Submitted URL: https://wicksisters.com/
Effective URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&cli...
Submission Tags: phishingrod
Submission: On September 29 via api from DE — Scanned from NL

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::6815:26f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.elontr.com.
TLS certificate: Issued by WE1 on August 9th 2024. Valid for: 3 months.
This is the only time promo.elontr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37.252.15.57 58061 (SCALAXY-AS)
1 2602:816:5001... 54113 (FASTLY)
1 1 78.141.210.193 20473 (AS-VULTR)
14 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 142.250.185.131 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
25 9
Apex Domain
Subdomains
Transfer
14 elontr.com
promo.elontr.com
1 MB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3391
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
1 gstatic.com
fonts.gstatic.com
32 KB
1 googlemetrics.com
googlemetrics.com
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
102 KB
1 eloncas.com
click.eloncas.com
590 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 749
32 KB
1 wicksisters.com
wicksisters.com
25 KB
0 nr-data.net Failed
bam.nr-data.net Failed
25 10
Domain Requested by
14 promo.elontr.com wicksisters.com
promo.elontr.com
2 region1.google-analytics.com www.googletagmanager.com
2 fonts.googleapis.com promo.elontr.com
1 fonts.gstatic.com fonts.googleapis.com
1 googlemetrics.com promo.elontr.com
1 www.googletagmanager.com promo.elontr.com
1 click.eloncas.com 1 redirects
1 js-agent.newrelic.com wicksisters.com
1 wicksisters.com
0 bam.nr-data.net Failed wicksisters.com
25 10

This site contains no links.

Subject Issuer Validity Valid
wicksisters.com
E5
2024-09-28 -
2024-12-27
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh
elontr.com
WE1
2024-08-09 -
2024-11-07
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
googlemetrics.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh

This page contains 2 frames:

Primary Page: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Frame ID: A6CA2D7E84BC16080C6C11D04E002929
Requests: 24 HTTP requests in this frame

Frame: https://googlemetrics.com/eljk3jd8j3kl98kl37jsnk3k/
Frame ID: 76885A518A6F935BEB7DF900A655F283
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ELON

Page URL History Show full URLs

  1. https://wicksisters.com/ Page URL
  2. https://click.eloncas.com/FAcIOsAt?landing=89 HTTP 302
    https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

25
Requests

92 %
HTTPS

67 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

1510 kB
Transfer

2651 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wicksisters.com/ Page URL
  2. https://click.eloncas.com/FAcIOsAt?landing=89 HTTP 302
    https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
wicksisters.com/
62 KB
25 KB
Document
General
Full URL
https://wicksisters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.252.15.57 , Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software
Caddy nginx/1.18.0 (Ubuntu) /
Resource Hash
175fd6e6af282e0c5f7f0d0565b1eddf633e903cac1a97c87d73d1a978e6f48a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Sep 2024 02:56:15 GMT
server
Caddy nginx/1.18.0 (Ubuntu)
nr-spa-1.265.1.min.js
js-agent.newrelic.com/
109 KB
32 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1.265.1.min.js
Requested by
Host: wicksisters.com
URL: https://wicksisters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://wicksisters.com
Referer

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"5b9d8baa112d5d1fe1575bc547a2d11c"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
32119
date
Sun, 29 Sep 2024 02:56:15 GMT
last-modified
Fri, 06 Sep 2024 15:19:57 GMT
content-type
application/javascript
x-served-by
cache-ams2100108-AMS
x-cache-hits
103837
vary
Accept-Encoding
Primary Request casino-wheel
promo.elontr.com/
Redirect Chain
  • https://click.eloncas.com/FAcIOsAt?landing=89
  • https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
548 B
818 B
Document
General
Full URL
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Requested by
Host: wicksisters.com
URL: https://wicksisters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f503653c2094b508edab66bab103c495ae2af1456aea6c71f8dbcfb9a17e44d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store
cf-cache-status
MISS
cf-ray
8ca8b2efadb8b73c-AMS
content-encoding
br
content-type
text/html
date
Sun, 29 Sep 2024 02:56:15 GMT
last-modified
Fri, 10 May 2024 14:03:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-cache-date
Sun, 29 Sep 2024 02:56:15 GMT
origin-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctoi09tFKbbWjzmk2QiwseRhE9Gu9UNnmZIZVKDgv%2FySNTz%2FRsjfeqGu%2FtxChCILopoTOhEbwSg8J3gbOPsShFxdFcGUjjVJaZ%2FfBxe5AtYxsfiP4gBRFTsgjTwGSOXPlecLD1Um0CfczNm0OBDp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, private
content-length
213
content-type
text/html; charset=utf-8
date
Sun, 29 Sep 2024 02:56:15 GMT
location
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
request-id
244aa00cc949638d9782b7e418787fa7
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
favicon.ico
wicksisters.com/
0
0

NRJS-70d296500a1ce2f6999
bam.nr-data.net/1/
0
0

speculation
promo.elontr.com/cdn-cgi/
128 B
469 B
Other
General
Full URL
https://promo.elontr.com/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://promo.elontr.com
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OsT2B6ksHc7kC4WJTxjj1FFFj%2B9W%2Fc2jgRPQzUzE7xvF5k0CZAo9i92gwfcgE3hC2BZ7GLl7nn8Ft3H3f%2BVw7BROVO6Prd0IEereZMt%2BdV2J71ZyxL4vZg7LXwVZpkHw23eodm6oI6PkTg3E10hq"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca8b2f06deeb73c-AMS
access-control-allow-origin
https://promo.elontr.com
content-length
128
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
main.64e2ac6d.js
promo.elontr.com/static/js/
1 MB
348 KB
Script
General
Full URL
https://promo.elontr.com/static/js/main.64e2ac6d.js
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88561ffdd394b8b57c6ce060da3628a6183aeec5c7c797be6994261b69e299b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

cache-control
public, no-cache
origin-cache-date
Sun, 29 Sep 2024 01:11:45 GMT
content-encoding
gzip
cf-cache-status
HIT
etag
W/"663e2947-11ddbc"
age
6270
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNaRDIcF4C5U3LhWLcoruato0Jv22wNVmSTqTzERPxuiBxOlzj3K7r3MVW%2BWGQHJt2v4e%2F%2Fu763oMXARxllHD6Evob0fU7yMeOEr55W7%2Fya2KFWfOVgl%2B3FwL3GdxXR9%2FXfPNtVjFboH0KpTVuLn"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca8b2f06decb73c-AMS
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 10 May 2024 14:03:51 GMT
main.dabe7e33.css
promo.elontr.com/static/css/
45 KB
25 KB
Stylesheet
General
Full URL
https://promo.elontr.com/static/css/main.dabe7e33.css
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3bdfd6e264ec2cecebfc590fa736165a98f92be8ed035e411c26c336cb41a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

cache-control
public, no-cache
origin-cache-date
Sun, 29 Sep 2024 01:11:45 GMT
content-encoding
gzip
cf-cache-status
HIT
etag
W/"663e2944-b260"
age
6270
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXt7%2FeZrWWS7czD6Tmzh1OzmsgoI2hM8Dje4RYmOgTqF2jSF5lq%2FicOPfqMTgw04PJMsGrcLLtVfa68hBfYBovd5KN9cEiKyZiu1e1h%2B4HJ98t5R8p0AYXj5WRdy%2FOEP39OcsX7CnAiKeatawqLc"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca8b2f06defb73c-AMS
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
text/css
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 10 May 2024 14:03:48 GMT
css2
fonts.googleapis.com/
7 KB
783 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/static/css/main.dabe7e33.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e598e91e0bfce4227e1acb5e3a1d48dae46b2067e74397cc47a2d47d661cc34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Sep 2024 02:56:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 29 Sep 2024 02:41:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
3 KB
989 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600;900
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/static/css/main.dabe7e33.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d24adbd0b50585fc986072c7a5fe8eb9707efb258e0ab94c05dce8ffae8f9357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Sep 2024 02:56:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 29 Sep 2024 02:56:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/
305 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-05RT5DLDZN
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/static/js/main.64e2ac6d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8010d3a757c3f42ead7516beab00bc4d23f74b75513c9f5a2d8bffaed58a19e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 29 Sep 2024 02:56:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104128
x-xss-protection
0
server
Google Tag Manager
/
googlemetrics.com/eljk3jd8j3kl98kl37jsnk3k/ Frame 7688
0
0
Document
General
Full URL
https://googlemetrics.com/eljk3jd8j3kl98kl37jsnk3k/
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/static/js/main.64e2ac6d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://promo.elontr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public,max-age=120,smax-age=120
cdn-cache-control
public,no-cache,must-revalidate,stale-if-error=120
cf-cache-status
DYNAMIC
cf-ray
8ca8b2f29d080e81-AMS
content-encoding
br
content-type
text/html
date
Sun, 29 Sep 2024 02:56:15 GMT
last-modified
Wed, 07 Jun 2023 10:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktyoL0PQbkmGuzhfMTz5F55avECQ9xRNyykO6N%2FMUEUMMlX7Amn%2F4ZOJs0oj0ZSVfe%2BfCziqxVNGyEHm94qvMxVWvEXEk0i3M%2BPprsvuIWgGCSMXhE7g13U8XT6D6aGpYqqDVuR9c8Cu0TGM2ArIPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600;900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://promo.elontr.com
Referer
https://fonts.googleapis.com/

Response headers

age
250824
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 05:15:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 05:15:51 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
tr.json
promo.elontr.com/languages/
3 KB
1 KB
Fetch
General
Full URL
https://promo.elontr.com/languages/tr.json
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/static/js/main.64e2ac6d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c82ea9208632cdc17987bf9c05f19bc545d92bfcb37fd28637672e2473c347f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

cache-control
public, no-cache
origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
content-encoding
br
cf-cache-status
HIT
etag
W/"663e2944-c73"
age
6269
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUUbE0i%2BCre7qy0Kuom4t8Ne2bemSgYB7az1wRFXK7nWvKAbY%2Bo%2FCKGSy8x2OzynDnTd7Ek1Ayjx256Lr87l6171U7VC%2FIZnufSYPXlv2RpTLvsCbjmQ%2FeM6uvg4xJzfAOEexLq3Csl8jlVSbYbZ"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca8b2f27ea6b73c-AMS
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
application/json
last-modified
Fri, 10 May 2024 14:03:48 GMT
vary
Accept-Encoding
server
cloudflare
elon.theme.json
promo.elontr.com/promo-themes/
3 KB
1 KB
Fetch
General
Full URL
https://promo.elontr.com/promo-themes/elon.theme.json
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/static/js/main.64e2ac6d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018f7df426108cc6b8e2ec892c78d7c845fcbb8a27f3712d5f0e213093d43f91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

cache-control
public, no-cache
origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
content-encoding
br
cf-cache-status
HIT
etag
W/"64d25a44-adc"
age
6269
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rygpj6FDlnsaTKToIxfiS%2FmwLZYC9p2t5CpW3cUzol3hpH6iWfmF5cDY0sKDDNdTqYNfI7UqIhN6NOO6VY9L282lW9npwYfwBcwGzQjhfhFcmsoFGUhmqSp6vHMPoULaKTNwj0GHwc%2BIpw4mYOx3"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca8b2f2dec4b73c-AMS
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
application/json
last-modified
Tue, 08 Aug 2023 15:07:48 GMT
vary
Accept-Encoding
server
cloudflare
elon.svg
promo.elontr.com/images/logo/
1 KB
1 KB
Image
General
Full URL
https://promo.elontr.com/images/logo/elon.svg
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e6765a40d376f8e5cf8f5be4ad2225aa8845b858268fc02d9b50b7d855f4d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

cache-control
public, max-age=7200
origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
content-encoding
br
cf-cache-status
HIT
etag
W/"663e2947-4f8"
age
6269
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLTdfYk6gsVmA4X6bUEljQGKipB6%2Bq4JEB4XPgJ%2BJ%2Be0BVD9Gd%2F3nSuz3VWlOoCaI78dDK883ALGt7S0cx6B9jny61xXiFXN13gfiQToAjBqIUxTNAWy8axaiNYw9EAletTJd3UVa3TaRJPR1LBG"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca8b2f31ed3b73c-AMS
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
image/svg+xml
last-modified
Fri, 10 May 2024 14:03:51 GMT
vary
Accept-Encoding
server
cloudflare
sparks.png
promo.elontr.com/images/wheel/
625 KB
626 KB
Image
General
Full URL
https://promo.elontr.com/images/wheel/sparks.png
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6aa59bafb9bfec94bdf996ecb596c0a42e632525f6a15e1c2132b1813e7122

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
cf-cache-status
HIT
etag
"663e2944-9c31d"
age
6269
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dt7hB1UZhcandgj8onEzUSLSIif14YA8P0o0C8R6DIdLR6tFtHj8BfZrAuu8pS0h5KBuB9RP%2BwuhqNyx7VRM3Yt6TWx4f1IC4wzYwyQQsdf1h46isq74nyLcxR%2BGip0w%2F8I4SaNY71c1Y1PRmTzv"}],"group":"cf-nel","max_age":604800}
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
image/png
last-modified
Fri, 10 May 2024 14:03:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ca8b2f31ed4b73c-AMS
accept-ranges
bytes
content-length
639773
server
cloudflare
wheelBorder.png
promo.elontr.com/images/wheel/
135 KB
135 KB
Image
General
Full URL
https://promo.elontr.com/images/wheel/wheelBorder.png
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b363e744cf514a875e5ddf8d6e140c4ad40fc0ba0866d43d5b726b6f906c3bac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
cf-cache-status
HIT
etag
"663e2947-21a91"
age
6269
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRzXkLOjWV0D9f5Qoq98lOJOjMyxY2Bhue%2FIWvVGV%2FbiHQ2B0yVPRrfmNTeHzti%2FduqG6ZYFdlnro6hJyTeldZGsbM3I198X7rji%2B4xYq9OJBSm0JikSuO4SMQi8RUt2C%2BGzUwulCRY4pgHJfFDD"}],"group":"cf-nel","max_age":604800}
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
image/png
last-modified
Fri, 10 May 2024 14:03:51 GMT
vary
Accept-Encoding
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ca8b2f31ed5b73c-AMS
accept-ranges
bytes
content-length
137873
server
cloudflare
disk.png
promo.elontr.com/images/wheel/
34 KB
34 KB
Image
General
Full URL
https://promo.elontr.com/images/wheel/disk.png
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03aaf77a942f8b02303e8795cf2c6e137ce077206a73c14f7f4395b3f81857d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
cf-cache-status
HIT
etag
"663e2944-8712"
age
6269
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o82Jy5Gr7Nef6gA1cdRfm8J54Rlh5daLeFN9VIRCgYJwVJD8TDptpr9nhGiBBnD4k71gGVegJ9iXkfYfWWaR%2FlpsFgt8hkHyk5BFGNfySE4eVLEnSnKY0w8NHVFZ5eblyvqbipx%2FpUe0ryUwsAQV"}],"group":"cf-nel","max_age":604800}
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
image/png
last-modified
Fri, 10 May 2024 14:03:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ca8b2f31ed6b73c-AMS
accept-ranges
bytes
content-length
34578
server
cloudflare
button.png
promo.elontr.com/images/wheel/
16 KB
17 KB
Image
General
Full URL
https://promo.elontr.com/images/wheel/button.png
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aeb2072b5da16570c0e93d0454bbdf527c9d3b5c5c57388d0b7656a4fad085

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
cf-cache-status
HIT
etag
"663e2947-41d8"
age
6269
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ud0JfCDc%2BJ%2FERBda46V%2Bo2qyZXpEcrFMLW8Oq1EP2NVDBXfLOAxoEoUc91gJT6%2FAdbWr3rSSMZdd8tLEZDfv2tm%2FsLR6jB530DxwUhKxyf15U9MrqMY0jdepB9VqbHdaDSvy1QGWxUXBxICW53pn"}],"group":"cf-nel","max_age":604800}
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
image/png
last-modified
Fri, 10 May 2024 14:03:51 GMT
vary
Accept-Encoding
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ca8b2f31ed7b73c-AMS
accept-ranges
bytes
content-length
16856
server
cloudflare
coins.png
promo.elontr.com/images/wheel/
102 KB
102 KB
Image
General
Full URL
https://promo.elontr.com/images/wheel/coins.png
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b539d815ec173b90f3a2f06e09774f37a33555f56ac590c90c9610aa91fa210f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
cf-cache-status
HIT
etag
"663e2947-19735"
age
6269
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2Bz0hAaZ9EN7CLDr%2BvVYZvpS0IoK3rrNEsFShpexzvmu6hQW0ttnXQVgl1ORK47vWHX8JKwjGf21nuuKLVWmwD8DNnus7cLF89m9fkF1EdNI5TPUib8nOkjw3V0V%2Fofe7IGwAdDOhFO3GON9eLrb"}],"group":"cf-nel","max_age":604800}
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
image/png
last-modified
Fri, 10 May 2024 14:03:51 GMT
vary
Accept-Encoding
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ca8b2f31ed8b73c-AMS
accept-ranges
bytes
content-length
104245
server
cloudflare
chips.png
promo.elontr.com/images/wheel/
24 KB
25 KB
Image
General
Full URL
https://promo.elontr.com/images/wheel/chips.png
Requested by
Host: promo.elontr.com
URL: https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09962bfecadb73adaf9f77d1e0b1afa6d0fffd9b77714de4affae10ba16de3ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

origin-cache-date
Sun, 29 Sep 2024 01:11:46 GMT
cf-cache-status
HIT
etag
"663e2947-61df"
age
6269
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJYIvP60XsgFSGwSrlVCPI1eFd2YMOrOdlgZvR%2BSL3dPH3YXSVjrsWa6S%2BNr48C4qlCEE%2Fs5LI%2Fr56pmoSXBZIJDG2SlbF1vI3DXMa%2FPOFmx0OFVTh8uksJKAvsFEDs7oF2Rep0yIUoalpEXDauU"}],"group":"cf-nel","max_age":604800}
origin-cache-status
MISS
date
Sun, 29 Sep 2024 02:56:15 GMT
content-type
image/png
last-modified
Fri, 10 May 2024 14:03:51 GMT
vary
Accept-Encoding
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ca8b2f31ed9b73c-AMS
accept-ranges
bytes
content-length
25055
server
cloudflare
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-05RT5DLDZN&gtm=45je49p0v9101414322za200&_p=1727578575655&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686684~101747727&cid=1915717081.1727578576&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727578576&sct=1&seg=0&dl=https%3A%2F%2Fpromo.elontr.com%2Fcasino-wheel%3Flang%3Dtr%26countryId%3D792%26currency%3DTRY%26utm_source%3D198%26utm_medium%3D%26sub_id4%3D%26sub_id5%3D%26clickid%3D01923bb5-1174-7067-b191-afa7b316e802&dt=ELON&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=941
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-05RT5DLDZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://promo.elontr.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 02:56:16 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-05RT5DLDZN&gtm=45je49p0v9101414322za200&_p=1727578575655&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686684~101747727&cid=1915717081.1727578576&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dp=https%3A%2F%2Fpromo.elontr.com%2Fcasino-wheel&sid=1727578576&sct=1&seg=1&dl=https%3A%2F%2Fpromo.elontr.com%2Fcasino-wheel%3Flang%3Dtr%26countryId%3D792%26currency%3DTRY%26utm_source%3D198%26utm_medium%3D%26sub_id4%3D%26sub_id5%3D%26clickid%3D01923bb5-1174-7067-b191-afa7b316e802&dt=ELON&en=page_view&_ee=1&_et=2&tfd=946
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-05RT5DLDZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://promo.elontr.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 02:56:16 GMT
content-type
text/plain
server
Golfe2
elon.ico
promo.elontr.com/
548 B
497 B
Other
General
Full URL
https://promo.elontr.com/elon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:26f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://promo.elontr.com/casino-wheel?lang=tr&countryId=792&currency=TRY&utm_source=198&utm_medium=&sub_id4=&sub_id5=&clickid=01923bb5-1174-7067-b191-afa7b316e802

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
6270
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxf%2F5FvIaGy4kfdd4Rcpo3Uo%2FYFWM4pi1ST2gRm3jy%2FW2SHe%2FqPF4sqqTaMnE77de4ixWSXTOLBShW4Dfha5o9YRznT30mPDppcr54WHuh6RFe7u7Oz7ukWKYIlCH6wuCHCFwD5tef0ZsTTztjVy"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca8b2f47f46b73c-AMS
date
Sun, 29 Sep 2024 02:56:16 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wicksisters.com
URL
https://wicksisters.com/favicon.ico
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/NRJS-70d296500a1ce2f6999?a=1527573371&v=1.265.1&to=YgFTNhADC0BUARZYX1tLcAEWCwpdGiMSQWx9EEUSPiEKXUEQDV1cUBZCPjAHAVpHBwFFc1oKRRANDglWRyIQVFRcFlQBFg%3D%3D&rst=210&ck=0&s=cbbc0a78e41c4560&ref=https://wicksisters.com/&ptid=1ce37d755b9d1592&af=err,spa,xhr,stn,ins&ap=13&be=108&fe=33&dc=31&at=TkZQQFgZGE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1727578574980,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:20,%22c%22:20,%22s%22:37,%22ce%22:58,%22rq%22:58,%22rp%22:108,%22rpe%22:129,%22di%22:139,%22ds%22:139,%22de%22:139,%22dc%22:139,%22l%22:139,%22le%22:141%7D,%22navigation%22:%7B%7D%7D

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkmy_app number| 2f1acc6c3a606b082e5eef5e54414ffb object| dataLayer function| gtag function| getState object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

14 Cookies

Domain/Path Name / Value
promo.elontr.com/ Name: languages
Value: tr
.elontr.com/ Name: languages
Value: tr
promo.elontr.com/ Name: lang
Value: tr
.elontr.com/ Name: lang
Value: tr
promo.elontr.com/ Name: countryId
Value: 792
.elontr.com/ Name: countryId
Value: 792
promo.elontr.com/ Name: currency
Value: TRY
.elontr.com/ Name: currency
Value: TRY
promo.elontr.com/ Name: utm_source
Value: 198
.elontr.com/ Name: utm_source
Value: 198
promo.elontr.com/ Name: clickid
Value: 01923bb5-1174-7067-b191-afa7b316e802
.elontr.com/ Name: clickid
Value: 01923bb5-1174-7067-b191-afa7b316e802
.elontr.com/ Name: _ga
Value: GA1.1.1915717081.1727578576
.elontr.com/ Name: _ga_05RT5DLDZN
Value: GS1.1.1727578576.1.1.1727578576.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://wicksisters.com/favicon.ico
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://promo.elontr.com/elon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
click.eloncas.com
fonts.googleapis.com
fonts.gstatic.com
googlemetrics.com
js-agent.newrelic.com
promo.elontr.com
region1.google-analytics.com
wicksisters.com
www.googletagmanager.com
bam.nr-data.net
wicksisters.com
142.250.185.131
2001:4860:4802:32::36
2602:816:5001::39
2606:4700:3037::6815:26f1
2a00:1450:4001:806::200a
2a00:1450:4001:831::2008
2a06:98c1:3120::3
37.252.15.57
78.141.210.193
018f7df426108cc6b8e2ec892c78d7c845fcbb8a27f3712d5f0e213093d43f91
03aaf77a942f8b02303e8795cf2c6e137ce077206a73c14f7f4395b3f81857d5
09962bfecadb73adaf9f77d1e0b1afa6d0fffd9b77714de4affae10ba16de3ee
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
175fd6e6af282e0c5f7f0d0565b1eddf633e903cac1a97c87d73d1a978e6f48a
2c3bdfd6e264ec2cecebfc590fa736165a98f92be8ed035e411c26c336cb41a1
7e598e91e0bfce4227e1acb5e3a1d48dae46b2067e74397cc47a2d47d661cc34
88561ffdd394b8b57c6ce060da3628a6183aeec5c7c797be6994261b69e299b1
9a6aa59bafb9bfec94bdf996ecb596c0a42e632525f6a15e1c2132b1813e7122
b363e744cf514a875e5ddf8d6e140c4ad40fc0ba0866d43d5b726b6f906c3bac
b539d815ec173b90f3a2f06e09774f37a33555f56ac590c90c9610aa91fa210f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c8010d3a757c3f42ead7516beab00bc4d23f74b75513c9f5a2d8bffaed58a19e
c82ea9208632cdc17987bf9c05f19bc545d92bfcb37fd28637672e2473c347f1
d24adbd0b50585fc986072c7a5fe8eb9707efb258e0ab94c05dce8ffae8f9357
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3aeb2072b5da16570c0e93d0454bbdf527c9d3b5c5c57388d0b7656a4fad085
f503653c2094b508edab66bab103c495ae2af1456aea6c71f8dbcfb9a17e44d7
f7e6765a40d376f8e5cf8f5be4ad2225aa8845b858268fc02d9b50b7d855f4d8