlhyJA1pD8CEFxR%2BRuJhIeGROkc%2BJynk%2Fuhg7Bkd5WC8%2FVIG5zK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8caac632799db994-AMS
content-length: 2
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H2 200 main.css
wheel-girls-pinco-ru.pu220ev.com/ 41 KB
7 KB 62ms
61ms Stylesheet
text/css 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/main.css

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c522a4457de501d8f7bffaf4f8dec74c011c7c09aa4a38734c6ea2f83beec77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"e2cef0786452601af0146e0cd790e635"
age: 586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HK1XymYQ5DnKa5GpTflBrUaXJMsQdw1sj6NzRIpdhosJO%2FBCSVL5SrkPbDz82Jl9RUEg62aXOjmMaITd7i2TgQTd%2BTn00Fb2Yj2peB7r%2FHZMFYlZUEltYAvx4nrzbA%2BaoBU9yc%2Fzr%2Bcrc3bikX%2BOgo0%2BCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63279a0b994-AMS
access-control-allow-origin: *
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 logo_pinco.svg
wheel-girls-pinco-ru.pu220ev.com/img/logo/ 10 KB
4 KB 30ms
30ms Image
image/svg+xml 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/logo/logo_pinco.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e9250b23598712d9e595e9e34be1c79a22da830f31481e7f46d3d1b58df242

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"e63969a5ef752a62c9243f8b4b8425af"
age: 586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPyO%2BymlnhS6OtNsoHmJJAvuRBJTHPimqPqXrugfQlxbNL7sglyKIZThbg3q8RXRqz7YM8MTXcjcbZjcs%2FbC6%2FotGIniHxXYd3rT80gg8pEv2hS%2BwMELfR7L0nQA2Vt2Qj22Q%2B35UZ6UJfZqgmH9cewVZA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63279a2b994-AMS
access-control-allow-origin: *
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 girl_left.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 129 KB
129 KB 31ms
31ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/girl_left.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59da0dfd36307876e68b2ef44e0b50cae13dfbd5f95ea13e359043a9a89d7f5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "4f465184f21b248b70c201f6a654fc1a"
age: 586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwupaSGkw2lSwrEE0q9sjxqfxHygnl8j2hZLHTiMCVjqi067G27KgoKKa21oR%2BjdJ4FmomPoxHZbK94zzKbaW%2BO%2FduvUWIj4z8wDtmPSy%2F5KKLnzkEDru0iig524QQzCH7kzxFJMKEN%2FCVACqcPmxb7SUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63279a5b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 131946
server: cloudflare

GET
H2 200 decor_item_1.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 106 KB
106 KB 49ms
46ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/decor_item_1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9580f3e0b97067910d54bef70a71d4fa1e6258253355f7d8ddca73e8e3f5fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "6bca03259e3351455c1f79b2b39c37d1"
age: 586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhCcsJDvM3meFrsis2rf9whjNC2XHtiCVO5Ti7jGNBIqy5Tk%2B4oyV63MbjjLcASDJXXpWGtmQMCRCuOD84%2B1TZFk9Fo13qyZ%2BuqgCoymfr5TI%2BZFtignc%2BR%2B%2FtwKXSwAstkoNaHh3v1XvR6kaj7%2Fj4L7Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289b3b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108433
server: cloudflare

GET
H2 200 decor_item_2.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 58 KB
58 KB 50ms
47ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/decor_item_2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d3b3bb4bb850af5ae358160f9a1e04fde26a0a93321f197ec244e22e12d606

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "da352adeb04c718785dbead1854df0b4"
age: 586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AIOQ9bTjJqqI7dilrPgGqlKEJLu3OyeAXRkFICIUkzlFT%2BJ8wjzWRG%2BrnhhBkk537SMTjGKEmJwghebA4KpGFZ9mpeMg2CzYN9NGfY%2BleDWlW6viCGU9lEwSxajcuGWMUolUW%2BsoLazjp4gyv%2BgK4E4%2FzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289b5b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58990
server: cloudflare

GET
H2 200 decor_item_3.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 24 KB
25 KB 49ms
46ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/decor_item_3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee4334fccae5c613a664dd39fd3ee289452925cf79839df2b58bd9a3e06a5aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "fe240b875eb3018f2efc479f80c53fd6"
age: 1843
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRbDkLQwVwEb3XDEN3FkFxIZfVpom5lTob5RMkKCYtPMS2chw5JHx4I4Wl9Vo%2BMohBUWIolZHAOCJBQmH114SGOPWJgdZsJCpat1hqjNc6ZCS3V2d8sjEwhBs%2Bg3Ct7UkNdQft0qDLC1f7VsX0qGzuYeog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289b8b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24860
server: cloudflare

GET
H2 200 decor_item_4.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 79 KB
80 KB 48ms
45ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/decor_item_4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

072da1be544d871fb2cc2f7e87e7ea39badf5051c6bc037ad0a5418cbfe2447e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "ca8f0af315b98cfb6d97220c239ddde5"
age: 5862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hzST9v%2FV6JF19K7T%2FZDh4%2Fu3lB%2Bd5WMzEZX3k7dumHYZJ7I33rqGuw0cahVZuv95GYSEijcWgttexcE5YZ3r2NCxBroDoAzYyxqQ32PA0rgqQlnBkRRJRlJ2Z4UxpHoE0326WydrX4rqU3LHfg76Cx116w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289bdb994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81306
server: cloudflare

GET
H2 200 decor_item_5.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 65 KB
65 KB 54ms
51ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/decor_item_5.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fb6b9cef43443a62c0140d1edc8fc2c23536b6eac393ca0aadc1600ba9babc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "0f5a433906012670d7829f75816f8e25"
age: 5862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCmqvpIz2BKOCyQ%2Bp7AKBdUH55oML6VTnNRtEulm%2BIGZ0CHHtHABoPdAV79G4hSA%2FwBZA2FTonWhrJ8jz789%2FFgCfN4VPZWfIZxAMIJyFk6qLjKDbWKRhYCd2pa%2BpF8YzX7doP2eX%2F9KdyD5A6IuN1dmGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289bfb994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 66092
server: cloudflare

GET
H2 200 coin_1.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 24 KB
25 KB 53ms
51ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/coin_1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc464231d8cc2e9403b3b6acdfc6b2c5cd1fb3c846d338519526cfc4a1733bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "40c4c80d2928064221ba20a5def09ae6"
age: 5862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4ypcwC4u4ZHb2fdhlC%2BJweQao2hh%2B8ZVthVX5SJD7KE8zVMqKGsMdhCPMUwg5kfVs51kG5FEHiu44vVmwLoQBILpFdqXpXJmysRQKnRX3YSKh2rWi1qX09SUHlgstfmq8VrcB9nSHuNg88i5GqU97Hkvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289c0b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24915
server: cloudflare

GET
H2 200 coin_2.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 30 KB
31 KB 66ms
64ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/coin_2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9178a89489521c36e042ca0ba4823aff7aba1c88e3f5fd1c00a0c0d9b70de113

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "32a3dd56571140c75a7def8e6c22f5ba"
age: 585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v775Zb1WeDn9aZAfEhSLnn7X7YPju8OmQWxAld1vh6yOtjZVINHk3jDpqPOmA9yh7K8EuVt%2FGRd%2FmUCcQHBqAk%2F3gFo5ZFXTOuchO65OJvj8gVTkqKhAXV0tQXxQYQtpvWuJ5iEXStguzIuZV%2BmwV91z%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289c2b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31203
server: cloudflare

GET
H2 200 coin_3.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 10 KB
11 KB 52ms
50ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/coin_3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f11a1e6c3319784814a4b8b3465f940393f1c65a67204d2074bf890ac46452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "0fbb4785938f35663d5b826af53a9209"
age: 585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hC9hBVoBO8LuRBt9r1ccZ4si8bLf3QarDq%2BNgUs6O0Tgi8tTo05qRqdzxrsM7nj8bZEQZqwoqmm6mUXTFFgF8GH2LIQnjm4GmGoXdcqgIT6OiaKn8j3lnQZhHQZSyNd2GpKq83O8vVJsU9H6be1coTXhgw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289c3b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10413
server: cloudflare

GET
H2 200 coin_4.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 8 KB
8 KB 52ms
51ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/coin_4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107a289ae48a2dd791cff88823498e3e63ef8883df40da9b9236e3465ebfa627

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "a620dd4734a5c904150b82bdfec7e92c"
age: 585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STGkF6VQYl%2F7mge8PALO3ng%2BW4HabChSQ1E2Dh2yZzgsETtRCd6lHWBXWSmqWF31edpEFamUAZnVpaTydKqkiRQ5%2FFmVfxu%2FZZh0oT62Qk91KlQ4oh%2B43jNbrK%2BJlncPYxPLc1yAy3qLMigwAa7MS3myJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289c6b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8183
server: cloudflare

GET
H2 200 coin_5.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 7 KB
8 KB 65ms
63ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/coin_5.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef2d4e6385b7f413957af9da26915590bc7c3f52fd14c27224240d477bd1b7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "a8053476144fbce47c3f59ae43f3f4fd"
age: 585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RmYa9DVlqZ9aVj%2BPCkjDtvLiQ%2B5Nap951D86fYarxSYh9u%2F%2F5W4cTki5%2FD3MU1qvU3Yrq42Jq5cLj9zv2wtKJpWjjU5Wis3wBRIJ51dyyFO9Tl%2BNOs14zPsnNDG7iIWdtjHL6BWoLLx9lMLFOrd%2Bq0QKRA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632a9d3b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7441
server: cloudflare

GET
H2 200 girl_right.png
wheel-girls-pinco-ru.pu220ev.com/img/decor/ 102 KB
102 KB 64ms
63ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/decor/girl_right.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be38368f62ba70fb6292b0da63de346c7a5d59c10da6ca29718ff877cd34542

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "6d474a8ffd8d1319210975b08c4ad0b4"
age: 585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RMrPl1bFwqdz%2FHvTtqPkbSRXoUUBvejzS7icCVBX5fBLNYo1Fy23zPvGJy%2Fs82AkVvPBlWwDbXQF3Y4Nt26e6X%2BEYbwNmKKsVjztou9Wa6eTjJhPUVPcptoFwbFLl94lyrTgDrEMxwICH5%2FWO2khhYB2kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632a9d8b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 104061
server: cloudflare

GET
H2 200 ribbons.svg
wheel-girls-pinco-ru.pu220ev.com/img/title/ 215 KB
48 KB 64ms
63ms Image
image/svg+xml 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/title/ribbons.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c788948c9380b1d7671a739de72b96c3211bcfc43a200de9be3fcc58fa2501c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"faaa95d3ddec60713de4301d5bde3d18"
age: 585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJ3bPJ4gsy%2FKTSuOUYKlhd%2FNutp%2BLqQYmBq9cqpUnZo2unX9C0NWM3fMmZksdDeikNIBkBo9WEccOwZICMI1I3w62lKpZxgc0SNDNpB8jEhbZoJCBbf%2FNMrP3nN6QH%2FXSDm7DMx8B7hEh8QNrNbT5Lp85w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632a9dab994-AMS
access-control-allow-origin: *
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 title-modal.svg
wheel-girls-pinco-ru.pu220ev.com/img/title/ 231 KB
62 KB 65ms
64ms Image
image/svg+xml 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/title/title-modal.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd0ba47a33529460b2ffcb6b17b3f918902ef5e406ff09041f9100fc08c3d19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4f0909da120c72c325b3f90a9806c089"
age: 585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2p%2BaVCcwFeWwguccunEewYQn5rtczg4pmufBOpiahOWUewTrD5RnIvGQz3z9XjJrROdycJOtQvdM0wVv8VrOXVI4TwmUk%2BRXR%2F9NEfr2NkzO6LB6DbqDxnTkF8ozU6vAyFS4ynyVN5cbVOJ1OXPqH59dA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632a9ddb994-AMS
access-control-allow-origin: *
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 159ms
59ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

ESF /

Resource Hash

6525a0a48c7f00cddac018660e48dccc71ee0a4555260ec32f0b6c32548bdc15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 29 Sep 2024 08:58:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 29 Sep 2024 08:58:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 bundle.js Show response
wheel-girls-pinco-ru.pu220ev.com/ 93 KB
22 KB 53ms
50ms Script
application/javascript 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

884a700a2165fba97fc02566b7ab01cdc70c94244a90238c5aa245ce2c38f963

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0114d9b469c7440cab92a42ac9870fc5"
age: 586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lIo2nQna3b%2FqussL15VOQNXSYsjdMCD0ZCMrMP5VBd9sUe4CMufRKula09k8MDqSs5rEuzy2NyDajdad0hrdZsXJU1Tm8Aqm9ftyZ4LUbNo1SitnuLPdhhI%2B3ECZmc5csJI3JR2gGf0qca5FPEhaTIorQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac63289bbb994-AMS
access-control-allow-origin: *
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
80 KB 177ms
67ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZ4GX8TW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b0f96529fea85291c88ea61332508a44d02b257773fa3b1533ca5f2fb258952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 29 Sep 2024 08:58:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 29 Sep 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81621
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 fp.js Show response
fs.pudaf.com/ 217 KB
65 KB 107ms
51ms Script
application/javascript 3.122.77.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.pudaf.com/fp.js
Requested by: Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.122.77.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-77-146.eu-central-1.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: 2b0d0e40422d8e228060eed1d67622c0531ff4c4667f4c16aab12b5f9bf7a5a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

content-encoding: gzip
date: Sun, 29 Sep 2024 08:58:55 GMT
etag: W/"66c747ae-36528"
content-type: application/javascript
last-modified: Thu, 22 Aug 2024 14:14:06 GMT
server: nginx/1.27.1

GET
H2 200 tags.js Show response
js.datadome.co/ 168 KB
31 KB 85ms
26ms Script
text/javascript 18.66.122.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-18.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

129b6bebf824e1042af0277bf928b37875ff4a395a89ea90b580f10cb407c768

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

content-encoding: gzip
x-amz-version-id: EwqYFq9urumt1hIs4RASZna7XOdUg3Qm
etag: W/"d14725d867da63503272f34dc4394863"
age: 3444
x-cache: Hit from cloudfront
x-amz-cf-id: VurOC1CHWe3a5GJAgHP2pRsBDds9hCRDjl9Gt3rnl_Zgm15pe7FTzQ==
date: Sun, 29 Sep 2024 08:01:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
last-modified: Thu, 26 Sep 2024 07:50:35 GMT
strict-transport-security: max-age=15768000
cache-control: max-age=3600, public
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bg.jpg
wheel-girls-pinco-ru.pu220ev.com/img/ 143 KB
144 KB 30ms
30ms Image
image/jpeg 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/bg.jpg

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b392ee8a517c0cb34404a0eb51e3a5c8507ace4fad8dff09bb5f315b10f7c231

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Response headers

cf-cache-status: HIT
etag: "9adc1e0c0bfbdb5c5298ce70d5dcaf1d"
age: 5390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQ1i3gKD%2FgHaIweBbE8XEC2%2F5wRFdksgABl%2FjCmhkj1pxFKIIQPn3V%2Boch%2BQqJ5tXYdIe5N814Np8v1wwqT73WHfNmXsHMiBcG6eW3I2waO4yEJP4%2BAN8ZPRe1ukSqdpnNQ2EHVy%2BrQiymQueVcFlS8naQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632ea1ab994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 146654
server: cloudflare

GET
H2 200 wheel-center.png
wheel-girls-pinco-ru.pu220ev.com/img/ 6 KB
6 KB 41ms
41ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/wheel-center.png

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e67bffd99c8c58b3893dcb75eb5c125be4cb29fb7738a94a4748ec30eb8f6c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Response headers

cf-cache-status: HIT
etag: "dadcc98f2f4fd8ee274108df9875b6a0"
age: 4984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9knCziiLgY8hsy%2Bcp7Iyvz49i0h64%2BImG7ef8I%2FzIbhCsYSfVhvfE%2BAzvWZZ2g1Yjzf%2BoFLuIk74V3fb3Gh0MRIP9xZGKjnLa95pv7fnDEeflmkyEyDSYfM3DMQb5uHCQggYpXYLqLnMW47DU6XZhARuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632ea1eb994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6210
server: cloudflare

GET
H2 200 wheel-top.png
wheel-girls-pinco-ru.pu220ev.com/img/ 7 KB
7 KB 37ms
36ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/wheel-top.png

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e729dce1488b033344718e68af116bf81b7ce123e62736a28199bd28f194895

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Response headers

cf-cache-status: HIT
etag: "dc2825c04a4cca4c340b446d72f17692"
age: 4984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03LN5mn5rLm%2BhpvOPNrN38elv79z%2FugjPtb5%2FZNYiltqT06Wi6JW3M9%2BFSKqe%2BDpXXCqUk6SV1xC4WRqpn0kCMoSA5iRtAVRxTxnWZIt05EvUFNucHqi%2Fzt4y%2B4J7eempYQzrqUcc3Y%2BPg5jBLpude71LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632ea21b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7331
server: cloudflare

GET
H2 200 wheel_sprite-ru.png
wheel-girls-pinco-ru.pu220ev.com/img/ 39 KB
40 KB 33ms
32ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/wheel_sprite-ru.png

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06627c071b72d78f36c3f54716e79e6cb5468717f91cc08c4e86cd964a6d043e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Response headers

cf-cache-status: HIT
etag: "220fb5cc1eac0991549358686de905de"
age: 4984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iONyTjXgK5VK6WbFVlL5nuyFv1perfZa%2BwwJESLrYaIDWTUOJlPqATU%2FUuYl4eHA7JBMaPijbAFpaB2iJ%2FserDt9q9hkBgdzzNnrZSXTmTJfNEpoSbpJFy14qRZnauxgLa5eAyIcCg0bc4vKJk76aBo54A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632ea22b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40207
server: cloudflare

GET
H2 200 wheel-frame.png
wheel-girls-pinco-ru.pu220ev.com/img/ 121 KB
122 KB 34ms
33ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/wheel-frame.png

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b58a38c3563b592fb224599f58d858e094ac60392ba73e811e8a07208b510750

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Response headers

cf-cache-status: HIT
etag: "5a13bc38b94a9ae28683f2cacc648cbb"
age: 5862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IGk7Ara6VOa6gQu0%2BpQb5t0ogyThh9ifrDYf0Ivv08pzEs8TeJRVLGg3mHNPBD9OVcBR4oezq5%2BrpJ013y0FSyJpn4fkAZzPsFIpVzkhsEZE0h6MMtqEUqYXhhPA3hZ507LYchXfDMh08SCcZUHez226gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632ea24b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 124269
server: cloudflare

GET
H2 200 wheel-podium.png
wheel-girls-pinco-ru.pu220ev.com/img/ 34 KB
34 KB 35ms
35ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/wheel-podium.png

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7812d50a065a0a0d51da292343a134c92751a789ff230c99a98967214ea16e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Response headers

cf-cache-status: HIT
etag: "dc5aeb83b2501cccefa46acf36cf6023"
age: 4984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j408qGvoXpnYr%2BG01pxBmaw0qG9WaXPZx7liKIN8%2FyU4PuTjeBqL%2BisATiue41%2FHBDYkLkf4x3bgJ2xFZpJQ7hp9jYhxcUPAwOLzHMbO%2Bq2LnYz07%2Fpyn6sF1y60Br3%2F0XmkNsO7Jh1X%2B7Is1UeDkych0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632ea25b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34846
server: cloudflare

GET
H2 200 Roboto-Medium.woff2
wheel-girls-pinco-ru.pu220ev.com/fonts/src/fonts/Roboto-Medium/ 65 KB
65 KB 44ms
44ms Font
font/woff2 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/fonts/src/fonts/Roboto-Medium/Roboto-Medium.woff2

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79950ee4e44866f1fb3b7c5fa755d8a267cf79eeff962dd3bb4f8a9e974f761c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wheel-girls-pinco-ru.pu220ev.com
Referer: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Response headers

cf-cache-status: HIT
etag: "7bb076342c04c3ba312dd7d829c27661"
age: 6968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NuycnMbyijVQS3qdsfylsfrqFh%2BIuPwSY4OSvcpGahBVff%2BSurbG%2FO3%2B3b6M5ygguqLQkywYVMiv6YwoWm57bNoTa5ncKUvf6my8ODECFhIF1617X4Uoe8e7uDTwRPXD6ce3YijX6mjuf4Kl7HUhnrB8Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632fa36b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 66648
server: cloudflare

GET
H2 200 Roboto-Regular.woff2
wheel-girls-pinco-ru.pu220ev.com/fonts/src/fonts/Roboto-Regular/ 64 KB
65 KB 47ms
47ms Font
font/woff2 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/fonts/src/fonts/Roboto-Regular/Roboto-Regular.woff2

Requested by

Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wheel-girls-pinco-ru.pu220ev.com
Referer: https://wheel-girls-pinco-ru.pu220ev.com/main.css

Response headers

cf-cache-status: HIT
etag: "fc38b49d9e144033b2696aeab9785491"
age: 6968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoNhamHZIGL8xjWGcWdBvZL7n0lYMUZxCqw7K1xjbeJ3lRi3j0upj8N8n3CKfitTbuwlrCXWtxS5W3wKU%2BGzL9r4q4JleAvbNAB%2BS4gIiVeirsyPaGe%2By12YcU1bWUyQ3iVhIlAFyY0b%2FD6YpH9O9NVfdA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:55 GMT
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac632fa37b994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65992
server: cloudflare

GET 449a85b8-b0be-4262-b155-eb510cf35460
https://wheel-girls-pinco-ru.pu220ev.com/ Frame 0
0

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 540 KB
214 KB 57ms
25ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

63b45f24e11a9f36579c4863598884af41989a8eaf9e23f923149251f7d5618e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wheel-girls-pinco-ru.pu220ev.com
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

content-encoding: gzip
age: 277978
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 03:45:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 03:45:58 GMT
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219010
x-xss-protection: 0
server: sffe

GET
H2 200 russia.png
wheel-girls-pinco-ru.pu220ev.com/img/country/ 120 B
597 B 39ms
39ms Image
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/country/russia.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df0a50d39011b2dc412647e725fbf47a5075f78ddf3c9aba041b0e1927080afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "09b6fdfd8852f8981750396ff35620e2"
age: 4984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FizrgPV5nHQPmpTWTfXdXLaKRKFTmgrbjS0YFe0SAKuO9FMRooyFCgiX4G99cFQF%2B5IpqgHpLh2f4v%2BBrcFthXDZPxoKt6RfoUW8kgmE8SwfeW7Ygqy1gI3YwaxTUC9TqMD3eGPuP0rAVSUCYgIzUjdKZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac633fb0bb994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 120
server: cloudflare

POST
H2 200 / Show response
api-js.datadome.co/js/ 232 B
463 B 100ms
26ms XHR
application/json 3.65.45.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.datadome.co/js/

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.65.45.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-45-255.eu-central-1.compute.amazonaws.com

Software

DataDome /

Resource Hash

bf52104eae0ae57dfdf49080dcede5705c633ba494d65522bfc3d2a1201b1b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
content-length: 232
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: application/json;charset=utf-8
server: DataDome

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 7ADA 0
0 160ms
61ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly93aGVlbC1naXJscy1waW5jby1ydS5wdTIyMGV2LmNvbTo0NDM.&hl=nl&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=xxzn436i2qro

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sYFLoM1hnvlFiSgQ2617WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-girls-pinco-ru.pu220ev.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sYFLoM1hnvlFiSgQ2617WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Sep 2024 08:58:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 p
f.pudaf.com/ Frame 0
0 75ms
23ms Preflight 18.158.54.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.54.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-54-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ak,content-type,ri,si
Access-Control-Request-Method: POST
Origin: https://wheel-girls-pinco-ru.pu220ev.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type,if-none-match,x-ctr,ak,si,ui,ri
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
access-control-max-age: 43200
date: Sun, 29 Sep 2024 08:58:56 GMT
vary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 p Show response
f.pudaf.com/ 137 B
894 B 66ms
64ms Fetch
application/json 18.158.54.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Requested by: Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.54.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-54-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2f6abb04a3eec30f7a75436e0432dfc5c23dd2a0e0267ffdc420d4456983be7

Request headers

ak: vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer: https://wheel-girls-pinco-ru.pu220ev.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/html, text/plain
ri: 28a40b984b28489d8d024376c7d33647
Content-Type: application/octet-stream
si: 25fbfedbf6e14f9d9b389aee11fda785

Response headers

access-control-max-age: 43200
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
etag: 66f916d043b63e9e4d0baa58
accept-ch: sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id: 5ff3dd30ab8e065a6563bf3a55ff14f0
access-control-allow-origin: *
content-length: 137
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: application/json
last-modified: Sun, 29 Sep 2024 08:57:16 GMT

HEAD
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 0
24 B 88ms
41ms Fetch
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

content-encoding: br
etag: 16282439947007101767
x-content-type-options: nosniff
expires: Sun, 29 Sep 2024 08:58:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52472
x-xss-protection: 0
server: cafe

POST
H2 200 p Show response
f.pudaf.com/ 137 B
892 B 35ms
32ms Fetch
application/json 18.158.54.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p
Requested by: Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.54.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-54-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2f6abb04a3eec30f7a75436e0432dfc5c23dd2a0e0267ffdc420d4456983be7

Request headers

ak: vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer: https://wheel-girls-pinco-ru.pu220ev.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/html, text/plain
ri: 28a40b984b28489d8d024376c7d33647
Content-Type: application/octet-stream
si: 25fbfedbf6e14f9d9b389aee11fda785

Response headers

access-control-max-age: 43200
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
etag: 66f916d0eca03a5b4084c8a7
accept-ch: sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id: 5a1a428062a74bab8ab0b4cc872e62cc
access-control-allow-origin: *
content-length: 137
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: application/json
last-modified: Sun, 29 Sep 2024 08:57:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
102 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DPE8XS53LM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ4GX8TW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01a074d4953610bc616da0ecd637fe72e73bc809a23984aa987079f64a078401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 29 Sep 2024 08:58:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104575
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.3/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

7 KB
3 KB

27ms
27ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1c28-4f+2/GWZhXlozjo2GiBA+7VB9Ow"
age: 4597092
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J4NFY3ESJWH5112WB2GT4TQE-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8caac6383a4b0b4e-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@4.2.3/dist/web-vitals.iife.js
content-encoding: br
cf-cache-status: HIT
age: 531
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8caac63809fb0b4e-AMS
access-control-allow-origin: *
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01J8YFJ0MAD4A55SC84T30NBP4-ams
server: cloudflare

GET
H2 200 favicon-32x32.png
wheel-girls-pinco-ru.pu220ev.com/img/favicon/ 2 KB
2 KB 30ms
30ms Other
image/png 2606:4700:20::681a:2d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-girls-pinco-ru.pu220ev.com/img/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg

Response headers

cf-cache-status: HIT
etag: "ab1156a8eb2af8e913fe675d02676f04"
age: 1096
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uh5xW2MdcvgBeP6nPjDTIZPPQcwYCSTpAcHCRC2RRV5stmHaXwDeO6y4Cv%2FEdDSrb9UT4OJ8Fg5i%2BDnfYFR%2Ff8Rw0OFlEDaEaQKUwKGEtR8BQOBFmwyNFXXMoMvLrxHt%2FgelB1xcTFGXLT7uPsfhVr7aqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8caac637ce9ab994-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1671
server: cloudflare

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
556 B 55ms
20ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DPE8XS53LM&gtm=45je49p0v9194892585z89192584757za200zb9192584757&_p=1727600335756&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1059677164.1727600337&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dr=https%3A%2F%2Fqchista12.ru%2F&sid=1727600336&sct=1&seg=0&dl=https%3A%2F%2Fwheel-girls-pinco-ru.pu220ev.com%2F%3Fform_email%3D%257Bform_email%257D%26form_phone%3D%257Bform_phone%257D%26lang%3Dru%26lrrPath%3Dcasino%26pc%3D30%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26source%3Dhttps%253A%252F%252Fqchista12.ru%252F%26st%3DofkvLVVC%26startTime%3D1727600335442125086%26trId%3Dcrshdjv4otes73fiojrg&dt=100%20000%20%E2%82%BA%20%2B%20250%20fs&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_version=GTM-NZ4GX8TW%20%7C%20v.%202&ep.user_fp=66f916d043b63e9e4d0baa59&ep.transport_type=beacon&ep.timestamp=2024-09-29%2010%3A58%3A56&up.is_exist_player=false&up.language_site=&up.platform=desktop&up.screen_resolution=1600x1200&up.is_incognito=false&tfd=1400
Requested by: Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wheel-girls-pinco-ru.pu220ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
49 B 39ms
21ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DPE8XS53LM&gtm=45je49p0v9194892585z89192584757za200zb9192584757&_p=1727600335756&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1059677164.1727600337&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dr=https%3A%2F%2Fqchista12.ru%2F&sid=1727600336&sct=1&seg=0&dl=https%3A%2F%2Fwheel-girls-pinco-ru.pu220ev.com%2F%3Fform_email%3D%257Bform_email%257D%26form_phone%3D%257Bform_phone%257D%26lang%3Dru%26lrrPath%3Dcasino%26pc%3D30%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26source%3Dhttps%253A%252F%252Fqchista12.ru%252F%26st%3DofkvLVVC%26startTime%3D1727600335442125086%26trId%3Dcrshdjv4otes73fiojrg&dt=100%20000%20%E2%82%BA%20%2B%20250%20fs&_s=2&tfd=1418
Requested by: Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wheel-girls-pinco-ru.pu220ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 08:58:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
57 B 21ms
20ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DPE8XS53LM&gtm=45je49p0v9194892585za200zb9192584757&_p=1727600335756&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1059677164.1727600337&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&dr=https%3A%2F%2Fqchista12.ru%2F&sid=1727600336&sct=1&seg=0&dl=https%3A%2F%2Fwheel-girls-pinco-ru.pu220ev.com%2F%3Fform_email%3D%257Bform_email%257D%26form_phone%3D%257Bform_phone%257D%26lang%3Dru%26lrrPath%3Dcasino%26pc%3D30%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26source%3Dhttps%253A%252F%252Fqchista12.ru%252F%26st%3DofkvLVVC%26startTime%3D1727600335442125086%26trId%3Dcrshdjv4otes73fiojrg&dt=100%20000%20%E2%82%BA%20%2B%20250%20fs&en=scroll&ep.gtm_version=GTM-NZ4GX8TW%20%7C%20v.%202&ep.user_fp=66f916d043b63e9e4d0baa59&ep.transport_type=beacon&ep.timestamp=2024-09-29%2010%3A58%3A56&epn.percent_scrolled=90&_et=5&up.is_incognito=false&tfd=6418
Requested by: Host: wheel-girls-pinco-ru.pu220ev.com
URL: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheel-girls-pinco-ru.pu220ev.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wheel-girls-pinco-ru.pu220ev.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 08:59:01 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apkiranna.com
URL: https://apkiranna.com/favicon.ico

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/1/NRJS-70d296500a1ce2f6999?a=1527573371&v=1.265.1&to=YgFTNhADC0BUARZYX1tLcAEWCwpdGiMSQWx9EEUSPiEKXUEQDV1cUBZCPjAHAVpHBwFFc1oKRRANDglWRyIQVFRcFlQBFg%3D%3D&rst=202&ck=0&s=1184a483ec736898&ref=https://apkiranna.com/group&ptid=06ca367a01ddf80a&af=err,spa,xhr,stn,ins&ap=8&be=97&fe=35&dc=31&at=TkZQQFgZGE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1727600334904,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:16,%22c%22:16,%22s%22:34,%22ce%22:55,%22rq%22:55,%22rp%22:98,%22rpe%22:118,%22di%22:128,%22ds%22:128,%22de%22:128,%22dc%22:130,%22l%22:130,%22le%22:132%7D,%22navigation%22:%7B%7D%7D

Domain: wheel-girls-pinco-ru.pu220ev.com
URL: blob:https://wheel-girls-pinco-ru.pu220ev.com/449a85b8-b0be-4262-b155-eb510cf35460

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qchista12.ru/	1970-01-21 00:37:58	Name: _subid Value: 1l9rlpf550i
qchista12.ru/	1970-01-20 23:54:46	Name: 84884 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4XCI6MTcyNzYwMDMzNX0sXCJjYW1wYWlnbnNcIjp7XCIzXCI6MTcyNzYwMDMzNX0sXCJ0aW1lXCI6MTcyNzYwMDMzNX0ifQ.iPtv1ppiurZV1AF8XtnNQ8PvSrEmU1-rILbWWDjXEQg
partnerprofitboost.com/	1970-01-20 23:54:46	Name: click-2024-09-29 Value: ",ofkvLVVC"
.partnerprofitboost.com/	1970-01-20 23:53:22	Name: __cf_bm Value: VCTwC3iLL3fOZFuH6p0Ry9bo40i9NSy8Y8DPTeOnryk-1727600335-1.0.1.1-kHjXSzrPDe8NrJKEbpyMN9BVLMDtVS2Cqffoe79aTjCQzhL_Fr1m5vOazF_mivY0HZBJvsIQC6fxgRKcO.rlpw
.pu220ev.com/	1970-01-20 23:53:22	Name: __cf_bm Value: 2F_xKVbCbuH_FpeoEMPEaoPJj5KndSrbZdn57Zqy52U-1727600335-1.0.1.1-ehMhQfejpYUurutTZ.tttaU10Zs83gDBjfzyhcmLHuWv3EnUljDXzt_cpWOTQB.YOY6n3AwlpZ0hvwL8_owWRg
.pu220ev.com/	1970-01-21 08:38:56	Name: datadome Value: MNLqRy5zpwZO7KBSEIUdN2gVmcq6Dzlc2Lc10GF0Y5rEF1~oiqMi0mVrOHsUlfdAvWZAz_eAtHtH6buGDsCHTyXtUBWSSzUpXVYeAVEfn0L9ypE6UwYJQwot8O_fG~nD
wheel-girls-pinco-ru.pu220ev.com/	1970-01-21 04:12:32	Name: ga-x3sdiid0 Value: UODE3ZGFmMTVlYWg5MzliZDY5NGUxNmJmZGZlYmVmMj
wheel-girls-pinco-ru.pu220ev.com/	1970-01-21 04:12:32	Name: ga-d98gkkii Value: 66f916d043b63e9e4d0baa59
.pu220ev.com/	1970-01-21 09:29:20	Name: _ga Value: GA1.1.1059677164.1727600337
.pu220ev.com/	1970-01-21 09:29:20	Name: _ga_DPE8XS53LM Value: GS1.1.1727600336.1.0.1727600336.0.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apkiranna.com/favicon.ico Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
javascript	error	URL: https://apkiranna.com/group Message: Access to XMLHttpRequest at 'https://bam.nr-data.net/1/NRJS-70d296500a1ce2f6999?a=1527573371&v=1.265.1&to=YgFTNhADC0BUARZYX1tLcAEWCwpdGiMSQWx9EEUSPiEKXUEQDV1cUBZCPjAHAVpHBwFFc1oKRRANDglWRyIQVFRcFlQBFg%3D%3D&rst=202&ck=0&s=1184a483ec736898&ref=https://apkiranna.com/group&ptid=06ca367a01ddf80a&af=err,spa,xhr,stn,ins&ap=8&be=97&fe=35&dc=31&at=TkZQQFgZGE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1727600334904,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:16,%22c%22:16,%22s%22:34,%22ce%22:55,%22rq%22:55,%22rp%22:98,%22rpe%22:118,%22di%22:128,%22ds%22:128,%22de%22:128,%22dc%22:130,%22l%22:130,%22le%22:132%7D,%22navigation%22:%7B%7D%7D' from origin 'https://apkiranna.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bam.nr-data.net/1/NRJS-70d296500a1ce2f6999?a=1527573371&v=1.265.1&to=YgFTNhADC0BUARZYX1tLcAEWCwpdGiMSQWx9EEUSPiEKXUEQDV1cUBZCPjAHAVpHBwFFc1oKRRANDglWRyIQVFRcFlQBFg%3D%3D&rst=202&ck=0&s=1184a483ec736898&ref=https://apkiranna.com/group&ptid=06ca367a01ddf80a&af=err,spa,xhr,stn,ins&ap=8&be=97&fe=35&dc=31&at=TkZQQFgZGE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1727600334904,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:16,%22c%22:16,%22s%22:34,%22ce%22:55,%22rq%22:55,%22rp%22:98,%22rpe%22:118,%22di%22:128,%22ds%22:128,%22de%22:128,%22dc%22:130,%22l%22:130,%22le%22:132%7D,%22navigation%22:%7B%7D%7D Message: Failed to load resource: net::ERR_FAILED
recommendation	verbose	URL: https://wheel-girls-pinco-ru.pu220ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=ru&lrrPath=casino&pc=30&s1=&s2=&s3=&s4=&s5=&source=https%3A%2F%2Fqchista12.ru%2F&st=ofkvLVVC&startTime=1727600335442125086&trId=crshdjv4otes73fiojrg Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
apkiranna.com
bam.nr-data.net
f.pudaf.com
fs.pudaf.com
js-agent.newrelic.com
js.datadome.co
pagead2.googlesyndication.com
partnerprofitboost.com
qchista12.ru
region1.google-analytics.com
unpkg.com
wheel-girls-pinco-ru.pu220ev.com
www.google.com
www.googletagmanager.com
www.gstatic.com
apkiranna.com
bam.nr-data.net
wheel-girls-pinco-ru.pu220ev.com
142.250.185.226
142.250.185.227
142.250.186.100
18.158.54.55
18.66.122.18
2001:4860:4802:32::36
2602:816:5001::39
2606:4700:20::681a:2d3
2606:4700::6811:f8cb
2a00:1450:4001:803::2008
3.122.77.146
3.65.45.255
37.252.15.57
45.147.176.74
45.67.214.8
01a074d4953610bc616da0ecd637fe72e73bc809a23984aa987079f64a078401
06627c071b72d78f36c3f54716e79e6cb5468717f91cc08c4e86cd964a6d043e
072da1be544d871fb2cc2f7e87e7ea39badf5051c6bc037ad0a5418cbfe2447e
0c522a4457de501d8f7bffaf4f8dec74c011c7c09aa4a38734c6ea2f83beec77
107a289ae48a2dd791cff88823498e3e63ef8883df40da9b9236e3465ebfa627
129b6bebf824e1042af0277bf928b37875ff4a395a89ea90b580f10cb407c768
1bc464231d8cc2e9403b3b6acdfc6b2c5cd1fb3c846d338519526cfc4a1733bf
1c788948c9380b1d7671a739de72b96c3211bcfc43a200de9be3fcc58fa2501c
22a079cc6b15cb43cffba44a87bb07bec04fb3ca7915decc0e20b3a10e79853c
2b0d0e40422d8e228060eed1d67622c0531ff4c4667f4c16aab12b5f9bf7a5a7
33d3b3bb4bb850af5ae358160f9a1e04fde26a0a93321f197ec244e22e12d606
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4be38368f62ba70fb6292b0da63de346c7a5d59c10da6ca29718ff877cd34542
4fb6b9cef43443a62c0140d1edc8fc2c23536b6eac393ca0aadc1600ba9babc3
59da0dfd36307876e68b2ef44e0b50cae13dfbd5f95ea13e359043a9a89d7f5e
5b0f96529fea85291c88ea61332508a44d02b257773fa3b1533ca5f2fb258952
5e729dce1488b033344718e68af116bf81b7ce123e62736a28199bd28f194895
63b45f24e11a9f36579c4863598884af41989a8eaf9e23f923149251f7d5618e
6525a0a48c7f00cddac018660e48dccc71ee0a4555260ec32f0b6c32548bdc15
6f11a1e6c3319784814a4b8b3465f940393f1c65a67204d2074bf890ac46452e
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22
7812d50a065a0a0d51da292343a134c92751a789ff230c99a98967214ea16e89
79950ee4e44866f1fb3b7c5fa755d8a267cf79eeff962dd3bb4f8a9e974f761c
884a700a2165fba97fc02566b7ab01cdc70c94244a90238c5aa245ce2c38f963
8e67bffd99c8c58b3893dcb75eb5c125be4cb29fb7738a94a4748ec30eb8f6c0
8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2
9178a89489521c36e042ca0ba4823aff7aba1c88e3f5fd1c00a0c0d9b70de113
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
a5e9250b23598712d9e595e9e34be1c79a22da830f31481e7f46d3d1b58df242
b392ee8a517c0cb34404a0eb51e3a5c8507ace4fad8dff09bb5f315b10f7c231
b58a38c3563b592fb224599f58d858e094ac60392ba73e811e8a07208b510750
bf52104eae0ae57dfdf49080dcede5705c633ba494d65522bfc3d2a1201b1b88
c2f6abb04a3eec30f7a75436e0432dfc5c23dd2a0e0267ffdc420d4456983be7
df0a50d39011b2dc412647e725fbf47a5075f78ddf3c9aba041b0e1927080afa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4334fccae5c613a664dd39fd3ee289452925cf79839df2b58bd9a3e06a5aac
ef2d4e6385b7f413957af9da26915590bc7c3f52fd14c27224240d477bd1b7e4
f29c7e9f5da8f32a594db77e2929d764f1772d1811eef4339815f0deeafe00f4
f9580f3e0b97067910d54bef70a71d4fa1e6258253355f7d8ddca73e8e3f5fda
fd0ba47a33529460b2ffcb6b17b3f918902ef5e406ff09041f9100fc08c3d19a

wheel-girls-pinco-ru.pu220ev.com Open in urlscan Pro 2606:4700:20::681a:2d3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

92 %HTTPS

33 %IPv6

14 Domains

16 Subdomains

15 IPs

4 Countries

1841 kBTransfer

3371 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wheel-girls-pinco-ru.pu220ev.com Open in urlscan Pro
2606:4700:20::681a:2d3 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

92 %
HTTPS

33 %
IPv6

14
Domains

16
Subdomains

15
IPs

4
Countries

1841 kB
Transfer

3371 kB
Size

10
Cookies

51 HTTP transactions
0 data transactions