urlscan.io logo urlscan.io
SecurityTrails logo

crossbrand-onwin-tr.pages.dev Open in urlscan Pro
172.67.162.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://crossbrand-onwin-tr.pages.dev/
Effective URL: https://crossbrand-onwin-tr.pages.dev/
Submission: On December 13 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 34 HTTP transactions. The main IP is 172.67.162.47, located in United States and belongs to CLOUDFLARENET, US. The main domain is crossbrand-onwin-tr.pages.dev.
TLS certificate: Issued by WE1 on November 22nd 2024. Valid for: 3 months.
This is the only time crossbrand-onwin-tr.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 172.67.162.47 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.68 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.122.11 16509 (AMAZON-02)
1 3.127.180.74 16509 (AMAZON-02)
6 142.250.185.67 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.125.169.2 16509 (AMAZON-02)
3 65.9.66.117 16509 (AMAZON-02)
1 172.217.18.98 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
34 14
9    172.67.162.47 (United States)

ASN13335 (CLOUDFLARENET, US)
crossbrand-onwin-tr.pages.dev
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.122.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-11.fra60.r.cloudfront.net
js.datadome.co
1    3.127.180.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-180-74.eu-central-1.compute.amazonaws.com
fs.pudaf.com
6    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    3.125.169.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-169-2.eu-central-1.compute.amazonaws.com
api-js.datadome.co
3    65.9.66.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-117.fra56.r.cloudfront.net
f.pudaf.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
pagead2.googlesyndication.com
2    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 pages.dev
crossbrand-onwin-tr.pages.dev
99 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
311 KB
4 pudaf.com
fs.pudaf.com — Cisco Umbrella Rank: 619949
f.pudaf.com — Cisco Umbrella Rank: 527261
76 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
667 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
4 KB
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 5057
api-js.datadome.co — Cisco Umbrella Rank: 4885
33 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
187 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
24 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
34 10
Domain Requested by
9 crossbrand-onwin-tr.pages.dev crossbrand-onwin-tr.pages.dev
6 fonts.gstatic.com fonts.googleapis.com
3 region1.google-analytics.com crossbrand-onwin-tr.pages.dev
3 f.pudaf.com crossbrand-onwin-tr.pages.dev
2 unpkg.com 1 redirects
2 www.googletagmanager.com crossbrand-onwin-tr.pages.dev
www.googletagmanager.com
2 www.google.com crossbrand-onwin-tr.pages.dev
www.gstatic.com
1 pagead2.googlesyndication.com crossbrand-onwin-tr.pages.dev
1 api-js.datadome.co js.datadome.co
1 www.gstatic.com www.google.com
1 fs.pudaf.com crossbrand-onwin-tr.pages.dev
1 js.datadome.co crossbrand-onwin-tr.pages.dev
1 fonts.googleapis.com crossbrand-onwin-tr.pages.dev
34 13

This site contains links to these domains. Also see Links.

Domain
tdssvc.com
Subject Issuer Validity Valid
crossbrand-onwin-tr.pages.dev
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.datadome.co
GandiCert		 2024-10-24 -
2025-11-24		 a year crt.sh
*.pinup-antifraud.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
frogo-aft.com
Amazon RSA 2048 M02		 2024-10-07 -
2025-11-05		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://crossbrand-onwin-tr.pages.dev/
Frame ID: 57B9BE5D1C408486F0F6D899CE041565
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9jcm9zc2JyYW5kLW9ud2luLXRyLnBhZ2VzLmRldjo0NDM.&hl=fi&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=mj0lyaakto98
Frame ID: 86EABDF03116290D1463795412A1D699
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

150% + 250FS BIRINCHI DEPOZITGA!

Page URL History Show full URLs

  1. http://crossbrand-onwin-tr.pages.dev/ HTTP 307
    https://crossbrand-onwin-tr.pages.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

34
Requests

91 %
HTTPS

38 %
IPv6

10
Domains

13
Subdomains

14
IPs

2
Countries

713 kB
Transfer

1847 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crossbrand-onwin-tr.pages.dev/ HTTP 307
    https://crossbrand-onwin-tr.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
crossbrand-onwin-tr.pages.dev/
Redirect Chain
  • http://crossbrand-onwin-tr.pages.dev/
  • https://crossbrand-onwin-tr.pages.dev/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crossbrand-onwin-tr.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cc8680e86294c6b0a8b24c219d44304d2fa5dfe478e1be5623638e928e82ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8f11c9af4d75b50f-OSL
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 13 Dec 2024 00:20:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUyUwYEZD%2BwlHj0DjZXCIqYggdo0VvQDKwZRTvAX985NZwBEcJiw08RbRlIoBWw7ON48Kuyl%2BG40bS0PAjxrwvhCNOciVqE7iZCB%2FAXaUdvAIIFl0DpkNBslpuy%2BEFgnQk%2Bmsh1V7V1MxwC4V4dMyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=43844&min_rtt=43577&rtt_var=9427&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4452&delivery_rate=13493&cwnd=12000&unsent_bytes=0&cid=0ed21606c7aec185&ts=135&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://crossbrand-onwin-tr.pages.dev/
Non-Authoritative-Reason
HSTS
css2
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 00:20:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 12 Dec 2024 23:52:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.css
crossbrand-onwin-tr.pages.dev/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crossbrand-onwin-tr.pages.dev/main.css
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c3b085844565b8c573583de50de941c3b933edd25f12678d2e52458257abcd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
br
etag
W/"1e2561be0bcb1bc3e90d745946a1b862"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uriWjwCPedVNlv83VRsrprPDTP92Nt3t5rX6xWuNoq0qtM5m7djTBHmODB439Mpqol9TFk%2BnsaiGgjuf2BdR1gbV6lfOPIPEp6fmIufQf1fauIhDm77Mw0j1CZNx7iHZGrnVSf%2BM6Q6ha47kjp6ymw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43968&min_rtt=43577&rtt_var=3173&sent=28&recv=14&lost=0&retrans=0&sent_bytes=20595&recv_bytes=5466&delivery_rate=64361&cwnd=12000&unsent_bytes=0&cid=0ed21606c7aec185&ts=396&x=1", cfExtPri, cfHdrFlush;dur=35
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f11c9b03e1db50f-OSL
access-control-allow-origin
*
server
cloudflare
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
1e30570f126abcc614ada548406b3dd6035b4ccb6ef95b42041f68d3e813a2e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 00:20:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 13 Dec 2024 00:20:21 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
bundle.js
crossbrand-onwin-tr.pages.dev/ 		107 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crossbrand-onwin-tr.pages.dev/bundle.js
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
638060ae1c0a4df08b92caa6277caa704ca42f2b8cd68bd6f9d9d4ece0340d72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
br
etag
W/"37cd94fff69eb9b360073b34aaec39da"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRxGzyTB9PCWmhSJcRErHf5mpbdprjb0gTkTEZBR3KbcWX%2Bw8HYDkGRKqnKOvQ5y9UZwqx1yVKLn9bBVqjuJ7mDT1B81Qa9vyqDiqwYaG88mV%2BC3zuoaQdIANhf3xKNf8ll6ReqQVTVpRbytoMOFjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43968&min_rtt=43577&rtt_var=3173&sent=17&recv=14&lost=0&retrans=0&sent_bytes=8595&recv_bytes=5466&delivery_rate=64361&cwnd=12000&unsent_bytes=0&cid=0ed21606c7aec185&ts=387&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f11c9b03e1eb50f-OSL
access-control-allow-origin
*
server
cloudflare
gtm.js
www.googletagmanager.com/ 		240 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0b0573273315d9ca450d082250919ebd3de49ea7806c65cd9db33b65ea6341b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 13 Dec 2024 00:20:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 13 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84849
x-xss-protection
0
server
Google Tag Manager
tags.js
js.datadome.co/ 		174 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-11.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b093cbb49adc2923b6ef6b58ad22f87ba4a008e0ecb27665a76cab5e9deeb40
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
gzip
x-amz-version-id
fRdxQZTwv7aUXeF3zxmAg.EIiFr7SoNp
etag
W/"b4f2edbea31dcec5c70f4f1bf574b162"
age
313
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
tXw0ro7rIGPVbxNW3c7DkAMLt7PDBOp-kIOrIV5Ka-PYBuLmDvQUqg==
date
Fri, 13 Dec 2024 00:15:09 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Wed, 04 Dec 2024 11:03:19 GMT
strict-transport-security
max-age=15768000
cache-control
max-age=3600, public
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
fp.js
fs.pudaf.com/ 		244 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.pudaf.com/fp.js
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.180.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-180-74.eu-central-1.compute.amazonaws.com
Software
nginx/1.27.3 /
Resource Hash
53adc6f3a83391f57b8b2f2627f99c27abd3c1340cd63c968af63014285c6c71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
gzip
date
Fri, 13 Dec 2024 00:20:21 GMT
etag
W/"675067b4-3ce95"
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 14:31:16 GMT
server
nginx/1.27.3
90f6abaa-5a9b-4a7f-bc8d-564347f3eabd
https://crossbrand-onwin-tr.pages.dev/ Frame 		0
0
bg.jpg
crossbrand-onwin-tr.pages.dev/img/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crossbrand-onwin-tr.pages.dev/img/bg.jpg
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e166a54e5229407d516f7e86c524a18a1c14c57b25285cf6cc9b8b137906c4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/main.css

Response headers

etag
"d8fbecb10e2e03b0ef5c107015bf2fe8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Q1LMrASsvDAKsOL3GoTyxMGZgiJs798X0QeiuKBRJhyyIkciNpKMfgtIqj8w%2BqyfjjbvQaj5kBMYVEqQMwhEssjTRFP1VKhISWZBsWCsZEws0qUSqhZyTguDMHbU3Jiyk1TY%2FsrfzxPcTd8tsWsCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43964&min_rtt=43577&rtt_var=53&sent=60&recv=37&lost=0&retrans=0&sent_bytes=49582&recv_bytes=8682&delivery_rate=41594&cwnd=22800&unsent_bytes=0&cid=0ed21606c7aec185&ts=781&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
image/jpeg
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f11c9b1ff96b50f-OSL
access-control-allow-origin
*
content-length
54285
server
cloudflare
down-arrow.svg
crossbrand-onwin-tr.pages.dev/img/ 		201 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crossbrand-onwin-tr.pages.dev/img/down-arrow.svg
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4ab7674a0d7acc7775e8807f0ac51596748c96a9683dd0bb3687126c5e85ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/main.css

Response headers

content-encoding
br
etag
W/"f90608ae0a40c5847df4e6a913d2e67c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtF8WIZxWxuL2buCtdySUMrwoxIzQrGf7Z%2FFwumMbWK7XmvaxXW1%2B7X%2B2B5v4FpcHekpFfAEyH1quJ%2FQE%2Bwyb0JY9oc2lKd4vK0MA%2BUTy09WH58sH6L5pMHIp3Jejjg0eChNhM6UQKvddemQYknqYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43978&min_rtt=43577&rtt_var=120&sent=56&recv=33&lost=0&retrans=0&sent_bytes=47650&recv_bytes=8510&delivery_rate=7874&cwnd=22800&unsent_bytes=0&cid=0ed21606c7aec185&ts=747&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f11c9b1ff98b50f-OSL
access-control-allow-origin
*
server
cloudflare
checkbox.svg
crossbrand-onwin-tr.pages.dev/img/ 		366 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crossbrand-onwin-tr.pages.dev/img/checkbox.svg
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9562627da18e46cff037920308180f72f46e6df973ce331b68b8fe0509430a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/main.css

Response headers

content-encoding
br
etag
W/"dda33c1e92214617b6856042f65bb9c4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FNBfEz0NZhcuvVWbyHThjfVfE7Ri9E3ngqWRb1m%2FqddlmJxVxizCjhN0gfmpyk2Ouh6XDR0pAGOikQisUDck8EDiYLR88neVu4Nz3y%2FaHezG0Et5GoZfGR%2BssV9tsBcxpio8MczjIvOv1xKWkHNrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43978&min_rtt=43577&rtt_var=120&sent=58&recv=33&lost=0&retrans=0&sent_bytes=48578&recv_bytes=8510&delivery_rate=7874&cwnd=22800&unsent_bytes=0&cid=0ed21606c7aec185&ts=747&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f11c9b1ff99b50f-OSL
access-control-allow-origin
*
server
cloudflare
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://crossbrand-onwin-tr.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
118795
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 15:20:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:20:26 GMT
last-modified
Thu, 01 Aug 2024 20:41:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18436
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://crossbrand-onwin-tr.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
254256
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://crossbrand-onwin-tr.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
212499
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 13:18:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 13:18:42 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://crossbrand-onwin-tr.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
149392
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 06:50:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 06:50:29 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12456
x-xss-protection
0
server
sffe
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d5b243ecee507eb2c77fec9be8f00f6b2c401f1cd0532c86510de001736850e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://crossbrand-onwin-tr.pages.dev
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
gzip
age
127911
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 12:48:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 12:48:30 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222365
x-xss-protection
0
server
sffe
turkey.png
crossbrand-onwin-tr.pages.dev/img/country/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crossbrand-onwin-tr.pages.dev/img/country/turkey.png
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

etag
"dd33d67068df1d6e772833ee183c0436"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2Bp9MoLFSvahbP2fdwZxE2iLZKO%2FA7eUOJ1STJ8qoMBgk9glVIEKlv%2Br5LIyCV2F9MfAtARQFct1x4QfP1%2FWku8DDSjMUBRtjr40TkoQQxo5rjR3uOT4S6HaEUmnMKm6NaEvxDsoBCuZmjil%2Bhu00A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43984&min_rtt=43577&rtt_var=146&sent=46&recv=32&lost=0&retrans=0&sent_bytes=37328&recv_bytes=8467&delivery_rate=75125&cwnd=22800&unsent_bytes=0&cid=0ed21606c7aec185&ts=685&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f11c9b21fb4b50f-OSL
access-control-allow-origin
*
content-length
1193
server
cloudflare
icomoon.ttf
crossbrand-onwin-tr.pages.dev/fonts/src/icon-fonts/ 		12 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://crossbrand-onwin-tr.pages.dev/fonts/src/icon-fonts/icomoon.ttf
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b8fd2af22e80c46cc011e57a53e266b984aebe6eca596f791032b1261441f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://crossbrand-onwin-tr.pages.dev
Referer
https://crossbrand-onwin-tr.pages.dev/main.css

Response headers

content-encoding
br
etag
W/"1859e6be07589a8681f4729c186e2a9c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FYLDFQP%2FJxr488lXFW31dLw5X0oEmTRAl5nTWpR3U3P7HTRgw7uTPhrNvNWue9nbaRgATkHeVlU1jUJ0bJRy5gQDGpPXusT1clWEVM%2FLfEdt02p9ZOTB5wJm1ke7AijG9aAhAdc6D2I6oeGqx3ZwKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43984&min_rtt=43577&rtt_var=146&sent=48&recv=32&lost=0&retrans=0&sent_bytes=39282&recv_bytes=8467&delivery_rate=75125&cwnd=22800&unsent_bytes=0&cid=0ed21606c7aec185&ts=722&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
font/ttf
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f11c9b21fbeb50f-OSL
access-control-allow-origin
*
server
cloudflare
/
api-js.datadome.co/js/ 		250 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.125.169.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-169-2.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
c6a3a2d5aed331d01cf365b991f0613f23ef2324ff4a5c0987594413913712b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
access-control-allow-origin
*
content-length
250
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
application/json;charset=utf-8
server
DataDome
85a88d2f-2438-42b3-bf42-8c0029ac76af
https://crossbrand-onwin-tr.pages.dev/ Frame 		0
0
destination
www.googletagmanager.com/gtag/ 		303 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-FSDW78HQ4L&l=dataLayer&cx=c&gtm=45He4cb0v9181226602za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5caf26fc9bbd7e955e3b323b678e047dd7cd0aabc241b68160fe1bd924a33d31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 13 Dec 2024 00:20:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 00:20:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105707
x-xss-protection
0
server
Google Tag Manager
anchor
www.google.com/recaptcha/enterprise/ Frame 86EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9jcm9zc2JyYW5kLW9ud2luLXRyLnBhZ2VzLmRldjo0NDM.&hl=fi&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=mj0lyaakto98
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__fi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MOAgfESrTOwlQwUDHwdGNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crossbrand-onwin-tr.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MOAgfESrTOwlQwUDHwdGNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Dec 2024 00:20:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
p
f.pudaf.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-117.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ak,content-type,ri,si,x-ctr
Access-Control-Request-Method
POST
Origin
https://crossbrand-onwin-tr.pages.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match,x-ctr,ak,si,ui,ri
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
access-control-max-age
43200
date
Fri, 13 Dec 2024 00:20:22 GMT
vary
Access-Control-Request-Method, Access-Control-Request-Headers, Origin
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-cf-id
bOBHlESN7reJyP13TFxb-h3RRihAlyVmf1CskXqxkqI3xYlriShDJg==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p
f.pudaf.com/ 		137 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-117.fra56.r.cloudfront.net
Software
/
Resource Hash
8b4820b8afa15fc9f5299882d7bab0344bd03ccbd9f10c0ec2d0afbcf1dd2edd

Request headers

ak
vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer
https://crossbrand-onwin-tr.pages.dev/
x-ctr
B3zoda1YLidFgmuLbsnXPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/html, text/plain
ri
1f1f28b3b289474f9f3852805e3691f1
Content-Type
application/octet-stream
si
8e7f4d03ea8b49758f48c28d7360756a

Response headers

access-control-max-age
43200
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
675b7dc6cf7d6699b9559d4f
x-trace-id
c2dd276734d6b7b4a70a9535a0d8df1b
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
137
x-amz-cf-id
5L-WD-t-15puCDNZtKBxBv6B8NDPre5RunijGQ8sLypVi5qFQ5sI7A==
date
Fri, 13 Dec 2024 00:20:22 GMT
content-type
application/json
last-modified
Fri, 13 Dec 2024 00:18:42 GMT
x-amz-cf-pop
FRA56-C1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
24 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
br
etag
1090797243294210090
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 00:20:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 13 Dec 2024 00:20:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53342
x-xss-protection
0
server
cafe
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://crossbrand-onwin-tr.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
541740
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 17:51:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 17:51:22 GMT
last-modified
Thu, 01 Aug 2024 20:41:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19780
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
b73c1098eed65e61418b5f54ba17ba07a9760a9b9d93f188833b3874cfda5ddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://crossbrand-onwin-tr.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
225785
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:37:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:37:17 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7096
x-xss-protection
0
server
sffe
web-vitals.iife.js
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
Protocol
H2
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
age
1552637
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 00:20:22 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JDGDFWWXKMYEPB8WHWE7BHEK-arn
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f11c9badf305693-OSL
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/web-vitals@4.2.4/dist/web-vitals.iife.js
content-encoding
br
cf-cache-status
HIT
age
75
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8f11c9ba7ee65693-OSL
access-control-allow-origin
*
date
Fri, 13 Dec 2024 00:20:22 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JEYP4A4WZAD492JT9E2FW13J-arn
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4cb0v893553001z89181226602za200zb9181226602&_p=1734049221136&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=978189690.1734049223&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dr=&sid=1734049222&sct=1&seg=0&dl=https%3A%2F%2Fcrossbrand-onwin-tr.pages.dev%2F&dt=150%25%20%2B%20250FS%20BIRINCHI%20DEPOZITGA!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.user_fp=&ep.transport_type=beacon&ep.timestamp=2024-12-13%2002%3A20%3A22&up.is_exist_player=false&up.language_site=&up.platform=desktop&up.screen_resolution=1600x1200&up.is_incognito=false&tfd=1766
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://crossbrand-onwin-tr.pages.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 00:20:22 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
48 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4cb0v893553001z89181226602za200zb9181226602&_p=1734049221136&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=978189690.1734049223&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dr=&sid=1734049222&sct=1&seg=0&dl=https%3A%2F%2Fcrossbrand-onwin-tr.pages.dev%2F&dt=150%25%20%2B%20250FS%20BIRINCHI%20DEPOZITGA!&en=registration&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.user_fp=&ep.transport_type=beacon&ep.timestamp=2024-12-13%2002%3A20%3A21&ep.event_category=registration&ep.category=registration&ep.type=short&ep.mode=phone&ep.event_action=view&_et=1&tfd=1768
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://crossbrand-onwin-tr.pages.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 00:20:22 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4cb0v893553001za200zb9181226602&_p=1734049221136&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=978189690.1734049223&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&dr=&sid=1734049222&sct=1&seg=0&dl=https%3A%2F%2Fcrossbrand-onwin-tr.pages.dev%2F&dt=150%25%20%2B%20250FS%20BIRINCHI%20DEPOZITGA!&en=scroll&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.user_fp=&ep.transport_type=beacon&ep.timestamp=2024-12-13%2002%3A20%3A22&epn.percent_scrolled=90&tfd=1771
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://crossbrand-onwin-tr.pages.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 00:20:22 GMT
content-type
text/plain
server
Golfe2
favicon-32x32.png
crossbrand-onwin-tr.pages.dev/img/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://crossbrand-onwin-tr.pages.dev/img/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://crossbrand-onwin-tr.pages.dev/

Response headers

etag
"ab1156a8eb2af8e913fe675d02676f04"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=758zHVLPs6LGoVWW6aYWQlhzgR3gn6PnUQ6FYoiMBmrdnaxavmw9pGyPf2AMZ09y%2BEqoVjV9e7gVt%2FVz7S0BtyXdBfXY%2BLImktO6BUdTr9hmkxWUEMAyJKz2rH9jXpUkNFZP6aZAI7IWBkzumNCQDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44413&min_rtt=43577&rtt_var=802&sent=110&recv=64&lost=0&retrans=0&sent_bytes=105868&recv_bytes=10551&delivery_rate=800321&cwnd=45600&unsent_bytes=0&cid=0ed21606c7aec185&ts=1934&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 00:20:22 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f11c9b9ff7fb50f-OSL
access-control-allow-origin
*
content-length
1671
server
cloudflare
p
f.pudaf.com/ 		137 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p
Requested by
Host: crossbrand-onwin-tr.pages.dev
URL: https://crossbrand-onwin-tr.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-117.fra56.r.cloudfront.net
Software
/
Resource Hash
8b4820b8afa15fc9f5299882d7bab0344bd03ccbd9f10c0ec2d0afbcf1dd2edd

Request headers

ak
vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer
https://crossbrand-onwin-tr.pages.dev/
x-ctr
19RcD7gqrkIj8dPC55v4-Q
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/html, text/plain
ri
1f1f28b3b289474f9f3852805e3691f1
Content-Type
application/octet-stream
si
8e7f4d03ea8b49758f48c28d7360756a

Response headers

access-control-max-age
43200
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
675b7dc8b8c593f94c60d654
x-trace-id
59cd75ec628e4e5c7292dc93c59f2e41
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
137
x-amz-cf-id
-elKBQLSe6cbjlQchHehw-XSoSFyqL9SybKECNq7OMR4V_98yiYVdg==
date
Fri, 13 Dec 2024 00:20:24 GMT
content-type
application/json
last-modified
Fri, 13 Dec 2024 00:18:44 GMT
x-amz-cf-pop
FRA56-C1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
crossbrand-onwin-tr.pages.dev
URL
blob:https://crossbrand-onwin-tr.pages.dev/90f6abaa-5a9b-4a7f-bc8d-564347f3eabd
Domain
crossbrand-onwin-tr.pages.dev
URL
blob:https://crossbrand-onwin-tr.pages.dev/85a88d2f-2438-42b3-bf42-8c0029ac76af

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| landingConfig object| dataLayer string| ddjskey object| ddoptions string| afto function| aft boolean| dataDomeProcessed object| dataDomeOptions boolean| ddSbh object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| phonePattern object| links object| pageState object| formNotif string| formMode object| aftStore function| aftUUID function| aftSID function| aftGenSID function| startBBClicker function| stopBBClicker string| afti string| _D9tysGh2 object| google_tag_manager object| google_tag_data string| key number| width number| height object| last_10_events object| current_event function| onYouTubeIframeAPIReady object| recaptcha object| closure_lm_51211 object| gaGlobal function| detectIncognito boolean| is_incognito object| webVitals

6 Cookies

Domain/Path Name / Value
.crossbrand-onwin-tr.pages.dev/ Name: __cf_bm
Value: 4TQF2n8wqdCbSYcRaQeKghOBwM6KSUNJGzH3AZHNlb8-1734049221-1.0.1.1-RHSasUHO_PDWWQ3dwOBR26i82vyTasVS5znWhsESUbbO.1TVbnD1wK7Vfg3ke_u5ulLd43LxibSJuThuAKM5aw
.crossbrand-onwin-tr.pages.dev/ Name: datadome
Value: sfEYtg9_rG~7A8ZuRYiC9tNPfph5IS5zhaPdTTcuwDKj6jRzGvteWxnmGCnzH5ltBrG6E2Ap7EIaZ4CWhSrIcFw18IJGx3Jty4tbqZen5Ocn6Xb9U09FUZJtchwLcoIo
crossbrand-onwin-tr.pages.dev/ Name: ga-x3sdiid0
Value: ENmc1MDM2NzhkMjhjNDhmNTk3NDhiYTNlMDRkZjU3OG
.crossbrand-onwin-tr.pages.dev/ Name: _ga
Value: GA1.1.978189690.1734049223
.crossbrand-onwin-tr.pages.dev/ Name: _ga_FSDW78HQ4L
Value: GS1.1.1734049222.1.0.1734049222.0.0.0
crossbrand-onwin-tr.pages.dev/ Name: ga-d98gkkii
Value: 675b4fedc4bfc7b16a94b9d7

5 Console Messages

Source Level URL
Text
recommendation verbose URL: https://crossbrand-onwin-tr.pages.dev/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering warning URL: https://crossbrand-onwin-tr.pages.dev/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A060250F2C200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://crossbrand-onwin-tr.pages.dev/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090250F2C200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://crossbrand-onwin-tr.pages.dev/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A020DD222C200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://crossbrand-onwin-tr.pages.dev/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C0DC222C200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
crossbrand-onwin-tr.pages.dev
f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
js.datadome.co
pagead2.googlesyndication.com
region1.google-analytics.com
unpkg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
crossbrand-onwin-tr.pages.dev
142.250.185.67
142.250.185.68
172.217.18.98
172.67.162.47
18.66.122.11
2001:4860:4802:32::36
2606:4700::6811:f8cb
2a00:1450:4001:809::200a
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
3.125.169.2
3.127.180.74
65.9.66.117
01b8fd2af22e80c46cc011e57a53e266b984aebe6eca596f791032b1261441f7
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1e30570f126abcc614ada548406b3dd6035b4ccb6ef95b42041f68d3e813a2e1
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
4e166a54e5229407d516f7e86c524a18a1c14c57b25285cf6cc9b8b137906c4e
53adc6f3a83391f57b8b2f2627f99c27abd3c1340cd63c968af63014285c6c71
55cc8680e86294c6b0a8b24c219d44304d2fa5dfe478e1be5623638e928e82ef
5caf26fc9bbd7e955e3b323b678e047dd7cd0aabc241b68160fe1bd924a33d31
638060ae1c0a4df08b92caa6277caa704ca42f2b8cd68bd6f9d9d4ece0340d72
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
7b093cbb49adc2923b6ef6b58ad22f87ba4a008e0ecb27665a76cab5e9deeb40
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8b4820b8afa15fc9f5299882d7bab0344bd03ccbd9f10c0ec2d0afbcf1dd2edd
8d4ab7674a0d7acc7775e8807f0ac51596748c96a9683dd0bb3687126c5e85ff
9d5b243ecee507eb2c77fec9be8f00f6b2c401f1cd0532c86510de001736850e
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
b0b0573273315d9ca450d082250919ebd3de49ea7806c65cd9db33b65ea6341b
b0c3b085844565b8c573583de50de941c3b933edd25f12678d2e52458257abcd
b73c1098eed65e61418b5f54ba17ba07a9760a9b9d93f188833b3874cfda5ddf
c6a3a2d5aed331d01cf365b991f0613f23ef2324ff4a5c0987594413913712b8
d9562627da18e46cff037920308180f72f46e6df973ce331b68b8fe0509430a2
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd