start.ea-sultangames-1791.xyz Open in urlscan Pro
172.67.183.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kz-game.darkcloudpdr.com/
Effective URL:
https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec...
Submission: On August 06 via api (August 6th 2024, 11:14:41 am UTC) from US — Scanned from NL

Summary HTTP 36 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 36 HTTP transactions. The main IP is 172.67.183.110, located in United States and belongs to CLOUDFLARENET, US. The main domain is start.ea-sultangames-1791.xyz.
TLS certificate: Issued by WE1 on June 21st 2024. Valid for: 3 months.

This is the only time start.ea-sultangames-1791.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.61.59.133 5.61.59.133	58061 (SCALAXY-AS) (SCALAXY-AS)
1 1	78.141.210.193 78.141.210.193	20473 (AS-CHOOPA) (AS-CHOOPA)
1 1	104.21.46.203 104.21.46.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	172.67.183.110 172.67.183.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.79.68.53 5.79.68.53	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:303... 2606:4700:3033::6815:308e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
36	9

1 5.61.59.133 (Dronten, Netherlands) 1 redirects

ASN58061 (SCALAXY-AS, LV)

kz-game.darkcloudpdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.141.210.193 (Amsterdam, Netherlands) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 78.141.210.193.vultrusercontent.com

click.ex1-gaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.46.203 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

affcl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 172.67.183.110 (United States)

ASN13335 (CLOUDFLARENET, US)

start.ea-sultangames-1791.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.79.68.53 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cdn.adpool.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:308e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bet.pm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	ea-sultangames-1791.xyz start.ea-sultangames-1791.xyz	1 MB
2	gstatic.com fonts.gstatic.com	28 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	274 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	72 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	bet.pm cdn.bet.pm — Cisco Umbrella Rank: 540941	24 KB
1	adpool.bet cdn.adpool.bet — Cisco Umbrella Rank: 54220	2 KB
1	affcl.org 1 redirects affcl.org	810 B
1	ex1-gaming.com 1 redirects click.ex1-gaming.com	470 B
1	darkcloudpdr.com 1 redirects kz-game.darkcloudpdr.com	909 B
36	11

	Domain	Requested by
25	start.ea-sultangames-1791.xyz	start.ea-sultangames-1791.xyz
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	start.ea-sultangames-1791.xyz connect.facebook.net
1	www.facebook.com	start.ea-sultangames-1791.xyz
1	www.googletagmanager.com	start.ea-sultangames-1791.xyz www.googletagmanager.com
1	fonts.googleapis.com	start.ea-sultangames-1791.xyz
1	cdn.bet.pm	start.ea-sultangames-1791.xyz
1	cdn.adpool.bet	start.ea-sultangames-1791.xyz
1	affcl.org	1 redirects
1	click.ex1-gaming.com	1 redirects
1	kz-game.darkcloudpdr.com	1 redirects
36	11

This site contains links to these domains. Also see Links.

Domain
ea-sultangames-1791.xyz

Subject Issuer	Validity	Valid
ea-sultangames-1791.xyz WE1	`2024-06-21` - `2024-09-19`	3 months	crt.sh
adpool.bet E5	`2024-06-18` - `2024-09-16`	3 months	crt.sh
bet.pm WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
Frame ID: 4835CE9BF0301A2FCA0430D34048CAD9
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sultan Games Онлайн Ставки на Спорт в KZ ⭐️ Онлайн Казино Султан Геймс

Page URL History Show full URLs

https://kz-game.darkcloudpdr.com/ HTTP 302
https://click.ex1-gaming.com/LLfmpk0x?sub_id2={sub1}&sub_id3={sub2}&sub_id4={sub3}&sub_id5=140d75h9d3&sub... HTTP 302
https://affcl.org/?serial=61303906&creative_id=3683&anid=01912765-d8ba-721b-910c-e42939240663&... HTTP 302
https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

36
Requests

94 %
HTTPS

55 %
IPv6

11
Domains

11
Subdomains

9
IPs

4
Countries

1367 kB
Transfer

2331 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ea-sultangames-1791.xyz/ru/login/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&regBonus=7

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kz-game.darkcloudpdr.com/ HTTP 302
https://click.ex1-gaming.com/LLfmpk0x?sub_id2={sub1}&sub_id3={sub2}&sub_id4={sub3}&sub_id5=140d75h9d3&sub_id1=140d75h9d3 HTTP 302
https://affcl.org/?serial=61303906&creative_id=3683&anid=01912765-d8ba-721b-910c-e42939240663&sub2=187 HTTP 302
https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=336467324681731&ev=PageView&dl=https%3A%2F%2Fstart.ea-sultangames-1791.xyz%2Freg-form%2Fnew%2F%3Fqtag%3Da47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663%26x_pm_click%3D114ec79d532a55ed35af909d10b31d2f%26redirect_creative_id%3D3683&rl=&if=false&ts=1722942874391&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722942874388.923067220780854485&ler=empty&cdl=API_unavailable&it=1722942874135&coo=false&rqm=FGET HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D336467324681731%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fstart.ea-sultangames-1791.xyz%252Freg-form%252Fnew%252F%253Fqtag%253Da47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663%2526x_pm_click%253D114ec79d532a55ed35af909d10b31d2f%2526redirect_creative_id%253D3683%26rl%26if%3Dfalse%26ts%3D1722942874391%26sw%3D1600%26sh%3D1200%26v%3D2.9.164%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1722942874388.923067220780854485%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1722942874135%26coo%3Dfalse%26rqm%3DFGET

36 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
start.ea-sultangames-1791.xyz/reg-form/new/
Redirect Chain

https://kz-game.darkcloudpdr.com/
https://click.ex1-gaming.com/LLfmpk0x?sub_id2={sub1}&sub_id3={sub2}&sub_id4={sub3}&sub_id5=140d75h9d3&sub_id1=140d75h9d3
https://affcl.org/?serial=61303906&creative_id=3683&anid=01912765-d8ba-721b-910c-e42939240663&sub2=187
https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683

45 KB
13 KB

1065ms
951ms

Document
text/html

172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a40c4cad371ed243e48d1396639aa708e220f8c403e240ab4329f732808e4c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aee9a96afa89295-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Aug 2024 11:14:33 GMT
hserver: 6
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BtbzwnNqd7vBzIZKhQv6DUfQoyIQCEkQYI%2BhVpVQC5SqHQ2OZfI1Ss9%2BM3%2Fqq6ziacvwuOk8QrxpENQ8SF2BdUjutkHbeR0rLRgNknAJlmvgO%2B%2BKniUPDvK3bWF2%2F%2FXPw%2FOvT%2B4cYsDfB0Qw2MTsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8aee9a955ea19b80-FRA
content-type: text/html; charset=UTF-8
date: Tue, 06 Aug 2024 11:14:31 GMT
location: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ermHCbTTs2QA4l%2FFTkl85O5qocgXGKW1NQQToBkG1iw%2BDJ3tSeuX%2FqLBaB1r0272zsj7qoYPamV16Y82TA45ycfARLpzEUzu%2FJaFQjrskgqcEFLBrV1C%2BGhhfcY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-detected-country: de
x-pm-click: 114ec79d532a55ed35af909d10b31d2f
x-powered-by: PHP/8.2.12
x-user-click: 32b5bc7d4064786430c4fc637d39d2da
x-user-unique-click: 1

GET
H3 200 bundle.css
start.ea-sultangames-1791.xyz/reg-form/new/public/ 132 KB
19 KB 81ms
80ms Stylesheet
text/css 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f689fa54d3c32b42e3fa31458d4aa009ecbedca6d35616fe5c3bc43c31c451

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1408
alt-svc: h3=":443"; ma=86400
content-length: 18530
last-modified: Wed, 10 Apr 2024 12:50:23 GMT
server: cloudflare
etag: "20f78-615bd7b64cc78-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZA38DifkniyrJsNY5Ox90vl1dCbp7%2Fd8h0LjWVpRN%2Fa0%2Fu5XxrZrdB7WklCgxr%2FyDpj10Jp%2Fb5Y1AfWbH%2FOwrN4eZOmDVjO15K0X4dy696JQ4oJbZho6Ad%2FVUH7y0f5JnoGoR2wchC1WG9pTifzrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
hserver: 10
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9d09129295-FRA
accept-ranges: bytes

GET
H3 200 loader.css
start.ea-sultangames-1791.xyz/reg-form/new/public/ 969 B
885 B 80ms
79ms Stylesheet
text/css 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/loader.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4070fe3f03db94a3024505e901d2417f82d5cb3c0cfd5df0b734968793a76eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1408
alt-svc: h3=":443"; ma=86400
content-length: 329
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "3c9-615bc9800dbc4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vmyl92iDhy0Z1RdzUq5l7B1y3sVznnPNJ8aAgM%2BdUduUxTZ6KQk9H9sZZsQKXzYprzhmK2w5yOsKpkTCFPiC0fkrh%2BmDdTy6cBPfhb0mUpGiT%2FpC6onZlZyZXMEQl0IWuS%2BcjnTaheqXqWkhUYYrdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
hserver: 5
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9d09159295-FRA
accept-ranges: bytes

GET
H3 200 s.js Show response
start.ea-sultangames-1791.xyz/fpapi/ 103 KB
30 KB 140ms
132ms Script
text/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/fpapi/s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed78c95e406b4a9825da57ba6936552b6e0f572cae8d44468db113927bc8e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhWOf2faxdO%2FPSvoK%2B7Uvpq4c768HBtp5%2Bf3rk1j1j30mh3p817TS3Z5sBxLUL%2F4y3o3tEioZ5UHR9flR3kYXuBhyBY2LV4AWbJabkjt5UAoe1ENaITYQyI32AE6eQZb0SM2msLl1Y7cYqy8UB1ivw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600
hserver: 8
cf-ray: 8aee9a9f6cb69295-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adtag_redirect.js Show response
cdn.adpool.bet/libs/ 2 KB
2 KB 259ms
103ms Script
application/javascript 5.79.68.53
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adpool.bet/libs/adtag_redirect.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

5.79.68.53 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

2772e0b5310e29609314e7837a72780867d82e17833f160c1fced4f4914a1579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://start.ea-sultangames-1791.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
x-content-type-options: nosniff
content-length: 2016
x-xss-protection: 1; mode=block;
last-modified: Tue, 25 Jun 2024 11:27:07 GMT
server: nginx
etag: "667aa98b-7e0"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 07 Aug 2024 11:14:33 GMT

GET
H3 200 mlibrary.js Show response
start.ea-sultangames-1791.xyz/mtapi/js/build/ 37 KB
9 KB 81ms
81ms Script
application/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/mtapi/js/build/mlibrary.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

871fcc70bb938f9470302f37d9b68e25f6bab3a1b48e5fe3dccc98463824250b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5301
alt-svc: h3=":443"; ma=86400
content-length: 8677
last-modified: Thu, 23 Nov 2023 11:01:54 GMT
server: cloudflare
etag: "92ac-60acfc382665d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZ2ZRAcTqNYdJqMFTKpxteq6z%2B60M9EYi1C20Q%2FrOxMKuertIrAYcm68gKHzx5OG8rJRFMaDre8F0qiPsAD%2FXtLZvi8ZywcB07W5fk3GneXtDoxLBiKiODXJKMGFBblMxGUEK%2Bpua%2BXH%2Fl3rBX0xtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
hserver: 7
accept-ranges: bytes
cf-ray: 8aee9a9d09199295-FRA

GET
H3 200 sogan.svg
start.ea-sultangames-1791.xyz/reg-form/new/public/images/ 16 KB
7 KB 145ms
145ms Image
image/svg+xml 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/images/sogan.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbedba2ab1101f37ccf0d67d6da30b706d0fb1447595931ea92e853458aa4af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1408
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: W/"3ece-615bc98009d44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8edvr7Y6r26vNEwUqjm7TD9DV3cMMOD3f89YKpU7pvlJsrepxmG%2BcVW9sk1lSiyOMBbzTSJ1MQcNe1%2FFjD2WNYcVubsFuw%2FfcrUVO4jb79G%2B5TTVZJKbIvwb%2F11Ate8G0xB%2FLXMrgc%2F%2FqzeKHuwM6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
hserver: 10
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9d091c9295-FRA

GET
H3 200 coins.png
start.ea-sultangames-1791.xyz/reg-form/new/public/images/ 4 KB
4 KB 146ms
145ms Image
image/png 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/images/coins.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c26ed4e9bf435e32007f9a0bb2bcc5195d247789f5fa80034bac19992bd40f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1408
alt-svc: h3=":443"; ma=86400
content-length: 3836
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "efc-615bc97fff164"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIDV5L4L%2BGW78vhst%2BglcL9p1fUwX1DvDpHmbGgfrKqyuGbMtlghdzqaEoeZyug%2FcrkB%2FgdpBs6HilBYMwOAnDgq11qxAAmIIpSfltqDFL9EX77SIXSeMDNvBPz9Q6ln1HXTXM%2BWdY59OpCfKNIqug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
hserver: 6
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9d09209295-FRA
accept-ranges: bytes

GET
H3 200 main.png
start.ea-sultangames-1791.xyz/reg-form/new/public/images/ 689 KB
690 KB 81ms
69ms Image
image/png 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/images/main.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab63670502b4e887e57c02ce6f89f465891cbb363e8a8fc26d9ff447dfd894ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1408
alt-svc: h3=":443"; ma=86400
content-length: 705604
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "ac444-615bc98007e04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPg%2FdyikRPk6b16bi%2FLfI23ltUU9sw3JV9%2BfH01F7l4Dh0Tjd0VIYrTjAJJZbzS6YHMKyFGVqaksEnGVa1YKW4US0VwvanH5EUtIYmWYFyYuamEIl77ojBWcN8NBZP7RQAco%2FQC3PG1YwYHcG1MBoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
hserver: 8
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9e2aa69295-FRA
accept-ranges: bytes

GET
H3 200 imagebonus.png
start.ea-sultangames-1791.xyz/reg-form/new/public/images/ 18 KB
19 KB 257ms
256ms Image
image/png 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/images/imagebonus.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a87b7193fd00cfec87463a1262238512bb707b18de5401bd4930790bb794cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1408
alt-svc: h3=":443"; ma=86400
content-length: 18537
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "4869-615bc98005ec4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lud5DhsHnGVRlnQCmN7WmEoDnNwtILMrRbwAS61Xqp8D%2FNEXso4YoGJmCE4DaYINIBNHBItuv6OUKHWnelKJ9P9MK0EpG7YTSRBHV9I8eo41zCNjZ9cJYkk8zegHp5fDyzf1LkXT6v6pFOnRQqriRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
hserver: 10
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9e2ab09295-FRA
accept-ranges: bytes

GET
H3 200 modernizr-custom.js Show response
start.ea-sultangames-1791.xyz/reg-form/new/public/ 3 KB
2 KB 74ms
66ms Script
application/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/modernizr-custom.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1408
alt-svc: h3=":443"; ma=86400
content-length: 1329
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "aa9-615bc9800dbc4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BT5njIZk8X1IYxnIiQTW%2Ff0Jb1ugfqaMc02L4Bu%2BY%2BcjcnwOdu9aBYVY0PQzEh4z%2BN9NWT1R3qbbKOxxVrtTkMklYxOSzRQvkW9SJXOrynJ9E2ITb1m0VLBJa%2B%2F7rfXKoW3ihTp%2FP5EcTd6vRQEZ3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
hserver: 8
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9f6c9d9295-FRA
accept-ranges: bytes

GET
H3 200 vendor.js Show response
start.ea-sultangames-1791.xyz/reg-form/new/public/ 86 KB
31 KB 62ms
54ms Script
application/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/vendor.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaa9f36ea28f09d6205eb1ad72b9243281406b54bb050a3b3850b0c9513079d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1408
alt-svc: h3=":443"; ma=86400
content-length: 30873
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "15996-615bc9800dbc4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFLQhqRSO1kxG%2ByT3QXWXH6grMIyIifkuM%2FRWR7ObKZ%2FOveyHngEvYi3hsgmzFmcVV%2Fv%2FXAXE7zE2FiIWoaY%2F%2Fncdw0hLUmcnnjWOiud0z9xY02HKWhRkZ2oWGMyCgFV8vrtHwEDdBWHqwq4FyF3tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
hserver: 7
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9f6ca09295-FRA
accept-ranges: bytes

GET
H3 200 bundle.js Show response
start.ea-sultangames-1791.xyz/reg-form/new/public/ 231 KB
72 KB 71ms
63ms Script
application/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c5b3ba1f526a822253a2b719bbc8c930ed627b5661dff1e5307b1076cd1f187

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1408
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "39b8c-615bc97ff35e4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aA9uO2cgOYPzOg74Dz96L0JAj0oiecgSwQFufltCxKNBc7%2B5bqCQjJ3Gpn8mEWKJosAz32xoErY%2BUr5bwg%2Fpl%2B%2Ba7JXTNZtiBLGuWbFpPk%2FebdXXiakYjIxg%2B0UShLIUsN63ssjUOMKMXKjrzOiRrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
hserver: 8
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9f6ca49295-FRA

GET
H3 200 phoneMasks.js Show response
start.ea-sultangames-1791.xyz/common/global-phone-mask/dist/ 117 KB
36 KB 75ms
67ms Script
application/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/common/global-phone-mask/dist/phoneMasks.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b22a4b178688d745862022d1c80cff1ac3d5b4067569f46f812eb99c042b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 3361
alt-svc: h3=":443"; ma=86400
content-length: 36325
last-modified: Tue, 19 Sep 2023 12:44:15 GMT
server: cloudflare
etag: "1d268-605b59ddd1ebd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7Q9954msaAmaTFrknnzTpwQKK%2Bp7Pt6f2sDtG4xcSKACtHsqsUDFD2Mv38aNx4oXeCnDcoIzT%2FyQ06Avui2TX4YfKmf%2Fdcy2CtQY2o2f30j4xm5M6Tt6pmaKhlOOxRb1wPLLuTyqTUo64FPG2PZaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
hserver: 5
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9f6ca99295-FRA
accept-ranges: bytes

GET
H2 200 password-validation.js Show response
cdn.bet.pm/common/js/global-password-validation-nomad/dist/ 76 KB
24 KB 540ms
52ms Script
application/javascript 2606:4700:3033::6815:308e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bet.pm/common/js/global-password-validation-nomad/dist/password-validation.js
Requested by: Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:308e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14687c549d9801caeaba7f58d76ae386fc7b0b8041a4d5e3468aaae022963c43

Request headers

Referer: https://start.ea-sultangames-1791.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:34 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2854
alt-svc: h3=":443"; ma=86400
content-length: 23660
last-modified: Thu, 30 Jun 2022 10:51:35 GMT
server: cloudflare
etag: "13177-5e2a80dabd866-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7vZgr1ZzwDmoasrpciW9kJ8wXgOI%2FQwH3CgB78FHbo6IaGydqeDCZFvY3T2AewtktTBt7TwxzWmP%2BRaciCi%2FMOU5DXTRT6zA3fTCtQBzmRN2iSAT1DeJNORELj8u3wFOrAO8diwsCR4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aee9aa27a322c04-FRA

GET
H3 200 auth-helper-v2.js Show response
start.ea-sultangames-1791.xyz/common/js/ 15 KB
4 KB 74ms
66ms Script
application/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/common/js/auth-helper-v2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5bd71ed37d68f0565407c96b85074562c65ea9ee7719ecb9fdf254c67f7c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5301
alt-svc: h3=":443"; ma=86400
content-length: 3801
last-modified: Tue, 19 Sep 2023 09:03:16 GMT
server: cloudflare
etag: "3c0a-605b2878239e3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W860ojeTYvQJEFSbsuzpErcQi2H08Q0Q1%2FfGGTavd73vbKDrlO98Utk8ZsfqNOlzZEKEXUQO9WVSeETp0mlNgxKNzQ6eipZZQIyUe%2B%2FHXhPAnlks0Ta%2FOjT5Zppl0LfoThdXkspUOK2zHxLqfAYNAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
hserver: 10
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9f6cab9295-FRA
accept-ranges: bytes

GET
H3 200 forms.js Show response
start.ea-sultangames-1791.xyz/reg-form/new/public/js/ 2 KB
2 KB 71ms
63ms Script
application/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/js/forms.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106f703727e07f26c56de02548d93ee9a400171549f66ab700d8515e916dbf4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1407
alt-svc: h3=":443"; ma=86400
content-length: 990
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "8de-615bc9800dbc4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RpLJOcGIiF7uOH8dzxNngS%2Fn7mjRmab6AABF1NYXFXDPoEV2MIbEx4XN7yXigHLtvLelFenQWUskXf5kgmc%2FTnW1AW%2FhSHGlDGCiwpzElTgxzzP6OkmNKSsP%2FJL%2BLAAXjcNAvcOc8KJDbtSsFc4mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
hserver: 7
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9f6cae9295-FRA
accept-ranges: bytes

GET
H3 200 parallax.js Show response
start.ea-sultangames-1791.xyz/reg-form/new/public/js/ 3 KB
2 KB 70ms
62ms Script
application/javascript 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/js/parallax.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64fec19e8c5b8239f01b896ecdcb90705897eced5eef87003766811bf82dd6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1407
alt-svc: h3=":443"; ma=86400
content-length: 1039
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "a94-615bc9800dbc4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3tYje1mxWkGGogLoJMAR%2F9AyTIzPL57iRYncXaEOWr9PX5cz835haKjoMQ6m8Sx%2FK2vFSYVZ1dP3gm8zh4pN%2B1yP8ngBAtbU0KTlm6z4DhI0qqeKhreIzQmYYzObBpvmKkXMdQtG3Q34aU60lDhxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
hserver: 10
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9f6cb09295-FRA
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 257ms
40ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:ital,wght@1,700&display=swap

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ecd1dbc5ec3b09ea8ccf9bba4c7c4a6b5b5d6e66b3ddabb1e6cf9b78471d3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://start.ea-sultangames-1791.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Aug 2024 11:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 11:04:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Aug 2024 11:14:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
72 KB 538ms
51ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M6SBLH33

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

683812ecad20d8f9ea55e0eb59dc3f0a5edba912a82aa740cedcd9fe895bb83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://start.ea-sultangames-1791.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73263
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Aug 2024 11:14:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 500ms
33ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://start.ea-sultangames-1791.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Aug 2024 11:14:33 GMT
document-policy: force-load-at-top
x-fb-server-load: 47
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=12, mss=1297, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 8FfYKidMr45AtmMuzyl3HJ2ZDDbfmWRFHp5dgrwS6wuCD1HNVIf4ZP3nIjnO2LsPTmmNL8gU0zRaAVJ+A2pMGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 timestamp Show response
start.ea-sultangames-1791.xyz/mtapi/promo/ 27 B
472 B 89ms
81ms Fetch
application/json 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/mtapi/promo/timestamp

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/mtapi/js/build/mlibrary.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c6c8856a2cba00d65094168617c7563d4ba8c3937f784fa4089969647a7c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zzFEfN4tObC2AXLDZdqalmnW9nx03I6FOqtqxDsFQqLigrZhEtPLLq%2Fs7jB7tOkV3WrrDfef5hquJqjKhmXO1zTOwhDMxofIrNsfoloRFaUYA6KZMpIY%2FJiRZhaeEHULovg3ZIAvpV4RXMGkvj99xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-store
hserver: 6
cf-ray: 8aee9a9f6cba9295-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bg.jpeg
start.ea-sultangames-1791.xyz/reg-form/new/public/images/ 33 KB
33 KB 94ms
90ms Image
image/jpeg 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/images/bg.jpeg

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b5b302097dfd70813296b97a67f186450f1052bd6e9a5c8797b724fd42dd490

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33672
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: "8388-615bc97fff164"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGOhrkWS4Xfc64dlyuZMla4S7o1fxUpNBVCCGmxkE3wCE9xeiShIKK9faryep0KKKVwC7Yp%2BN0R4JD9ChzuJQsP8D5yBq98lbj7S4qjFMFpnf5lHT5eGrCBLS6kHEfajFZ4lxkzMBd8dnr09WwauqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
hserver: 5
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9f6cbe9295-FRA
accept-ranges: bytes

GET
H3 200 Roboto-Regular.woff
start.ea-sultangames-1791.xyz/reg-form/new/public/fonts/ 91 KB
92 KB 69ms
62ms Font
application/font-woff 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/fonts/Roboto-Regular.woff

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ab5ae448dcec1f31abbbaa7dce8dcb1d890479f1bc4670a89c95f10063cf3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css
Origin: https://start.ea-sultangames-1791.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1407
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: W/"16ccc-615bc97ffd224"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBVM9PIzC7Pkztazug%2BWRKg5EoN2CrK05ncPN5FX3JsxFKd4Bm%2Fg8oAv0zWC%2FH60sd91a8%2BLdO%2F8PUtOL6PhMKiS0IIE%2BvhdbU%2BDNcjRpSs4Xos670rba4J7pDq0VhWDn72zciDwXz4KhBcW1szn8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
hserver: 9
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9fdd9b9295-FRA

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65abbf6ebe44e9d99a2a47b006a99774423a1f08e760faf2ea6aedfa0441d176

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Roboto-Bold.woff
start.ea-sultangames-1791.xyz/reg-form/new/public/fonts/ 92 KB
92 KB 79ms
72ms Font
application/font-woff 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/fonts/Roboto-Bold.woff

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa340f033ddfa5e7f8bfe80638c3b137887eb30996588852ec218d2007e68b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css
Origin: https://start.ea-sultangames-1791.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1407
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: W/"16e04-615bc97ffc284"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aajh3WPuZkigB3CEx4rEDVdcgC26qf0xVuBomOfylrvDgGtLoF4Fe2XATemYJxXnNz0ABijQLsd6IGCZFjz5fqxOe0C7X5faQxY4YgCRR5mYbkMDsviO17K4Nh6GPxA5dSHBdoSCV6av%2FwKxL06cEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
hserver: 10
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9fdda09295-FRA

GET
H3 200 icomoon.ttf
start.ea-sultangames-1791.xyz/reg-form/new/public/fonts/ 7 KB
5 KB 76ms
69ms Font
application/font-sfnt 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/reg-form/new/public/fonts/icomoon.ttf

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2465e2786081c1d50f855a6ad32576b9bf6e6fb2e8ae5ed988b8a0db5c791ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/public/bundle.css
Origin: https://start.ea-sultangames-1791.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1408
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Apr 2024 11:46:48 GMT
server: cloudflare
etag: W/"1c74-615bc97ffe1c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcvCgEeXUKwKn%2BLV6WrpyR2OD64sCzPlqa8zIJ0TS1Znywmkp61vPgJhlycEq8pu2CXPx1qJ5kPHiz5jGCDobSYOHvV9fhqKv5TVI4x7IxExBTLEQElpZ9%2BSqusheGRo8WbMO6melgEXIYySy7BuZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
cache-control: max-age=14400
hserver: 6
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9a9fdda49295-FRA

GET
H2 200 iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHU3f4I.woff2
fonts.gstatic.com/s/rubik/v28/ 19 KB
19 KB 476ms
51ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHU3f4I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efe5a75edcd239c0f6598f4b7dbfa2e9e1b6c110f9b3c2fe1f773c22f040a79b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://start.ea-sultangames-1791.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 12:03:30 GMT
x-content-type-options: nosniff
age: 601864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19436
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:15:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 12:03:30 GMT

GET
H2 200 iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHUzf4L1kA.woff2
fonts.gstatic.com/s/rubik/v28/ 8 KB
9 KB 476ms
51ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHUzf4L1kA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78fb9cb725b26a83ab2e5dd0213619840b0313a16341611b505ea23224272c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://start.ea-sultangames-1791.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 15:01:50 GMT
x-content-type-options: nosniff
age: 591164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8456
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 15:01:50 GMT

GET
H3 403 / Show response
start.ea-sultangames-1791.xyz/forms/masks/ 6 KB
3 KB 70ms
69ms XHR
text/html 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/forms/masks/?brand=SLTN

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/common/global-phone-mask/dist/phoneMasks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b63cc17e22362e6357e712d200f62f058f754d7d184eff8446d407b6664ff54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DbNZjzSFLcFwrCazEM1oCIe1COcyOM1MOxc7J4Oq%2BWkmT9rfeoELZHlw7fDwejO5Vi7lt2wmuZ3D0JleE61bLK7ZuWXA5DZZMVjig%2FR3EILHyxv9e91b%2B5c52SbxgN5kqs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
hserver: 6
cf-ray: 8aee9aa359d19295-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 336467324681731 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 217ms
213ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/336467324681731?v=2.9.164&r=stable&domain=start.ea-sultangames-1791.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f671351bf994c68db7d60724c9663a7a4835c1f1505cec10a69a6cd2c53c36c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://start.ea-sultangames-1791.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Aug 2024 11:14:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=48, mss=1297, tbw=64406, tp=-1, tpl=-1, uplat=181, ullat=0
pragma: public
x-fb-debug: Nsall4iDGuJ97+h+Li++PqM3uO1HcEQZScE42BS0yuPlwtdFhQHYIguUSqmUhSjqV/1l3A7lZ0X5AMjO0hKYDw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H3 200 get_country.php Show response
start.ea-sultangames-1791.xyz/ 2 B
505 B 1251ms
1241ms XHR
text/html 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/get_country.php?v=17229428742651ae1addbaaac2

Requested by

Host: start.ea-sultangames-1791.xyz
URL: https://start.ea-sultangames-1791.xyz/common/global-phone-mask/dist/phoneMasks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8oBVKfVhdpiPAD9BUJ3L%2FlBB0ujxCiENRH6MQfTnEk6Pm2piOUaKOYIgAD3wKsoV2lozq%2Bru%2Fm9BcvS1jRbP70MG9ngLHz7dtTpc2vGMcKD3cpwEDMrxlUL4MIG%2B1WgRhb6GC1leU6E%2FgnJxvkW3RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
hserver: 6
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9aa46b419295-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 272ms
33ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=336467324681731&ev=PageView&dl=https%3A%2F%2Fstart.ea-sultangames-1791.xyz%2Freg-form%2Fnew%2F%3Fqtag%3Da47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663%26x_pm_click%3D114ec79d532a55ed35af909d10b31d2f%26redirect_creative_id%3D3683&rl=&if=false&ts=1722942874391&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722942874388.923067220780854485&ler=empty&cdl=API_unavailable&it=1722942874135&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://start.ea-sultangames-1791.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1297, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Aug 2024 11:14:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
www.facebook.com/login/
Redirect Chain

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=336467324681731&ev=PageView&dl=https%3A%2F%2Fstart.ea-sultangames-1791.xyz%2Freg-form%2Fnew%2F%3Fqtag%3Da47694_t61303906_c3683_s0...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D336467324681731%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fstart.ea-sult...

0
0

GET
H3 200 de.svg
start.ea-sultangames-1791.xyz/common/global-phone-mask/dist/flags/ 308 B
725 B 90ms
89ms Image
image/svg+xml 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.ea-sultangames-1791.xyz/common/global-phone-mask/dist/flags/de.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

534a82c6ccfdc08a0c4d2b54885b4ca0317642ed5c55b1a2c2fdbcc72751d878

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Sep 2023 08:42:32 GMT
server: cloudflare
etag: W/"134-6054da83582ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FR7Gc%2B35AJkWrJX%2FxXm18D0zJ4oMASMko2jwMhB2aYztX%2BpH%2FRa%2BEL%2BwF0nJaxOpYXlMzIY96Q%2FUHuVjVy0f1QYGqo94ugpg0AJ79umLD41xGdZs79C6lmBsiVilOVbE90Zl6iFyTewxGuR%2BdLDQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
hserver: 10
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9aac6fce9295-FRA

GET
H3 200 favicon.ico
start.ea-sultangames-1791.xyz/ 450 B
1017 B 50ms
49ms Other
image/vnd.microsoft.icon 172.67.183.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.ea-sultangames-1791.xyz/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcd7de744aee98d20b1460b5bdc71a69d26ee5baa34986733fc3b119cf810b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:14:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3116
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 12:47:08 GMT
server: cloudflare
etag: W/"1c2-605b5a827a5db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SRFSFqFHj6IEfWUI41h7TX0btiwqCYRYWt5SQjcgtHys7IZBswoKcSCGAg83SApjBfhZns0g1GEWdEwoYKVPOrQMchp9sq%2BUYc%2FXg9Qn4%2FN9NxV2jBU%2FfzH21ZEbFHIc1h4DZj5FFItTD2ktQyALTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
hserver: 5
x-robots-tag: noindex, nofollow, noarchive
cf-ray: 8aee9aacf8a79295-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XS79X6TE3X&l=dataLayer&cx=c

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D336467324681731%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fstart.ea-sultangames-1791.xyz%252Freg-form%252Fnew%252F%253Fqtag%253Da47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663%2526x_pm_click%253D114ec79d532a55ed35af909d10b31d2f%2526redirect_creative_id%253D3683%26rl%26if%3Dfalse%26ts%3D1722942874391%26sw%3D1600%26sh%3D1200%26v%3D2.9.164%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1722942874388.923067220780854485%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1722942874135%26coo%3Dfalse%26rqm%3DFGET

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kz-game.darkcloudpdr.com/	1970-01-20 23:20:21	Name: _subid Value: 140d75h9d3
kz-game.darkcloudpdr.com/	1970-01-21 08:11:42	Name: 69635 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2XCI6MTcyMjk0Mjg3MX0sXCJjYW1wYWlnbnNcIjp7XCI4XCI6MTcyMjk0Mjg3MX0sXCJ0aW1lXCI6MTcyMjk0Mjg3MX0ifQ.cM7kHkNqJhUrBLr-yy9ir0xrw8ovcHceqPcH375BwN8
kz-game.darkcloudpdr.com/	1970-01-20 23:20:21	Name: _token Value: uuid_140d75h9d3_140d75h9d366b205979369b3.30142076
affcl.org/	1970-01-20 23:18:54	Name: click_61303906_3683 Value: 32b5bc7d4064786430c4fc637d39d2da
start.ea-sultangames-1791.xyz/	1969-12-31 23:59:59	Name: PARISESSID Value: 1722942874.561.6533.682705
.ea-sultangames-1791.xyz/	1970-01-20 22:40:02	Name: qtag Value: a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663
.ea-sultangames-1791.xyz/	1970-01-20 22:40:02	Name: qtag_t Value: 1722942873536
.ea-sultangames-1791.xyz/	1970-01-20 22:55:52	Name: x_pm_click Value: 114ec79d532a55ed35af909d10b31d2f
.ea-sultangames-1791.xyz/	1970-01-20 22:37:09	Name: entrance_url Value: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
.ea-sultangames-1791.xyz/	1970-01-21 07:21:18	Name: dhash Value: fb6186dc-b782-4873-b494-c4f5c2c7233e
.ea-sultangames-1791.xyz/	1970-01-20 22:55:52	Name: registerUrl Value: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683
.ea-sultangames-1791.xyz/	1970-01-21 00:45:18	Name: _fbp Value: fb.1.1722942874388.923067220780854485
start.ea-sultangames-1791.xyz/	1970-01-21 08:11:42	Name: fuid Value: 2.7483330159154664207
start.ea-sultangames-1791.xyz/	1970-01-20 22:36:28	Name: bdata Value: true

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://start.ea-sultangames-1791.xyz/reg-form/new/?qtag=a47694_t61303906_c3683_s01912765-d8ba-721b-910c-e42939240663&x_pm_click=114ec79d532a55ed35af909d10b31d2f&redirect_creative_id=3683 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://start.ea-sultangames-1791.xyz/forms/masks/?brand=SLTN Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affcl.org
cdn.adpool.bet
cdn.bet.pm
click.ex1-gaming.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
kz-game.darkcloudpdr.com
start.ea-sultangames-1791.xyz
www.facebook.com
www.googletagmanager.com
www.facebook.com
www.googletagmanager.com
104.21.46.203
172.67.183.110
2606:4700:3033::6815:308e
2a00:1450:4001:808::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:831::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
5.61.59.133
5.79.68.53
78.141.210.193
106f703727e07f26c56de02548d93ee9a400171549f66ab700d8515e916dbf4c
14687c549d9801caeaba7f58d76ae386fc7b0b8041a4d5e3468aaae022963c43
18ab5ae448dcec1f31abbbaa7dce8dcb1d890479f1bc4670a89c95f10063cf3e
1a87b7193fd00cfec87463a1262238512bb707b18de5401bd4930790bb794cea
2465e2786081c1d50f855a6ad32576b9bf6e6fb2e8ae5ed988b8a0db5c791ac1
2772e0b5310e29609314e7837a72780867d82e17833f160c1fced4f4914a1579
4070fe3f03db94a3024505e901d2417f82d5cb3c0cfd5df0b734968793a76eb0
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
534a82c6ccfdc08a0c4d2b54885b4ca0317642ed5c55b1a2c2fdbcc72751d878
55b22a4b178688d745862022d1c80cff1ac3d5b4067569f46f812eb99c042b70
64fec19e8c5b8239f01b896ecdcb90705897eced5eef87003766811bf82dd6e4
65abbf6ebe44e9d99a2a47b006a99774423a1f08e760faf2ea6aedfa0441d176
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
683812ecad20d8f9ea55e0eb59dc3f0a5edba912a82aa740cedcd9fe895bb83c
6b5b302097dfd70813296b97a67f186450f1052bd6e9a5c8797b724fd42dd490
6c26ed4e9bf435e32007f9a0bb2bcc5195d247789f5fa80034bac19992bd40f9
78fb9cb725b26a83ab2e5dd0213619840b0313a16341611b505ea23224272c64
7b63cc17e22362e6357e712d200f62f058f754d7d184eff8446d407b6664ff54
840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b
871fcc70bb938f9470302f37d9b68e25f6bab3a1b48e5fe3dccc98463824250b
8aa340f033ddfa5e7f8bfe80638c3b137887eb30996588852ec218d2007e68b7
8c5b3ba1f526a822253a2b719bbc8c930ed627b5661dff1e5307b1076cd1f187
9b5bd71ed37d68f0565407c96b85074562c65ea9ee7719ecb9fdf254c67f7c60
9c6c8856a2cba00d65094168617c7563d4ba8c3937f784fa4089969647a7c7a1
9ecd1dbc5ec3b09ea8ccf9bba4c7c4a6b5b5d6e66b3ddabb1e6cf9b78471d3fe
a40c4cad371ed243e48d1396639aa708e220f8c403e240ab4329f732808e4c50
aaa9f36ea28f09d6205eb1ad72b9243281406b54bb050a3b3850b0c9513079d1
ab63670502b4e887e57c02ce6f89f465891cbb363e8a8fc26d9ff447dfd894ca
b4f689fa54d3c32b42e3fa31458d4aa009ecbedca6d35616fe5c3bc43c31c451
bbedba2ab1101f37ccf0d67d6da30b706d0fb1447595931ea92e853458aa4af7
bcd7de744aee98d20b1460b5bdc71a69d26ee5baa34986733fc3b119cf810b7b
bed78c95e406b4a9825da57ba6936552b6e0f572cae8d44468db113927bc8e31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efe5a75edcd239c0f6598f4b7dbfa2e9e1b6c110f9b3c2fe1f773c22f040a79b
f671351bf994c68db7d60724c9663a7a4835c1f1505cec10a69a6cd2c53c36c2

start.ea-sultangames-1791.xyz Open in urlscan Pro 172.67.183.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

94 %HTTPS

55 %IPv6

11 Domains

11 Subdomains

9 IPs

4 Countries

1367 kBTransfer

2331 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

start.ea-sultangames-1791.xyz Open in urlscan Pro
172.67.183.110 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

94 %
HTTPS

55 %
IPv6

11
Domains

11
Subdomains

9
IPs

4
Countries

1367 kB
Transfer

2331 kB
Size

14
Cookies

36 HTTP transactions
1 data transactions