aviator-top-cs-form-tr.pu449ev.com Open in urlscan Pro
2606:4700:20::681a:426 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aviator-top-cs-form-tr.pu449ev.com/
Submission: On January 15 via api (January 15th 2024, 2:01:42 pm UTC) from US — Scanned from US

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 49 HTTP transactions. The main IP is 2606:4700:20::681a:426, located in United States and belongs to CLOUDFLARENET, US. The main domain is aviator-top-cs-form-tr.pu449ev.com.
TLS certificate: Issued by GTS CA 1P5 on December 23rd 2023. Valid for: 3 months.

This is the only time aviator-top-cs-form-tr.pu449ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:20:... 2606:4700:20::681a:426	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::68	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
1	3.67.1.135 3.67.1.135	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
4	3.120.96.128 3.120.96.128	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
49	11

18 2606:4700:20::681a:426 (United States)

ASN13335 (CLOUDFLARENET, US)

aviator-top-cs-form-tr.pu449ev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.1.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-1-135.eu-central-1.compute.amazonaws.com

fs.pudaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.96.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-96-128.eu-central-1.compute.amazonaws.com

f.pudaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	pu449ev.com aviator-top-cs-form-tr.pu449ev.com	3 MB
5	gstatic.com www.gstatic.com fonts.gstatic.com	445 KB
5	pudaf.com fs.pudaf.com — Cisco Umbrella Rank: 485653 f.pudaf.com — Cisco Umbrella Rank: 394249	74 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	321 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	152 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	861 B
49	8

	Domain	Requested by
18	aviator-top-cs-form-tr.pu449ev.com	aviator-top-cs-form-tr.pu449ev.com
4	f.pudaf.com	fs.pudaf.com
4	www.gstatic.com	www.google.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	aviator-top-cs-form-tr.pu449ev.com www.googletagmanager.com
2	www.google.com	aviator-top-cs-form-tr.pu449ev.com www.gstatic.com
1	fonts.gstatic.com	www.google.com
1	pagead2.googlesyndication.com	fs.pudaf.com
1	fonts.googleapis.com	aviator-top-cs-form-tr.pu449ev.com
1	fs.pudaf.com	aviator-top-cs-form-tr.pu449ev.com
49	10

This site contains links to these domains. Also see Links.

Domain
pupointme.com

Subject Issuer	Validity	Valid
pu449ev.com GTS CA 1P5	`2023-12-23` - `2024-03-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
pinup-antifraud.com Amazon RSA 2048 M02	`2023-06-13` - `2024-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://aviator-top-cs-form-tr.pu449ev.com/
Frame ID: F99E7CA4D7BE88E0224BD148C829ABBC
Requests: 42 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9hdmlhdG9yLXRvcC1jcy1mb3JtLXRyLnB1NDQ5ZXYuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=paktqmhcsh53
Frame ID: 491F89B8D20C43CAFF3830460D20DF31
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

150 000 ₺ + 250 fs İLK PARA YATIRMANIZA!

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

49
Requests

73 %
HTTPS

80 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

3256 kB
Transfer

4603 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://pupointme.com/cmrp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aviator-top-cs-form-tr.pu449ev.com/ 20 KB
6 KB 991ms
259ms Document
text/html 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da638b34e9427c17b5ecf0ba77e731630aa2fbc862f197e0951a05657aa40c12

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 845ea68dcc514bbd-BUF
content-encoding: br
content-type: text/html
date: Mon, 15 Jan 2024 14:01:25 GMT
last-modified: Fri, 05 Jan 2024 13:48:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UDZ%2BQTTIw7gfeZtYbrOl9eSRGvLUTn1aLig3Vu56SQqmR03PJKRgjnIwGv6ORaYoS2WNfj2ZGsMFoS0UsWetNs8c5%2B0J%2FWu43sdKMo7hSwkm%2B%2BGLOqFlQJ432iP2kh%2F%2B%2BcMxkzn4XBQ9c0lNE4r8gQJ45z2a%2FIxbHAcA1YzDeU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 main.css
aviator-top-cs-form-tr.pu449ev.com/ 30 KB
6 KB 2550ms
2549ms Stylesheet
text/css 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f355ea700ca83cc4cf0cae81eb6917d61153eb31bb963193f391fc720e70cfaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980898-7752"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAb5M%2B9YTlkM%2BHR0%2FMWFj6WUGTwQcWnkq2vFkhzAcOUCANdXG3CBurtjpUuLSVGEHOOlJROzRcg9phGrqNKFZjkn7rmCYpkp04XK2Amc5a9xcFsveSXNkhVsOMUOhHQeyc3DH9u5mV8Wd0DoQ6Yjx1u%2FfRi01NvwHr1vws2Y%2FMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 845ea68f7d154bbd-BUF

GET
H2 200 logo_casino.svg
aviator-top-cs-form-tr.pu449ev.com/img/logo/ 7 KB
3 KB 2606ms
2605ms Image
image/svg+xml 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/logo/logo_casino.svg
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9392ee9abc6973a734d747f6e7bdfe28d1dd2594abca0b0df1b92e3d161fd14f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-1cc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWsLDKbg7AGlQ0RPdsCCb3CkivvKz8g3hsItpsjhKitK2i9KWUugg91b73d4HLImXT%2B20LxJN49Siuh%2FjkQefa7A9loynKYD08DGNFnHfCj0fHx9tdgANx9GTQ5NPSEEsr4aADXRDxcxjZHMVd2%2FJ2eFyGM9%2FzlJreFnVxiBiJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 845ea68f7d174bbd-BUF

GET
H2 200 aviator-logo.svg
aviator-top-cs-form-tr.pu449ev.com/img/logo/ 16 KB
12 KB 2635ms
2634ms Image
image/svg+xml 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/logo/aviator-logo.svg
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef35ea894a530a6558f1f6ee5fced81284dd2c5af2afed4ce19ed99045001a81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-4105"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTy%2FU7j0ZXo3Wfw4si%2BU0PO5oVCTq4qzGGe%2B9yuwcWDGfSms%2B%2F%2FKCpN%2BiJDJbrQ6WzI%2FuTeyEGHnh6W2a9IBZ3OHZWIWxRKnf1cxpI0cndqaAbPRqjNfOuRpUby5el%2FPjwFkdG%2FSLR7%2BRylE2k7dc8N58GT8hlqH9OCsL3uMluo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 845ea68f7d184bbd-BUF

GET
H2 200 index_1.png
aviator-top-cs-form-tr.pu449ev.com/img/decor/ 4 KB
4 KB 2616ms
2616ms Image
image/png 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/decor/index_1.png
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec499cf7f398218b585a0aeb934b3ab210f549510c55dde467705e3b5d6c7a7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:25 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-e21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaYzmrsxg%2Fqi%2FtuVQDUeeDoRMjwgJieBT7v3m367Tl0tN63lWTjQnIPT083s9gUciCsV08wPpn7pdNy8N5PhVjgY3GJBQvUglssrL1ErYGDO6aJmoPiGGKwih0%2BN%2FqUjF5LnYglbk91ndVIyZEXCLHTj29KBOXGsdrSM9pQCoXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 845ea68f9d2e4bbd-BUF

GET
H2 200 index_2.png
aviator-top-cs-form-tr.pu449ev.com/img/decor/ 3 KB
3 KB 2635ms
2635ms Image
image/png 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/decor/index_2.png
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d7c7b88613e1ce8c92b7f2ff3b218099d0b0b64e9cfd9e38073b8d62cf8e56

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:25 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-c3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzJR8sjUCiyroRoaAsJVBRJBAqQljaMh2Cat6BMNlNe91Xh0lKShvV75d0AIQN%2BhpSuqRPr800jbl%2FYAv35eKrvO3KXEMR7tV6Qn4tTn5O8o2WxQI27sTpoWiBmPHTzMUMuSZ8LuLF%2BZ%2FGHvhRyC0BYXLwUj4bsGlE5EFAZGbfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 845ea68f9d304bbd-BUF

GET
H2 200 coins.png
aviator-top-cs-form-tr.pu449ev.com/img/decor/ 193 KB
193 KB 2636ms
2635ms Image
image/png 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/decor/coins.png
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2046d41d464b44a0eba25e8cf5d6687b5de2966597f10c3e3a8a8520e6adf78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-302c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CATPCOFTvCNS1ZfGNeo%2FMZ%2FwFEjgljin8ps3dqW43aFrKfg0s7L1GZhmz25lUQxaduk0%2FG%2FN5ltHWasVV7LQgc7WRhYWQCUEUUNFJ9nj4Ijb%2BsUCHcMaonwCR27Cew0kTRBNgVGIEfiRZsLzivlAHkdobaZJNRu78%2FcAojMjsR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 845ea68fad314bbd-BUF

GET
H2 200 plane.png
aviator-top-cs-form-tr.pu449ev.com/img/decor/ 727 KB
728 KB 2664ms
2662ms Image
image/png 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/decor/plane.png
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe92e1fb433c487679cbf53966c3f531634c84d98f2a96498f2aff468241ae8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-b5a76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvfxDO8iXlIx7FdKo35i5VPaRblcPFpNxOgPlZiGrxT6lXZb%2FrwtIllKaLX4LahhVtyIJI3pAKSR%2FsbCXQkNyvOPJMzXWUiQoLUDJh5TIiBGwwC550fk2DHzzp6nni5Vm04liQP90oewESGaFQ3anBIXIN1w1NjfjIton1DAYg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 845ea68fad364bbd-BUF

GET
H2 200 bloger.png
aviator-top-cs-form-tr.pu449ev.com/img/decor/ 1 MB
1 MB 2665ms
2664ms Image
image/png 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/decor/bloger.png
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3f2e39383e22dab6b34b960cbc73bc720b3c906277ae3adadc20354f11bd1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-14fc7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdU4MzDsM6sJEintEFP6NmbUPwEqgzFRn7zyC%2F5DXZI4%2BVF9kcXn7bfhlJuKXBaizTrToOJQHuGtyMXHOI7UQ%2FcI7%2F13eS6K5v6okyrnEdg3136m2As86k6aGWZoM5jbusIDXyfuk%2FINFQjAjR7e8pXN9VXMl5RmC4LHViEYLsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 845ea68fad384bbd-BUF

GET
H2 200 title-tr.png
aviator-top-cs-form-tr.pu449ev.com/img/title/ 101 KB
101 KB 2665ms
2664ms Image
image/png 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/title/title-tr.png
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d1a6a34755dbd7d2f5342809f4ac0d2159ce25a591a6cdd0820cbd8e0f4659b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-19273"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Oj5ESE9kRG2EecZP7Wk0AsKontrcrq6fQxOwqgJIAiSGhOrcBZhCzkloAaZ6RvFTqX7H%2F%2BNyjHGBpqBCbhY6qya7xi7744ZkuW3GpNwbWES0T54k0ooZn8qocZNy4cnLsswr7uniB1EPhm%2FzGxqWPO56x25hi%2BUn9Altsb9mzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 845ea68fad394bbd-BUF

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 605ms
53ms Script
text/javascript 2607:f8b0:4004:c1b::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50

Requested by

Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee485098c901da930fd85e271945c18ad37e892f560cf281c76aa9e2455aba12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:01:26 GMT

GET
H2 200 bundle.js Show response
aviator-top-cs-form-tr.pu449ev.com/ 83 KB
19 KB 2653ms
2652ms Script
application/javascript 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/bundle.js
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95bfd80b57e91ee3d944fd8d71404209d91e27c587a6c90a1ba3b75112b9da32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:47:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6598088e-14c1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoaZHOIkcUcr0QYrykPEu8KiZQQJ3ALKdRlDDS4CU19n0wLjdSBeZG%2B6ojtEKMo%2FiJXFOaM%2Fg6%2BA40iomAesLIVdxtiXPCii7MOX0ZVrayahiMcNO%2BxsnukjiuqmdxTjafY85nBAmP5ivdvSa6lL5gHoTQe7kvoSYcLvzsp99mI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 845ea68fad334bbd-BUF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
67 KB 591ms
44ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZJH477

Requested by

Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

303b926f8cbf2e83b5a78463acdabbeab2980c03ac2a106f49d6b8dc5619b866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68141
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jan 2024 14:01:26 GMT

GET
H2 200 fp.js Show response
fs.pudaf.com/ 391 KB
73 KB 930ms
119ms Script
application/javascript 3.67.1.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.pudaf.com/fp.js
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.67.1.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-1-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d33fbbd261390fad4e337d8330061f213b3ff0cdd4ac86402f1379de430d7ccf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 15:57:19 GMT
etag: W/"65a00fdf-61c7a"
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 52ms
51ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FSDW78HQ4L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZJH477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c02d234db06a5c3ad85fb2730f1ccd1896416467168cf11aa879a4b32cd87bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jan 2024 14:01:26 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
267 B 106ms
40ms Ping
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je41a0v893553001z8893121458&_p=1705327285692&gcd=11l1l1l1l1&dma=0&cid=388396292.1705327287&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705327286&sct=1&seg=0&dl=https%3A%2F%2Faviator-top-cs-form-tr.pu449ev.com%2F&dt=150%20000%20%E2%82%BA%20%2B%20250%20fs%20%C4%B0LK%20PARA%20YATIRMANIZA!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.timestamp=2024-01-15T04%3A01%3A26.435-10%3A00&ep.gtm_version=GTM-TZJH477%20%7C%20v.%202&up.clientId=&tfd=1904
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FSDW78HQ4L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:01:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aviator-top-cs-form-tr.pu449ev.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
861 B 115ms
40ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rajdhani:wght@700&display=swap

Requested by

Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e80a3c8a0d6f7a97bcd4ec39199c5fd03a40cb60b63d53cb7a8ba13f15d1a55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 14:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 14:01:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 14:01:28 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 503 KB
202 KB 108ms
38ms Script
text/javascript 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aviator-top-cs-form-tr.pu449ev.com/
Origin: https://aviator-top-cs-form-tr.pu449ev.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 00:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 00:04:04 GMT

GET
H2 200 bg.jpg
aviator-top-cs-form-tr.pu449ev.com/img/ 27 KB
27 KB 253ms
253ms Image
image/jpeg 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/bg.jpg
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de42e80860e42c4613e66a0c87db6819baca20451745ea5759f50ce5e3bc0e6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:28 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-6bbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOigJXEcyJekODOa1vEUchULfOIpbA883PH1ywXTvaDGAHn38RdGoBKbHto55xdo6ODSB7g5a%2B%2FkyASegHWJJHsHoos9HLCw2%2Bl0%2BFCzOHvvL2x33Xrnv1HjmNt1Axcqb%2BPAMxAFsFeVO37mz3ABH3IVi5%2FkDCe0IvdVaFC5498%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 845ea6a07b474bbd-BUF

GET
H2 200 bg-form.png
aviator-top-cs-form-tr.pu449ev.com/img/ 54 KB
54 KB 256ms
255ms Image
image/png 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/bg-form.png
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923944656388d3b036f0e7c6763c7cd3356c4aad5c2804ca4a3cd690291f1d48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:28 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980891-d60a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVl0kEwJ2apnkI999GpCAdsOqmmvhbHNNAgM4PD8cdIKQR6Bjxlutz8zS%2FJAvv7bu3Vgo1u1jPW8nmPpaDqZOIUh26SZ0wo5gG%2Bz%2Fc2OE37UHcFVTWrIH3wSsc0iDiR5Qn2ZY7zVenw5upJwxUZZHx9Cfpz63P%2FT5xGeM1rKiQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 845ea6a07b494bbd-BUF

GET
H2 200 down-arrow-white.svg
aviator-top-cs-form-tr.pu449ev.com/img/ 185 B
497 B 257ms
256ms Image
image/svg+xml 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/down-arrow-white.svg
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06c705183219bfc533672fa3fd32071b735d153435541e6f86595b7c7d165703

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980892-b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=us0%2FNw2%2B7NKg8wfvAIkvfCygcrGFwo%2BVT8RN5n4qJhfUbV0Q37ylkcjXbN1%2F9U8dC%2FOHjCaL1rF%2BDN1muP%2F%2BvAw%2BcngIWsGemfh%2B7yzpZq0KEi%2BWJWi2tID4zsKKyxoSll3SmCv1f5iyOc90OQNjnwiVb22zUBnJo1bFoRuznGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 845ea6a07b4a4bbd-BUF

GET
H2 200 checkbox-white.svg
aviator-top-cs-form-tr.pu449ev.com/img/ 281 B
506 B 258ms
257ms Image
image/svg+xml 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/checkbox-white.svg
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc2b9d30e6551760dfbda09e97e117ff04681bbfb7b14bb42201bb4f8569de70

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980891-119"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVS92yd9jTv4K%2FBORGttC3wULfXguDGnH%2Fv1hKwAGSjGUKJ0Inga3hVNa6k5jCu6AwdLnPy%2BbZ0315Gvqw1S6tln047YwX%2Bz5c4wOByeD5ha73o0uVNVJWlRYRrKyPzLRQbGrJYF9GvLbjdCbkj%2F4blgjsBNFzoTcnHmq3fL3u0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 845ea6a08b4f4bbd-BUF

GET
H2 200 Roboto-Regular.woff2
aviator-top-cs-form-tr.pu449ev.com/fonts/src/fonts/Roboto-Regular/ 64 KB
65 KB 818ms
817ms Font
font/woff2 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/fonts/src/fonts/Roboto-Regular/Roboto-Regular.woff2
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22

Request headers

Referer: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Origin: https://aviator-top-cs-form-tr.pu449ev.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:28 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65980891-101c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At2iBPMCcZk7wGCubYqmyNHlnS2xRV0%2Bg2UhGJQ9%2BuSgR%2BXRqreHJpIA3KzZFVbf8Z%2FgFefF9Jj08j7VdqH1mP9Vrg1FQdlfoH9wJH5vr9A9D5OUQLHCCKAxkwXv6NwzdxCpZM%2BgbQNxPB6JUfeFtBNaavg3SGeiIrxSxz%2FNP%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 845ea6a08b4e4bbd-BUF
content-length: 65992

GET
H2 200 turkey.png
aviator-top-cs-form-tr.pu449ev.com/img/country/ 1 KB
2 KB 188ms
187ms Image
image/png 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/img/country/turkey.png
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:28 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65980895-4a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvSlPINsrB1oSSGDjFssxhnS7v%2Busgl9esVoOlAACm%2F%2Fa2KT9odect14zHbTIE5lJYpizPXfoFsIN04QFWjp80DwHO%2FP8PLMxmy3KbWHwyrE5Q5TW0ajrHYPo44jJstU80rnWM9UBqJPpClgB8AVoe4KxVENTxDfXbWKn5t7uZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 845ea6a0ab754bbd-BUF

GET
H2 200 icomoon.ttf
aviator-top-cs-form-tr.pu449ev.com/fonts/src/icon-fonts/ 12 KB
12 KB 259ms
259ms Font
application/octet-stream 2606:4700:20::681a:426
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aviator-top-cs-form-tr.pu449ev.com/fonts/src/icon-fonts/icomoon.ttf
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2284eec64ee4ebb1965d2de898ea633b846f30ccecc5cab278c23351ad18a947

Request headers

Referer: https://aviator-top-cs-form-tr.pu449ev.com/main.css
Origin: https://aviator-top-cs-form-tr.pu449ev.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:28 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2024 13:48:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65980891-2f08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDCdGbCWrBQQ8SUNQGuh53HUdcxmmhrxGDX8JBJ5lbntKfK8PgCvDynYXXIjNy6EC1voV562nTIrdkKZ7s5gZ1MWqizlgECmRojfnu6fN78lX6MCp4Gkkk2hBffFYek0UtaTeP1tCcI1RJIlxpz7Lb9wMoBdwVQv%2B3UIyoXtjUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 845ea6a0ab774bbd-BUF
content-length: 12040

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 491F 7 KB
1 KB 53ms
52ms Document
text/html 2607:f8b0:4004:c1b::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9hdmlhdG9yLXRvcC1jcy1mb3JtLXRyLnB1NDQ5ZXYuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=paktqmhcsh53

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40e04e7637c8c51708ef8682c94b8223fac203c27d36b32e9b72ad5657dec605

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OoT-QdB8JsjnLNrajBiX_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aviator-top-cs-form-tr.pu449ev.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OoT-QdB8JsjnLNrajBiX_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 14:01:30 GMT
expires: Mon, 15 Jan 2024 14:01:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 af31c8db-5482-4faa-9b9b-f962540fc0c8
f.pudaf.com/p/ Frame 0
0 833ms
127ms Preflight 3.120.96.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p/af31c8db-5482-4faa-9b9b-f962540fc0c8?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=af31c8db-5482-4faa-9b9b-f962540fc0c8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.120.96.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-96-128.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://aviator-top-cs-form-tr.pu449ev.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 43200
date: Mon, 15 Jan 2024 14:01:31 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 af31c8db-5482-4faa-9b9b-f962540fc0c8 Show response
f.pudaf.com/p/ 21 B
733 B 123ms
121ms Fetch
application/json 3.120.96.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p/af31c8db-5482-4faa-9b9b-f962540fc0c8?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=af31c8db-5482-4faa-9b9b-f962540fc0c8
Requested by: Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.120.96.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-96-128.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60

Request headers

Accept: application/json, text/html, text/plain
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
If-None-Match
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/octet-stream

Response headers

date: Mon, 15 Jan 2024 14:01:31 GMT
last-modified: Mon, 15 Jan 2024 13:59:51 GMT
accept-ch: sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag: 65a53abb95dba4bc63f0a17b
vary: Origin
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length: 21

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 616ms
549ms Fetch
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51177
x-xss-protection: 0
server: cafe
etag: 14757641140445342124
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:01:30 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 491F 55 KB
24 KB 101ms
32ms Stylesheet
text/css 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9hdmlhdG9yLXRvcC1jcy1mb3JtLXRyLnB1NDQ5ZXYuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=paktqmhcsh53

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 17:20:25 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 491F 503 KB
201 KB 118ms
49ms Script
text/javascript 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 00:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 00:04:04 GMT

GET
BLOB 200
OK c2a558b9-b783-4c38-834c-5c8587428bdd
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/c2a558b9-b783-4c38-834c-5c8587428bdd
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 491F 2 KB
2 KB 46ms
35ms Image
image/png 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:07:12 GMT
x-content-type-options: nosniff
age: 449659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 17 Jan 2024 09:07:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 491F 15 KB
16 KB 115ms
32ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:25:47 GMT
x-content-type-options: nosniff
age: 207344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 04:25:47 GMT

GET
BLOB 200
OK 9ce3e283-5aae-4aa0-851a-1e5f5faddf30
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/9ce3e283-5aae-4aa0-851a-1e5f5faddf30
Requested by: Host: aviator-top-cs-form-tr.pu449ev.com
URL: https://aviator-top-cs-form-tr.pu449ev.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK 33c846f0-5b43-44d1-8deb-ff03a0019b3a
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/33c846f0-5b43-44d1-8deb-ff03a0019b3a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 42ms
42ms Ping
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je41a0v893553001&_p=1705327285692&gcd=11l1l1l1l1&dma=0&cid=388396292.1705327287&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705327286&sct=1&seg=0&dl=https%3A%2F%2Faviator-top-cs-form-tr.pu449ev.com%2F&dt=150%20000%20%E2%82%BA%20%2B%20250%20fs%20%C4%B0LK%20PARA%20YATIRMANIZA!&en=scroll&ep.timestamp=2024-01-15T04%3A01%3A26.435-10%3A00&ep.gtm_version=GTM-TZJH477%20%7C%20v.%202&epn.percent_scrolled=90&_et=19&tfd=6926
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FSDW78HQ4L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:01:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aviator-top-cs-form-tr.pu449ev.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK b1eb6935-704a-4697-9d98-d8ca1b7933ca
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/b1eb6935-704a-4697-9d98-d8ca1b7933ca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK 5f65c596-4bad-498a-98df-b0bb978e1a37
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/5f65c596-4bad-498a-98df-b0bb978e1a37
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK 23a58077-b180-4d10-89d3-44c4c3be6578
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/23a58077-b180-4d10-89d3-44c4c3be6578
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK 3b12a8a2-f51e-461d-ba42-575a9e396f1f
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/3b12a8a2-f51e-461d-ba42-575a9e396f1f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK 10f7767b-5886-4ff4-ae0e-90964495efca
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/10f7767b-5886-4ff4-ae0e-90964495efca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK 38c3bd4e-0054-4e28-9fbe-d682dc089600
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/38c3bd4e-0054-4e28-9fbe-d682dc089600
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK 6c89e607-a61c-4240-ba86-972fa2ee4d47
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/6c89e607-a61c-4240-ba86-972fa2ee4d47
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK d1d0932f-33f2-4cbf-8b3e-e0f7fa61548c
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/d1d0932f-33f2-4cbf-8b3e-e0f7fa61548c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK 7081c450-eff4-49c3-b148-18b2827ebda3
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/7081c450-eff4-49c3-b148-18b2827ebda3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
BLOB 200
OK ade845f5-b555-40b3-bdfe-b1fb33ab5140
https://aviator-top-cs-form-tr.pu449ev.com/ 419 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aviator-top-cs-form-tr.pu449ev.com/ade845f5-b555-40b3-bdfe-b1fb33ab5140
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

POST
H2 200 af31c8db-5482-4faa-9b9b-f962540fc0c8 Show response
f.pudaf.com/p/ 21 B
732 B 115ms
115ms Fetch
application/json 3.120.96.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p/af31c8db-5482-4faa-9b9b-f962540fc0c8?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=af31c8db-5482-4faa-9b9b-f962540fc0c8
Requested by: Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.120.96.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-96-128.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60

Request headers

Accept: application/json, text/html, text/plain
Referer: https://aviator-top-cs-form-tr.pu449ev.com/
If-None-Match
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/octet-stream

Response headers

date: Mon, 15 Jan 2024 14:01:35 GMT
last-modified: Mon, 15 Jan 2024 13:59:55 GMT
accept-ch: sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag: 65a53abf1111e72545423069
vary: Origin
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length: 21

OPTIONS
H2 204 af31c8db-5482-4faa-9b9b-f962540fc0c8
f.pudaf.com/p/ Frame 0
0 114ms
113ms Preflight 3.120.96.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.pudaf.com/p/af31c8db-5482-4faa-9b9b-f962540fc0c8?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=af31c8db-5482-4faa-9b9b-f962540fc0c8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.120.96.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-96-128.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://aviator-top-cs-form-tr.pu449ev.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 43200
date: Mon, 15 Jan 2024 14:01:35 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pu449ev.com/	1970-01-20 17:42:09	Name: __cf_bm Value: oa_eCrEjzNt7iIIhUhuMmXubh3rs13UUHCexszcOzug-1705327285-1-AVRd9eQzLfgC7T6pZh7NZ6oRdDndoQCyitdPPuYT3SpgWGcwZ+1hziH6F6uTIuUlp7NOmafxgeZ+Mtd/SrelFak=
.pu449ev.com/	1970-01-21 03:18:07	Name: _ga Value: GA1.1.388396292.1705327287
.pu449ev.com/	1970-01-21 03:18:07	Name: _ga_FSDW78HQ4L Value: GS1.1.1705327286.1.0.1705327286.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fs.pudaf.com/fp.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aviator-top-cs-form-tr.pu449ev.com
f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
pagead2.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:20::681a:426
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::68
2607:f8b0:4004:c1b::71
3.120.96.128
3.67.1.135
06c705183219bfc533672fa3fd32071b735d153435541e6f86595b7c7d165703
09d7c7b88613e1ce8c92b7f2ff3b218099d0b0b64e9cfd9e38073b8d62cf8e56
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2284eec64ee4ebb1965d2de898ea633b846f30ccecc5cab278c23351ad18a947
303b926f8cbf2e83b5a78463acdabbeab2980c03ac2a106f49d6b8dc5619b866
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40e04e7637c8c51708ef8682c94b8223fac203c27d36b32e9b72ad5657dec605
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
6d1a6a34755dbd7d2f5342809f4ac0d2159ce25a591a6cdd0820cbd8e0f4659b
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7fe92e1fb433c487679cbf53966c3f531634c84d98f2a96498f2aff468241ae8
923944656388d3b036f0e7c6763c7cd3356c4aad5c2804ca4a3cd690291f1d48
9392ee9abc6973a734d747f6e7bdfe28d1dd2594abca0b0df1b92e3d161fd14f
95bfd80b57e91ee3d944fd8d71404209d91e27c587a6c90a1ba3b75112b9da32
ad3f2e39383e22dab6b34b960cbc73bc720b3c906277ae3adadc20354f11bd1a
bc2b9d30e6551760dfbda09e97e117ff04681bbfb7b14bb42201bb4f8569de70
c02d234db06a5c3ad85fb2730f1ccd1896416467168cf11aa879a4b32cd87bbd
c2046d41d464b44a0eba25e8cf5d6687b5de2966597f10c3e3a8a8520e6adf78
d33fbbd261390fad4e337d8330061f213b3ff0cdd4ac86402f1379de430d7ccf
da638b34e9427c17b5ecf0ba77e731630aa2fbc862f197e0951a05657aa40c12
de42e80860e42c4613e66a0c87db6819baca20451745ea5759f50ce5e3bc0e6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80a3c8a0d6f7a97bcd4ec39199c5fd03a40cb60b63d53cb7a8ba13f15d1a55f
ec499cf7f398218b585a0aeb934b3ab210f549510c55dde467705e3b5d6c7a7d
ee485098c901da930fd85e271945c18ad37e892f560cf281c76aa9e2455aba12
ef35ea894a530a6558f1f6ee5fced81284dd2c5af2afed4ce19ed99045001a81
f355ea700ca83cc4cf0cae81eb6917d61153eb31bb963193f391fc720e70cfaf

aviator-top-cs-form-tr.pu449ev.com Open in urlscan Pro 2606:4700:20::681a:426 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

73 %HTTPS

80 %IPv6

8 Domains

10 Subdomains

11 IPs

2 Countries

3256 kBTransfer

4603 kBSize

3 Cookies

1 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aviator-top-cs-form-tr.pu449ev.com Open in urlscan Pro
2606:4700:20::681a:426 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

73 %
HTTPS

80 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

3256 kB
Transfer

4603 kB
Size

3
Cookies

49 HTTP transactions
0 data transactions