wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com Open in urlscan Pro
2606:4700:20::681a:d9d  Public Scan

URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Submission: On November 06 via api from US — Scanned from US

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 48 HTTP transactions. The main IP is 2606:4700:20::681a:d9d, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com.
TLS certificate: Issued by WE1 on November 6th 2024. Valid for: 3 months.
This is the only time wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.72.100 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 18.159.163.97 16509 (AMAZON-02)
1 18.238.49.119 16509 (AMAZON-02)
1 142.250.72.99 15169 (GOOGLE)
1 44.207.86.177 14618 (AMAZON-AES)
4 18.195.100.83 16509 (AMAZON-02)
1 142.251.41.2 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2001:4860:480... 15169 (GOOGLE)
48 12
Apex Domain
Subdomains
Transfer
29 pu211ev.com
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
1 MB
5 pudaf.com
fs.pudaf.com — Cisco Umbrella Rank: 589732
f.pudaf.com — Cisco Umbrella Rank: 525881
75 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
739 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
4 KB
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 3901
api-js.datadome.co — Cisco Umbrella Rank: 3832
32 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
185 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
24 B
1 gstatic.com
www.gstatic.com
215 KB
48 9
Domain Requested by
29 wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
4 www.google-analytics.com wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
4 f.pudaf.com wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
2 unpkg.com 1 redirects
2 www.googletagmanager.com wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
www.googletagmanager.com
2 www.google.com wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
www.gstatic.com
1 pagead2.googlesyndication.com wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
1 api-js.datadome.co js.datadome.co
1 www.gstatic.com www.google.com
1 js.datadome.co wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
1 fs.pudaf.com wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
48 11

This site contains links to these domains. Also see Links.

Domain
tdssvc.com
Subject Issuer Validity Valid
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.pinup-antifraud.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.datadome.co
GandiCert
2024-10-24 -
2025-11-24
a year crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 2 frames:

Primary Page: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Frame ID: 9F379375726AC259CBB495C113C07200
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LedJp8UAAAAAIq3ybIliqLDRKLsAKllpPy8onPz&co=aHR0cHM6Ly93aGVlbC1zd2VldC1ib25hbnphLWNhbmR5bGFuZC1waW5jby1rei5wdTIxMWV2LmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=176fnhvafxjg
Frame ID: 3B42F0C97C3000D46A91CDD56567E7A2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Крути колесо – Получай подарки

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

48
Requests

96 %
HTTPS

36 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

2027 kB
Transfer

3156 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

48 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
23 KB
6 KB
Document
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b7f5889eb806a98c4609185b58d823260aa3dd8127b079558eb00ef5a0d58c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8de6502e0ec1a4e8-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 06 Nov 2024 16:03:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFvf2x%2BQrlHY%2FVxHaAjaYvj0Vtl8lp44KGEUmu9XLFiyJgL352AS1vc7HK%2Bpw7d5QaMMhAGkd2aVlTPiD3GNWbDLiBpRpNyioRHhTGgk2v3jRCH%2F52ffzREZSxnH0xvwHJpIUor4453jut0tdvFVkSQvh7RsY%2FDeDoP90VB18Sw1DXLLvMjU3eYv9jcHKvswww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=30062&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4018&recv_bytes=2441&delivery_rate=129110&cwnd=253&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=198&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff
main.css
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
50 KB
8 KB
Stylesheet
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa6e554f0dcd2ab1ba3bad17e12a8e6144587abbd9fcdc0c77077b186563bbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"588fe7eae570417258f042855a1d91b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WIUHw4kAV%2Fmb%2FokCuJTZ%2BpEWXBoj%2Bi06NLcGSpuzLEq%2BFZVNGBaGOm50JSdX5V27mwseX2MAe9wTWV8UddK%2BDDCSSf01OgXRbuUG916p71Uo01Qf0qYNu%2FJkgxt5atIDh%2FA5gcjfoQudruaC6A2u3%2B8I7AfMrfgoJ0tXwo%2FFPrk%2BO73xFegam%2BuG77vEUnIugA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ecfe6a4e8-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=30127&sent=36&recv=30&lost=0&retrans=0&sent_bytes=15696&recv_bytes=3533&delivery_rate=368489&cwnd=257&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=356&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
logo_pinco.svg
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/logo/
10 KB
5 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/logo/logo_pinco.svg
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112dc5afe79d792908bd0c82e808dbec5cf5935b6d0ba80b38c231fadfece72a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"c0eea02a29ef4d930e5a6a3873a9968d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcG7YWzN9Pw%2F2HydFR5yo%2FsZD7OZTu5EInh6gH0ZgSlDTGQTeQDj%2F%2Fa4S4wC82gj%2BCt2eIdjgvspLFbeV2gCCoEcZRcnwEBGUDMcrAMdBVJUvB0reQ16%2FlLp%2B6oHxOqa1cAM2vZRuzzW5Y2bEAFUckhRIIfy%2Fx97fB7ZLAfdiXO3ZgYz0rMf5wrva%2Fi3hFr1SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ecfeca4e8-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=30149&sent=29&recv=28&lost=0&retrans=0&sent_bytes=10840&recv_bytes=3533&delivery_rate=368489&cwnd=257&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=309&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
turkish.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/header/lang/
1 KB
2 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/header/lang/turkish.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"dd33d67068df1d6e772833ee183c0436"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9eMJZXyXgszT94aemCpNduoJ5AZ1qxXKI8965bFobjxjOEDvEA6cemLkJCasGWqCzqlO%2BzT9uTGMVdtSNKbjcenQyseftyxhXRvOzdOwa90q0YtAF%2Fu5ugAdqUOGA%2F6hXa1WkvGOZbkf8%2FbFQE6%2BCkgnvArliXLlCTGjxP7Zsz6Gturco46SPJnoeYFHD7vfw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30127&sent=46&recv=30&lost=0&retrans=0&sent_bytes=24403&recv_bytes=3533&delivery_rate=368489&cwnd=257&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=356&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ecfeea4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1193
server
cloudflare
kazakh.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/header/lang/
6 KB
7 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/header/lang/kazakh.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ad555d048af744e4c383fc00ff851b738ae84a48df2af6abc02581d17a7d13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"373579c688c96e90a00fb7a188f08b06"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqGrlE5SghFDfNMn5i4Mf0u2FGIJQN7wQHFPNeQ1dNOxAd7sCjE%2Fzj6EaZd9p6Y%2FPG5ltmysUwgCGR1jvb%2Bi3Xp8vy8Y80atkStQM1LaVW3BLJLTMuigdJ7mNdkK7PdKfu1w1cwbTAdjtBHjez7fqn920on1MVDhqrsYEjhWr8ssVHtvEU6CwsgLc9KaNiuoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30938&sent=104&recv=31&lost=0&retrans=0&sent_bytes=90295&recv_bytes=3533&delivery_rate=460519&cwnd=257&unsent_bytes=23540&cid=fa1f9cec89cf7e26&ts=396&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef850a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6521
server
cloudflare
russian.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/header/lang/
265 B
908 B
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/header/lang/russian.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c666bc8df31637dffcf28995029d89f2761e5a6bcbec9b5a227334ebf92612f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"ee7f570f8f9f3a425b788d20e7c89034"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8ekPaB0T6p32KVDpmCvSq55WvwvrTA3wvi4PLsR%2Bs90l%2F3M6CObU9GpNSRcq1t9s1ol%2F7PYOc9Jxm%2Buyxfdk6yiv6Iez8CGW37M3A7OEjAOd0a5TTL%2Bln7Cg1uMW7LAicV1EOxg3%2FJuNwuA2X%2FC8JPB01kU0WK7VMHpua7HbziJulpA%2BAShih2VSFwGPp7lRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30127&sent=49&recv=30&lost=0&retrans=0&sent_bytes=26167&recv_bytes=3533&delivery_rate=368489&cwnd=257&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=387&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef856a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
265
server
cloudflare
girl_left.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/
357 KB
358 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/girl_left.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780ea4acf28be9ccc4da22f3f58e06fcac62c45f3f05e8e2f8a45fdd6777a1a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"cd4cbd6f9db463d645eb3878528ca63b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbJZDtoJDQYyMHCx0ZU5p9LYTiHbIaAwIF1I4DfR2jSVuD0kpSfeLMQfjX35smH335zz2ImXfe2%2FVVZERY70M3cNH5tENoeH7S%2BfqQLN8ooMWn9ZQKiY88vWiBMeQ9Yo44zP4j0BWbdR4pHqd7jCDZyGxJ0w8%2FG05ug%2BsaW8UOVmHIni1EoVY3uR1Qj3qPGIWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=529&recv=280&lost=0&retrans=0&sent_bytes=627770&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=610&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef859a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
365720
server
cloudflare
decor_item_3.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/
431 KB
432 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/decor_item_3.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed7f1f9ac78d317255563643269dbabf80159fa2e2dfe25bd5f85d7f4271b98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"469102452fd88afe3722ce766b2896db"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdqrRxeHtEC%2Bxl6BG%2BMh1D%2Fas0CK8utuajkNI2baesIHYpfRPSR0Oy1XPbCwLNI%2FpKVCDTtrelhHGaHUlE3LHDCIfJgY9SElWq5rzbod1k7MLXageBcY%2BkqohQINRrvxD3wV1pjKe6c4GxE3mEQ1oCsKCHkF6rwSPzKefdAJ5WMW1Mdszp1WbqN37hwbG1RMKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30938&sent=69&recv=31&lost=0&retrans=0&sent_bytes=46786&recv_bytes=3533&delivery_rate=460519&cwnd=257&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=393&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef85ba4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
441100
server
cloudflare
coin_1.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/
18 KB
19 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/coin_1.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdde1925eb8c3578ed3115a814dd7da9b7aea8749fdd5812ca427aca3964dbae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"fb481debc058179e6da47dea90492e15"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdps%2Fzx6F%2BHz05kDvYRlsH37FDsDkKgScOUnyzR9N5eGmmHcvCk0O4Dpr2RHXWXe3BJJBVLYHjITZmla%2FPPAlU82uQlPxoUW58UFcByXTgqqRVFD5ZO2UL%2FFWIEO0IDWsfeVKvFBP7ZDVyw9AncNvovbs10iYMIIhyy0oe2W9OeZMNU1rFb0K5lwt4k8xlFj1A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30127&sent=51&recv=30&lost=0&retrans=0&sent_bytes=27141&recv_bytes=3533&delivery_rate=368489&cwnd=257&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=388&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef85ca4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18819
server
cloudflare
coin_2.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/
41 KB
41 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/coin_2.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99caf69f8fa8cbaabb9156a3f08d4fdfe657baeca434bff6c664a72443d92335
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"18bd14ec4136c4f7f78abe295452b870"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iq1KzC6rUwLzuECJMBQdKbYNPW9OQgkxlqfo%2BHeUvSVf4Z5YcNgMzbBIvNvMCfC9PnAgxzTfca9QfkW%2B%2BtpaZ%2BLq90BgPgZDg3mRKyD%2Bpl2xWpZDabNE4J1oQHZ90F0WZ3F4PQIxTO%2FXK%2FW3T765wFUcElLOPu0QAibX%2BPw29gPliNeATwSZ625Iur%2FUP2%2BOzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=31290&sent=170&recv=48&lost=0&retrans=0&sent_bytes=173170&recv_bytes=3533&delivery_rate=1843396&cwnd=257&unsent_bytes=46692&cid=fa1f9cec89cf7e26&ts=436&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef85fa4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
41792
server
cloudflare
coin_3.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/
14 KB
14 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/coin_3.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789bcfeb00926d5480183123c5477a389fd324bd81db0af0bebdf58850ea69a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"cf160ab84a68bac54b470412637dbdb8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSUx6L67VxbPa1PZnzLpkJw5gwqLwnAsoV4ezMJLwkuQE2xbJGanc%2Fl5MGNupMdEASJZ1y4w%2FuyEGcO2kkZSrYY%2Fd1I0AiB7bJwtsbx9248eTk3gBgBRCXMOX1KB0oBqYofEoMuubpWb3phgxnfXdYOrnRp1zFBr8sJiQTtHEv1KJapOQwoTa32w3aLd86uA8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30938&sent=104&recv=31&lost=0&retrans=0&sent_bytes=90295&recv_bytes=3533&delivery_rate=460519&cwnd=257&unsent_bytes=23540&cid=fa1f9cec89cf7e26&ts=409&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef860a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
14174
server
cloudflare
coin_4.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/
46 KB
47 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/decor/coin_4.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa31d2028621b43665f8de336b3d091fe01df068e86395b0d035a97a5b352afa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"e5319de3a169f9dde6f445ac7e338559"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNgOD8HNu%2F5fEETotcKq1pnSWZevDzoMWoE8UvfAMUdcZykmkNFSLoOFwK70JyqHFMy2bWmoIwXfFAKEt0AE5eUcd%2FaGaNBnteR%2B%2BLOuyJWd3%2FlSZuB6ttcd9qQcfmYPUV7XF3o3%2B%2B1cbTqzN4HV03L0wIDbS1DplHXnVNTBarjxXqPjGfW7qyr23Zsdi9khDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30938&sent=104&recv=31&lost=0&retrans=0&sent_bytes=90295&recv_bytes=3533&delivery_rate=460519&cwnd=257&unsent_bytes=23540&cid=fa1f9cec89cf7e26&ts=411&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef864a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
47514
server
cloudflare
enterprise.js
www.google.com/recaptcha/
2 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LedJp8UAAAAAIq3ybIliqLDRKLsAKllpPy8onPz
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f4.1e100.net
Software
ESF /
Resource Hash
a6c9a5bb473a14e38f7f9f70b07bea3e9628cc38972c86e6181225fbe3e10bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 16:03:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 06 Nov 2024 16:03:22 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
bundle.js
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
114 KB
24 KB
Script
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/bundle.js
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d85d2279fae1219f1ebdeb5d334fb7b413160eb538e9ffc9772ce6060ab2bf0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"c08e34fbe6536df34593b29d5faac204"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hj4L9M5OOiedo%2BytNDP3x5KIM8Z83Yn%2BjSVzC1UQnUVQ73v%2FXjKJysx2j1sUgiJtWSFeyPlK99aGExnfWGK3I6OBXscGH0n8ScsatxaLdXJoyxv5CxfYlePrapI8vtksdk8mXyFqklppgKpWCTz3t7mwcEpERxd99t0NC%2FUAdfBcSimXL5gZ%2F5DAzJmACWL%2BaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de6502ef855a4e8-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=30938&sent=104&recv=31&lost=0&retrans=0&sent_bytes=90295&recv_bytes=3533&delivery_rate=460519&cwnd=257&unsent_bytes=23540&cid=fa1f9cec89cf7e26&ts=404&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/
237 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d38c2a0afe33baa9ac6e29ce6ddc3c5dacf3049682527fa58b5e59436893a7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 06 Nov 2024 16:03:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83933
x-xss-protection
0
server
Google Tag Manager
fp.js
fs.pudaf.com/
242 KB
73 KB
Script
General
Full URL
https://fs.pudaf.com/fp.js
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.163.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-163-97.eu-central-1.compute.amazonaws.com
Software
nginx/1.27.2 /
Resource Hash
2605c063257beca9b2bfba501c645a3b32eb15e364859ad01b935cc286aea016

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

content-encoding
gzip
date
Wed, 06 Nov 2024 16:03:22 GMT
etag
W/"671b9df7-3c6b8"
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 13:32:39 GMT
server
nginx/1.27.2
tags.js
js.datadome.co/
168 KB
31 KB
Script
General
Full URL
https://js.datadome.co/tags.js
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-119.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

content-encoding
gzip
x-amz-version-id
3leCM9jGAq2_7z1hJqQMAiZ.vKvvZDqu
etag
W/"86b848e45746db7159d1fbb589ce0f3f"
age
1276
x-cache
Hit from cloudfront
x-amz-cf-id
QGKgr6sBNDzHu9xf-VLStcypQr8y_zaSkh1pDfZK2HOh1KqaGhuJPw==
date
Wed, 06 Nov 2024 15:42:07 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Thu, 17 Oct 2024 12:43:13 GMT
strict-transport-security
max-age=15768000
cache-control
max-age=3600, public
via
1.1 08c35fba3c05c07f78b1292e4a5f949a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/
546 KB
215 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LedJp8UAAAAAIq3ybIliqLDRKLsAKllpPy8onPz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

content-encoding
gzip
age
10302
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 13:11:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 13:11:40 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220347
x-xss-protection
0
server
sffe
bg.jpg
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
153 KB
154 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/bg.jpg
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b9a335d88ad325a3b4e06c7354240c542aa51b232899a2b1f0483585aef2fe3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"57ba19f018408003063364044e0ecf9a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2KrImtdDSbEi7l9ZwjwefAN9q%2BDOCQe%2BQJ0uyGpja7AzqjsE9JDEj99Wuvw3msqcUPekck9yCWQ84gmnm43scMQyFTVeJay7yJVuDMDrGCp0RNvxEHOy8OIFEGCm%2FOTNjDVMggp22jHE7tayhRdLIu8vus9%2FFRW1tTBG1fZQBreseW2cnr9SVMYOOpVAWJBTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=769&recv=280&lost=0&retrans=0&sent_bytes=937798&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=31128&cid=fa1f9cec89cf7e26&ts=618&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306ad3a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
156790
server
cloudflare
arrow.svg
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
175 B
724 B
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/arrow.svg
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4610761180d7a104b53a1bf7dcbd52e35e1d4c74e50ceecac3a54a366dddc23b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"0b5159ed0b805f44abb8ebedbc09bfc8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXCGWtwE2l%2FoQrJnyyvd3W91MfLsgSgfCrnVJQxjAF65xoZ%2FZCBd%2BP7Di51m8ij6sygwjAjmY1uOfxJANUY0AjdIDZtgTE3LTEMqCEcTUYTGihjKibUGLabJrrPeQopLc%2FFTXv5pPhTlbaaawwEDxPNw6%2FQ7yr9us8ASF%2F%2FWUCqBzJ2dqckWPPf3lwz6jgATBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306ad6a4e8-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=1082&recv=280&lost=0&retrans=0&sent_bytes=1340277&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=1088&cid=fa1f9cec89cf7e26&ts=637&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
wheel-btn.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
19 KB
19 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/wheel-btn.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f860cf24499369aa7e9d93743e0fb9a904a65b19f1c5664873a4b147ed1bfc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"c3eb721afecd72a9fe1493ff38eb6149"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r40kXgDQufJ1YVj6kBiXhnrbxGkM1cC%2F8JGBxa8OSu9OECQXE7KhwM3Y1zhYtv8IMP3sYzQOiILXerUlhScO1nn3o5ZeZAA1zp%2FPc06DKUZsNvjmoOftMj%2F65LtUfrnz3cyZZe1ynLN7S%2FcrUp4rJHxvyDhturDI%2FIVwQI%2BsEtR6O%2FnTtvTgw2ClbeLXquhSBw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=1084&recv=280&lost=0&retrans=0&sent_bytes=1342155&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=638&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306ad9a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
19396
server
cloudflare
wheel-top.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
4 KB
5 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/wheel-top.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929486315c8fa9133f03764402ce4651768ad5e7f0b661fe8edc69040d3bacbc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"1b190b059a8deae08f3a7a81c5105ad1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOMN9oZwMsy9IiSRdbJczoaCE9eowPGEDu%2F%2FpYPBOuZ%2BBcnIPLsw1zOKj8Pu1GFb3ep%2Fp9EGatKg8DpnXo41%2B3vjo25KyAohc7nvUJUAIInNgRTDm%2BKsD%2FRVEwb12wGOTdzTi0CiLViKCaVHv5HZx28dOuw%2BWM%2F9Ndg6W%2FBb6MoYJ%2FThKixrc9VVjxKXADHUFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=843&recv=280&lost=0&retrans=0&sent_bytes=1033776&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=36273&cid=fa1f9cec89cf7e26&ts=621&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306adaa4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4146
server
cloudflare
wheel_sprite-kz-ru.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
54 KB
55 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/wheel_sprite-kz-ru.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c67fa8a74edc8a91f13ca6d93d28af2ae22242724ae15d81f05fa656475b2b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"b43b9ecb69c5a681bb907f93d18c60ac"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mr0jrzajJ12%2FJBvhbYFUjjv8m2L8jQ5cnZLFEbki9K00m8a4dqus4kDn7zAkIljFfL9uqeoZWlJO8LFla732mpu6xv0c0%2BnEN4HMf3WVXK0R2upzDzjb610D5wpxvwwtORWKgxBirKkSI8SWRODJ71usx%2FMb1sBgb8GrFZhK7f8A8i6%2BWWx%2BcB%2B%2F1EwOZ8CSUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=947&recv=280&lost=0&retrans=0&sent_bytes=1168360&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=630&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306adca4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
55602
server
cloudflare
wheel-frame.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
83 KB
84 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/wheel-frame.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7a25a99753b8910dabb8f57ac9cd3444c4557ab364cb414c9e86e76899b002
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"22dfdfe6329d54cf20d649502202426d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y86gwgFDIHtGCqDge8lTWX%2BHO4QuSxgfst8TgFosU7rGIFOosMMesTCqGXESGre3bbe8vSVUWIlZGMr5FzlO4giHjPNkrffLwNVzjxefJFw%2FQDDLgUTqskQrbWMdrBxXvQrhVUPvHFH7DsHlmuECLfzXHR7kjhZAUAHcY2%2FVh8a5vDgOZNsIx0yH49hPR9zIGw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=992&recv=280&lost=0&retrans=0&sent_bytes=1224646&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=634&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306adfa4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
85405
server
cloudflare
frame-1.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
30 KB
30 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/frame-1.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77606f673afbec18f94567b234ca92fec8a2f39f5f830cc4c89a4e4bf7eb0df9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"856ef176ccf97f61fe0aaec0a8fac3b1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FebJWpXDh%2B4lz1ALu3xsPt%2ByaZh%2B5cbVRqFRldfynCzzKiReqv7mrWKIcxYGqfTLceaOJ4umTMnJvFSBFvTGIIKsXnBa5fpavKRVVa%2BPpgm86wbPdqj2ijepyOH5Z7Ps%2FwfYbiZiHprt0Bq%2BuLNN4JBOd0rbBmXDksVhTo%2FrEDUD45Y7PPHY0JVHeahq55TkLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=31555&sent=1125&recv=465&lost=0&retrans=0&sent_bytes=1391850&recv_bytes=5213&delivery_rate=12498256&cwnd=907&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=690&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306ae2a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
30380
server
cloudflare
frame-2.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
29 KB
30 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/frame-2.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd88ec4c06133653b01ffdcf2f170344084555586d43c7cbd44f75ec87100c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"d7566d1e26697378c84f74b85897972c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQeUQ8khy8iz1LwGPmEUdM4Vu4VZqo3zO4oaOtVH%2B%2FjAVwLSNFM%2FhybXP2NnEpb2WZBLD%2Bn6IL1yn%2B6vjEa6ADVNl%2BrlPdlLB27M9tH9ZENnkFIX9t69AU1ahqaCwQZuotTFkW7XUKcphUdrUAecclRGIDAe9FJcN8ZqQSlILkpU380o5YS%2FEkfeecWHGrkHaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=1056&recv=280&lost=0&retrans=0&sent_bytes=1306555&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=4433&cid=fa1f9cec89cf7e26&ts=636&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306ae4a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29743
server
cloudflare
frame-3.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
28 KB
29 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/frame-3.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559d7c6212b45d8acb05d8c27dc2e6525daa3b173fbd26ab9909b96d66b5f118
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"d9ca3904d335ccf34d2f0faadb50146f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31jP2B%2BuAh%2BnJOfE5X5vF%2FRdt6LkmC9nQmxlYRydo%2BpYoQYEj%2BXtq8n5fZxe5O2JWmcH5PfW2rMR4q6ujhSNsSlnqocmsU6sceUtdlAfM6hy5Are9HUlJxBP4MZ63x7daGhkCitDPsrNktjn%2FYnfwom5SYjQNnM%2Fe198WeIE8UB983vik6LSO44H6MP2IUb4KA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=31417&sent=1101&recv=440&lost=0&retrans=0&sent_bytes=1362156&recv_bytes=5213&delivery_rate=11901433&cwnd=888&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=660&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306ae8a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29081
server
cloudflare
button-center.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
404 B
904 B
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/button-center.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38cce3995f2027729bc5113698b8122dcdbd4962251bdaee429e15181978630a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"44cbedb87f7d81788295ff941b907888"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRam2%2BWNlHXGeiwzOpTC8zqekTOJ2xxKgwNTcl6BqDk2kqUvkN9lJsZzkKz%2FoHW5N5QZe4x10ewLW05bw%2BgA5bns0pzSa6WJDyBP%2B7azO15XRSjh2H560X6IUrESET2U8V5pxA2W3icv5WUWMHxKR%2BmG4C4ATrOCq3RL4C44xkygqVRt%2BA9v9o5qAet8rKMRIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=943&recv=280&lost=0&retrans=0&sent_bytes=1163476&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=3914&cid=fa1f9cec89cf7e26&ts=625&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650306ae9a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
404
server
cloudflare
button-side.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/
2 KB
2 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/button-side.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66854b383495c297f471a952b7defcc253940b52ac21ff142babd1b5ca354353
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"cf2ff09a0fa8fa93d35dcf5698af45e3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKlLDAnmiq5ZEpwHmSitO07EsAadoGggfE0Vix9m1yOBAH7fBqvYCnzDGlbsVGkvYzHduK2Qgp6RP%2Fq%2BNfS69babsrB%2BahBgiWOgbXdUTf%2BwPvBmUe6jpC4tvv8PoSWVc%2BDlhaUpWZMlRKG35kiURdieHmbH%2BS7egoLAFLjO1MVl6LMM3z7G1XgtqMQRIIMSiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=819&recv=280&lost=0&retrans=0&sent_bytes=1002648&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=31128&cid=fa1f9cec89cf7e26&ts=620&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de650307aeca4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2023
server
cloudflare
Roboto-Bold.woff2
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/fonts/src/fonts/Roboto-Bold/
64 KB
65 KB
Font
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/fonts/src/fonts/Roboto-Bold/Roboto-Bold.woff2
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a92a15c6431fb6fd648c9f01ec50b848100fe0e566cd2c0641d89fc3a523d079
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"e3653f8a7b6b7b638a2ccc57a8ce6385"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQd84NEvCRHN7VRiTX1auo772gPYR5eHlTYntW2fHhNaoY2bS%2BXcFhWT3UquNT4o5jJY0dsmVtwQIXs2yPen5jgA4TRgju9gKFXLuLr2BxsqE%2BbdKgHc43NhW7jjnmRMv1ZfejHGmHaljMgDUIhQZPnL3uT4MIwmmknM0TxzHcI6zsaT24vAmGiE1G6igTsXoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30863&sent=1206&recv=516&lost=0&retrans=0&sent_bytes=1491025&recv_bytes=5213&delivery_rate=12498256&cwnd=907&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=748&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de65030ab49a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
66008
server
cloudflare
Roboto-Regular.woff2
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/fonts/src/fonts/Roboto-Regular/
64 KB
65 KB
Font
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/fonts/src/fonts/Roboto-Regular/Roboto-Regular.woff2
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/main.css

Response headers

cf-cache-status
MISS
etag
"fc38b49d9e144033b2696aeab9785491"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAWjv8snQRBrkZPcTT7Oco5vYcK66rULANUjkVbhWRqH%2ByDY8XTYlO2qfz5vwJ7MpCUzP8tlyRaZoQIWF0fR6koukt44QUtgmC3RzyOt%2BUhaJ%2FbNgv%2B4Z5RJsfnk2CF7vqGEIJdVkmLtnvMzJaVEq8MGQAcHKNPST1s%2B2cUyKrCIVar4dQ0OYLwjEomrU6QpIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30451&sent=1150&recv=477&lost=0&retrans=0&sent_bytes=1423000&recv_bytes=5213&delivery_rate=12498256&cwnd=907&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=699&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de65030ab4ea4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
65992
server
cloudflare
kazakhstan.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/country/
6 KB
7 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/country/kazakhstan.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ad555d048af744e4c383fc00ff851b738ae84a48df2af6abc02581d17a7d13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"373579c688c96e90a00fb7a188f08b06"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L4cegzhRty5p9CS%2Bx%2BXn4o%2FZ4bgSHSCbZgiR8LrJFXO0jWNxQM5fVmHWLYfGKuNR%2BlcpCHtTDYh273MS3DjDToQABygQPyGOpRxluBqrHGoN6Pr%2BPd0vdJ4twSdzuAoSFGSbuSEoG5HQN212WT%2FVvpy8QyufJxp2%2BqjwrEqn%2F%2BcVPa1MXjSP98NKJ%2BkvIFjKCw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30438&sent=593&recv=280&lost=0&retrans=0&sent_bytes=709526&recv_bytes=5213&delivery_rate=11839106&cwnd=608&unsent_bytes=64850&cid=fa1f9cec89cf7e26&ts=612&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de65030ab51a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6521
server
cloudflare
kazakh-russian.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/header/lang/
651 B
1 KB
Image
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/header/lang/kazakh-russian.png
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307bcd15270bd7523fee2c844cfb1de6cbedc01bbe63c4067f9573fbd9744cda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"ace83b5e14c127cbcee67103e63a5c91"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyVQm4fQXyFncGQgRIdzpHtsu8oM%2F1N0jeEWMISXj5P4Y0QHFq59BOqXTSLsNBFGKS7vL69XYoZpyayRIFQyVKsMBrXXCXjYn3D68pN%2Fqbo2DtjnyXlgZNEua4QfsQ9IjIkKCJWEv73p5RkLEs9dPOgMEbq6WN1MQu%2BpNT%2BWTBTlZtJJlxx%2F9zbn9KYXaHf2jA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30863&sent=1203&recv=516&lost=0&retrans=0&sent_bytes=1489756&recv_bytes=5213&delivery_rate=12498256&cwnd=907&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=739&x=0"
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de65030ab56a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
651
server
cloudflare
1d8a292a-eb33-44e7-8b3c-666d20caa320
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/ Frame
0
0

/
api-js.datadome.co/js/
232 B
462 B
XHR
General
Full URL
https://api-js.datadome.co/js/
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.207.86.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-86-177.compute-1.amazonaws.com
Software
DataDome /
Resource Hash
a3ea15dfaed6921c9a4422861ef406b9dfe27c963a3af657b374426b9c2d6b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
access-control-allow-origin
*
content-length
232
date
Wed, 06 Nov 2024 16:03:22 GMT
content-type
application/json;charset=utf-8
server
DataDome
anchor
www.google.com/recaptcha/enterprise/ Frame 3B42
0
0
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LedJp8UAAAAAIq3ybIliqLDRKLsAKllpPy8onPz&co=aHR0cHM6Ly93aGVlbC1zd2VldC1ib25hbnphLWNhbmR5bGFuZC1waW5jby1rei5wdTIxMWV2LmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=176fnhvafxjg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mRepq2_hHHBDCSxAKeXaXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mRepq2_hHHBDCSxAKeXaXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 16:03:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
p
f.pudaf.com/
137 B
893 B
Fetch
General
Full URL
https://f.pudaf.com/p
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.100.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-100-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
342411288fcb535d1a04225d82f4ca5e7c58fb0597a2e81ccb5cc5e605f391af

Request headers

ak
vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
x-ctr
4UuB1BQ8ONeKIRgissHvYw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/html, text/plain
ri
1dce37c6b48244039024b9ce3b948284
Content-Type
application/octet-stream
si
0a5fb0a607c04e91bbd82a634fb2d5e5

Response headers

access-control-max-age
43200
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
etag
672b934bfa862f2678a622fb
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id
3c9bfed2c0020c2ebda78c7b6352c679
access-control-allow-origin
*
content-length
137
date
Wed, 06 Nov 2024 16:03:24 GMT
content-type
application/json
last-modified
Wed, 06 Nov 2024 16:01:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
0
24 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

content-encoding
br
etag
17904852107547177580
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 16:03:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 06 Nov 2024 16:03:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53189
x-xss-protection
0
server
cafe
p
f.pudaf.com/ Frame
0
0
Preflight
General
Full URL
https://f.pudaf.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.100.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-100-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ak,content-type,ri,si,x-ctr
Access-Control-Request-Method
POST
Origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match,x-ctr,ak,si,ui,ri
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
access-control-max-age
43200
date
Wed, 06 Nov 2024 16:03:23 GMT
vary
Access-Control-Request-Method, Access-Control-Request-Headers, Origin
js
www.googletagmanager.com/gtag/
301 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FSDW78HQ4L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFB4T883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ff2428ea18b4e4733aa8d52a38a54fa73f33d7dcd7fc9fa183ea07b3a6136fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 06 Nov 2024 16:03:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:03:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104699
x-xss-protection
0
server
Google Tag Manager
web-vitals.iife.js
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
7 KB
3 KB
Script
General
Full URL
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
Protocol
H2
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
age
111494
x-content-type-options
nosniff
date
Wed, 06 Nov 2024 16:03:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JBXS45R76TEYP06DY7N3PZAK-mia
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8de65039ab1bda05-MIA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/web-vitals@4.2.4/dist/web-vitals.iife.js
content-encoding
br
cf-cache-status
HIT
age
584
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8de650391a1eda05-MIA
access-control-allow-origin
*
date
Wed, 06 Nov 2024 16:03:23 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JC12WW1NB59J5GXG7C5M1FK5-mia
server
cloudflare
favicon-32x32.png
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/favicon/
2 KB
2 KB
Other
General
Full URL
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/img/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cf-cache-status
MISS
etag
"ab1156a8eb2af8e913fe675d02676f04"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCeb2YmhZP04Kkd3iKsNRB1nF0afW%2FJg39nJiWzMpkVcpLzQmAe6WcweHylJozUP7FzJm6unSc4EIKMsLCQfbMCo6Vu0QuqmYBqUzAv%2FcE1k5FJdiZOIY6Tlh6mWjlGUA2H6cNsPefvbzNOvr84DvG%2FokYhwjHGHThez4u6enm%2B0YZJ6nsbbI8tbmT6sNDL3Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30329&sent=1260&recv=545&lost=0&retrans=0&sent_bytes=1557773&recv_bytes=5450&delivery_rate=12498256&cwnd=907&unsent_bytes=0&cid=fa1f9cec89cf7e26&ts=1920&x=0"
date
Wed, 06 Nov 2024 16:03:23 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de65038b996a4e8-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1671
server
cloudflare
p
f.pudaf.com/ Frame
0
0
Preflight
General
Full URL
https://f.pudaf.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.100.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-100-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ak,content-type,ri,si,x-ctr
Access-Control-Request-Method
POST
Origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match,x-ctr,ak,si,ui,ri
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
access-control-max-age
43200
date
Wed, 06 Nov 2024 16:03:23 GMT
vary
Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p
f.pudaf.com/
137 B
892 B
Fetch
General
Full URL
https://f.pudaf.com/p
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.100.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-100-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
342411288fcb535d1a04225d82f4ca5e7c58fb0597a2e81ccb5cc5e605f391af

Request headers

ak
vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
x-ctr
KRE84NJW10WgT0u8hH30jQ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/html, text/plain
ri
1dce37c6b48244039024b9ce3b948284
Content-Type
application/octet-stream
si
0a5fb0a607c04e91bbd82a634fb2d5e5

Response headers

access-control-max-age
43200
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,etag,Last-Modified
etag
672b934cfa862f2678a622ff
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
x-trace-id
b39ae78c364b8ce6b616bb97c1da42da
access-control-allow-origin
*
content-length
137
date
Wed, 06 Nov 2024 16:03:24 GMT
content-type
application/json
last-modified
Wed, 06 Nov 2024 16:01:44 GMT
collect
www.google-analytics.com/g/
0
568 B
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4au0v893553001z89181226602za200zb9181226602&_p=1730909002055&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=132094439.1730909004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dr=&sid=1730909003&sct=1&seg=0&dl=https%3A%2F%2Fwheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com%2F&dt=%D0%9A%D1%80%D1%83%D1%82%D0%B8%20%D0%BA%D0%BE%D0%BB%D0%B5%D1%81%D0%BE%20%E2%80%93%20%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-06%2006%3A03%3A23&up.is_exist_player=false&up.language_site=&up.platform=desktop&up.screen_resolution=1600x1200&up.is_incognito=false&tfd=2089
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:03:23 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/
0
57 B
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4au0v893553001z89181226602za200zb9181226602&_p=1730909002055&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=132094439.1730909004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dr=&sid=1730909003&sct=1&seg=0&dl=https%3A%2F%2Fwheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com%2F&dt=%D0%9A%D1%80%D1%83%D1%82%D0%B8%20%D0%BA%D0%BE%D0%BB%D0%B5%D1%81%D0%BE%20%E2%80%93%20%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8&_s=2&tfd=2111
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:03:24 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/
0
57 B
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4au0v893553001za200zb9181226602&_p=1730909002055&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=132094439.1730909004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&dr=&sid=1730909003&sct=1&seg=0&dl=https%3A%2F%2Fwheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com%2F&dt=%D0%9A%D1%80%D1%83%D1%82%D0%B8%20%D0%BA%D0%BE%D0%BB%D0%B5%D1%81%D0%BE%20%E2%80%93%20%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8&en=scroll&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-06%2006%3A03%3A23&epn.percent_scrolled=90&_et=9&up.is_incognito=false&tfd=2124
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:03:23 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/
0
57 B
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4au0v893553001z89181226602za200zb9181226602&_p=1730909002055&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=132094439.1730909004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&dr=&sid=1730909003&sct=1&seg=0&dl=https%3A%2F%2Fwheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com%2F&dt=%D0%9A%D1%80%D1%83%D1%82%D0%B8%20%D0%BA%D0%BE%D0%BB%D0%B5%D1%81%D0%BE%20%E2%80%93%20%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8&en=web_vitals&ep.gtm_version=GTM-MFB4T883%20%7C%20v.%204&ep.transport_type=beacon&ep.timestamp=2024-11-06%2006%3A03%3A23&ep.event_category=web_vitals&epn.event_label=1873&ep.event_action=FCP&_et=12&up.is_incognito=true&tfd=7127
Requested by
Host: wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:03:28 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
URL
blob:https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/1d8a292a-eb33-44e7-8b3c-666d20caa320

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| landingConfig object| dataLayer string| afto function| aft string| ddjskey object| ddoptions object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| links object| pageState object| phonePattern object| translate object| currency object| formNotif boolean| dataDomeProcessed object| dataDomeOptions boolean| ddSbh object| google_tag_manager object| google_tag_data string| key object| recaptcha object| closure_lm_860714 object| aftStore function| aftUUID function| aftSID function| aftGenSID function| startBBClicker function| stopBBClicker string| afti number| width number| height function| detectIncognito object| last_10_events object| current_event boolean| is_incognito function| onYouTubeIframeAPIReady object| gaGlobal object| webVitals string| _D9tysGh2

6 Cookies

Domain/Path Name / Value
.pu211ev.com/ Name: __cf_bm
Value: HiA1uaPD8ptuCRCIN2fjjaMFi3wAmeWCHzBjWzm5XYY-1730909001-1.0.1.1-7RKU.wTG0R9mYE_PmlaYMiOjU7csDWaevBZebtg0deoXeCcAGJ7wg099NPEARssuSIhlNiAwdMgAd5VRXlbrjQ
.pu211ev.com/ Name: datadome
Value: 2fepFKAWJpRa6zyZ9Wzfu6I59JMOk7_Q8ydK6TaVezzp2o686To4oJKpI32B4m4zNEkY7J_q4YPa~cQC3VueNJx3NRDNqbuWMXcUXpilxuO596atMt571Sg2IccQuL3f
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/ Name: ga-x3sdiid0
Value: UZTQ1MmZiNGYzYTgyZDJiMWU5NGMwN2YwYTIwZmE1MG
.pu211ev.com/ Name: _ga
Value: GA1.1.132094439.1730909004
.pu211ev.com/ Name: _ga_FSDW78HQ4L
Value: GS1.1.1730909003.1.0.1730909003.0.0.0
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/ Name: ga-d98gkkii
Value: 671aaabe359ef9d39e1072f2

6 Console Messages

Source Level URL
Text
recommendation verbose URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering warning URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E09A1384280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070210484280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A030D51384280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0109B1384280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E0E51384280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
f.pudaf.com
fs.pudaf.com
js.datadome.co
pagead2.googlesyndication.com
unpkg.com
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
wheel-sweet-bonanza-candyland-pinco-kz.pu211ev.com
142.250.72.100
142.250.72.99
142.251.41.2
18.159.163.97
18.195.100.83
18.238.49.119
2001:4860:4802:34::178
2606:4700:20::681a:d9d
2606:4700::6811:f9cb
2607:f8b0:4006:806::2008
44.207.86.177
112dc5afe79d792908bd0c82e808dbec5cf5935b6d0ba80b38c231fadfece72a
19f860cf24499369aa7e9d93743e0fb9a904a65b19f1c5664873a4b147ed1bfc
1c67fa8a74edc8a91f13ca6d93d28af2ae22242724ae15d81f05fa656475b2b4
1ed7f1f9ac78d317255563643269dbabf80159fa2e2dfe25bd5f85d7f4271b98
2605c063257beca9b2bfba501c645a3b32eb15e364859ad01b935cc286aea016
2ff2428ea18b4e4733aa8d52a38a54fa73f33d7dcd7fc9fa183ea07b3a6136fe
307bcd15270bd7523fee2c844cfb1de6cbedc01bbe63c4067f9573fbd9744cda
342411288fcb535d1a04225d82f4ca5e7c58fb0597a2e81ccb5cc5e605f391af
38cce3995f2027729bc5113698b8122dcdbd4962251bdaee429e15181978630a
44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
4610761180d7a104b53a1bf7dcbd52e35e1d4c74e50ceecac3a54a366dddc23b
559d7c6212b45d8acb05d8c27dc2e6525daa3b173fbd26ab9909b96d66b5f118
66854b383495c297f471a952b7defcc253940b52ac21ff142babd1b5ca354353
6b9a335d88ad325a3b4e06c7354240c542aa51b232899a2b1f0483585aef2fe3
6d85d2279fae1219f1ebdeb5d334fb7b413160eb538e9ffc9772ce6060ab2bf0
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22
77606f673afbec18f94567b234ca92fec8a2f39f5f830cc4c89a4e4bf7eb0df9
780ea4acf28be9ccc4da22f3f58e06fcac62c45f3f05e8e2f8a45fdd6777a1a6
789bcfeb00926d5480183123c5477a389fd324bd81db0af0bebdf58850ea69a9
78ad555d048af744e4c383fc00ff851b738ae84a48df2af6abc02581d17a7d13
7a7a25a99753b8910dabb8f57ac9cd3444c4557ab364cb414c9e86e76899b002
929486315c8fa9133f03764402ce4651768ad5e7f0b661fe8edc69040d3bacbc
99caf69f8fa8cbaabb9156a3f08d4fdfe657baeca434bff6c664a72443d92335
9b7f5889eb806a98c4609185b58d823260aa3dd8127b079558eb00ef5a0d58c3
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
a3ea15dfaed6921c9a4422861ef406b9dfe27c963a3af657b374426b9c2d6b9c
a6c9a5bb473a14e38f7f9f70b07bea3e9628cc38972c86e6181225fbe3e10bbd
a92a15c6431fb6fd648c9f01ec50b848100fe0e566cd2c0641d89fc3a523d079
abd88ec4c06133653b01ffdcf2f170344084555586d43c7cbd44f75ec87100c2
bfa6e554f0dcd2ab1ba3bad17e12a8e6144587abbd9fcdc0c77077b186563bbb
c666bc8df31637dffcf28995029d89f2761e5a6bcbec9b5a227334ebf92612f3
d38c2a0afe33baa9ac6e29ce6ddc3c5dacf3049682527fa58b5e59436893a7a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
fa31d2028621b43665f8de336b3d091fe01df068e86395b0d035a97a5b352afa
fdde1925eb8c3578ed3115a814dd7da9b7aea8749fdd5812ca427aca3964dbae