roxcasino-tr.pu318ev.com Open in urlscan Pro
2606:4700:20::681a:ed4  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response roxcasino-tr.pu318ev.com/	18 KB 5 KB	436ms 297ms	Document text/html	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://roxcasino-tr.pu318ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a59a3af6e0ccf94c54e6e33d9514f2f06cea329d9ff9550ec41357cd41984bb2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 843943234dba4c33-MIA content-encoding br content-type text/html date Thu, 11 Jan 2024 01:07:20 GMT last-modified Wed, 13 Dec 2023 15:29:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml%2BtGEr%2Fctjl9mD1HRBCKYIk22oM9jwYxHwdCWyiR10SN6TcPXN30yhKQ82mQhExPu7H0aVmTohxS4cXVJgfFyD16eyv7YjJTfzQ7BjbhkIHRRDk%2F6EShKooC28wgAOl5d7qxdwp4sY8y39%2BiJf2kQtgk5XWkw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	193ms 66ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,600,700,900&display=swap&subset=cyrillic Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e8841ae28cd23a195102486ffe06cf53f51d1beb8e024ce760b3f6379c3e3c25 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 11 Jan 2024 01:07:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 11 Jan 2024 01:07:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Jan 2024 01:07:20 GMT
GET H2	200	main.css roxcasino-tr.pu318ev.com/	20 KB 5 KB	313ms 298ms	Stylesheet text/css	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://roxcasino-tr.pu318ev.com/main.css Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84bd81553ca94f64222fd150614e3a492ecf76cdafc20ffb0be50f08ae9c3a64 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdf0-5012" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2fAbDEMgvep%2BnpMaNwq%2BScubFlulBLCgKo5R6bGjl0%2BShjs1NX0GxM0Sli5orNXr8nObrlrZ2Htp4HI8v7Yq%2BUBKi55sXFmlitMLZPitcRLLTb9S5pgI3BBmM%2F17zycz44LQz0wW9G2PrqZpKDybv1f1ypPuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 84394326ea3c4c33-MIA
GET H2	200	roxcasino-modal-img-desk.png roxcasino-tr.pu318ev.com/img/modal/	28 KB 28 KB	316ms 301ms	Image image/png	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu318ev.com/img/modal/roxcasino-modal-img-desk.png Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7178777b0bbcfb16bc95cae31fbf75d07eea332ef0015af706e2fcef0e7673ee Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdea-6e55" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRCcbPmtNUvJ52VjXjCdgqoNbWGHI49t%2Ftwk4uyr%2BiqtABJls5OgzY31F4%2FeU66c6XWXNuZgQvz2E0E8r%2FoJxAEY%2Bd0UP73fy8lWtFQ6bpFz6WSWHFB5IR2ubLyuM7%2BCCugt3IYvKL9guEPb7jDQXzeUFChv6g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 84394326ea3e4c33-MIA
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	1 KB 1 KB	200ms 74ms	Script text/javascript	2607:f8b0:4004:c06::93 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50 Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ce3c7b9aa7606bd64b6dbf60299b7a21d8a87e69c98b45c05201c3f4faefd3d2 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:20 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Thu, 11 Jan 2024 01:07:20 GMT
GET H2	200	bundle.js Show response roxcasino-tr.pu318ev.com/	77 KB 19 KB	434ms 433ms	Script application/javascript	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://roxcasino-tr.pu318ev.com/bundle.js Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d65c13c6cc536a884c136555082a1cb3db39eaced1d00cdbb0063f64e85a6ac6 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cde8-135d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVjKd96Rhq0JYkikztrr4cEcfVV%2Fp%2F%2F%2BeUUd7OSglND3mhIwUNckUCugcNIbapPPP0O1uHqDurgqOl%2BAR5bLmz8OioH5FAFzCYkkQksqb4izfqz0ZqRC1kzgXRaeVswPgFlR9FA47M8otc8Qo6kaKSOIr%2FvsvA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 843943270a574c33-MIA
GET H2	200	fp.js Show response fs.pudaf.com/	377 KB 71 KB	806ms 288ms	Script application/javascript	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fs.pudaf.com/fp.js Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash dea35e1e512b9c5e6b6c2c813e2590fe41f3af3d15a2a1c84cc46b2b9481d68b Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT content-encoding gzip last-modified Thu, 07 Dec 2023 14:38:20 GMT etag W/"6571d8dc-5e448" content-type application/javascript
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/	503 KB 202 KB	285ms 54ms	Script text/javascript	2607:f8b0:4004:c19::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://roxcasino-tr.pu318ev.com/ Origin https://roxcasino-tr.pu318ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 22:43:41 GMT content-encoding gzip x-content-type-options nosniff age 8620 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205927 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 09 Jan 2025 22:43:41 GMT
GET H2	200	custom_background.jpg roxcasino-tr.pu318ev.com/img/	55 KB 55 KB	451ms 451ms	Image image/jpeg	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu318ev.com/img/custom_background.jpg Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d60095bab9c9c1dc55b60683b5c7b86b2a3f735acbc6fb9677e8126b560d3af8 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdea-daab" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWE5xfn%2FaW1cu2KnH%2F5jR8dFhOY4RuEeyK0SNwf%2B5EeXkrSCO8eLg2Z3SIVqDA7vyRo3VJHy8sr1uxckqkdVmO5YTnQjBjdtmcSoutDb88FJLx3mBtX8qsz98%2Bn%2BxNy87yiA5ni%2FviRmE%2BXGbZ8q7NyW3eNE4g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 84394328dd364c33-MIA
GET H2	200	custom_down-arrow.svg roxcasino-tr.pu318ev.com/img/	188 B 450 B	311ms 310ms	Image image/svg+xml	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu318ev.com/img/custom_down-arrow.svg Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c9dcc4fb62b1dd4c6f1c44ee40efe583333fdf7166a98c5de85d0bf9b18aee2 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdea-bc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgMuK8bWxQK1SHJWXW1QSyH7FY8JlzTwjPufLg9BzAENO4ftz98SsCZ06hbvu%2BAnmsrRxwtFbtFZoo23hLaGy22KjA1dr1HWGkhIqSlWp50A2EwiyOV84VtwoB%2F0HGgmmDqCBIRcoiVTjB2aKf3Es9oKOTo9jQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 84394328dd384c33-MIA
GET H2	200	custom_checkbox.svg roxcasino-tr.pu318ev.com/img/	176 B 461 B	309ms 309ms	Image image/svg+xml	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu318ev.com/img/custom_checkbox.svg Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f73e4d5d9be7cd1607f193655b8fc80510b38e4ebda87f0656885095014bc7cd Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cdea-b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bv72qjyVaqm0l3H%2Bu%2BMxCCW6YOVmNzWXlG%2BXhMPaQvjpM9bA38r62yoMwYalTL4ji0LWzglIlRRf3UP82d8AyVGsf0aSco0%2BdgNzIoCudwEQRdqCSJPGu973ox9Qc7SqlgRP0okq%2BdmXkXpTq2Dk8Y7iYCgokA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 84394328dd394c33-MIA
GET H2	200	turkey.png roxcasino-tr.pu318ev.com/img/country/	1 KB 2 KB	306ms 305ms	Image image/png	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://roxcasino-tr.pu318ev.com/img/country/turkey.png Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6579cded-4a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AybPGTvn3b9E%2FyqFFwvJerE%2BgIn1i8t55BuGo%2FzsO3ID2uugYiHKy1zRuqsjuS3B6p6HB6OJg2%2B6gd7MCffdsq%2BMRWhuahREIK9XBFcr0eTVA9h54iZy%2FChNwerWPab1VqLDYSzhsZQfnFPbRv1nJHN%2FsQLxYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 84394329ce674c33-MIA
GET H2	200	icomoon.ttf roxcasino-tr.pu318ev.com/fonts/src/icon-fonts/	7 KB 7 KB	302ms 301ms	Font application/octet-stream	2606:4700:20::681a:ed4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://roxcasino-tr.pu318ev.com/fonts/src/icon-fonts/icomoon.ttf Requested by Host: roxcasino-tr.pu318ev.com URL: https://roxcasino-tr.pu318ev.com/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f Request headers Referer https://roxcasino-tr.pu318ev.com/main.css Origin https://roxcasino-tr.pu318ev.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:21 GMT cf-cache-status MISS last-modified Wed, 13 Dec 2023 15:29:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6579cdea-1a54" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=as3hkLjUdXdjCtjQ43c66GI5EYzFuSX7ypVHtDHYUGPVrS84fjkB%2FiZbQSkD5C7leyofGeSSwXoYnWzDxHmLa5sZQjcfxA%2BMrb5UGjJJXgZ5a5C9pfGRDSSDykMaWAb5sFU7JgjSoCO%2BeEEuqfEcJXAIAxXFZQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 84394329ce694c33-MIA content-length 6740
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame 0F6B	7 KB 1 KB	73ms 72ms	Document text/html	2607:f8b0:4004:c06::93 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9yb3hjYXNpbm8tdHIucHUzMThldi5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=p49j9pwu1lzy Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3b38c2c3fffec1fb2c19381890aee532c3ce55cd97aadde29de9bf65d84fa910 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-tC5adPdyTCD49FuM6F8HXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://roxcasino-tr.pu318ev.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-tC5adPdyTCD49FuM6F8HXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 01:07:21 GMT expires Thu, 11 Jan 2024 01:07:21 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 0F6B	55 KB 25 KB	164ms 54ms	Stylesheet text/css	2607:f8b0:4004:c19::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9yb3hjYXNpbm8tdHIucHUzMThldi5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=p49j9pwu1lzy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 22:43:41 GMT content-encoding gzip x-content-type-options nosniff age 8620 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 09 Jan 2025 22:43:41 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 0F6B	503 KB 201 KB	219ms 111ms	Script text/javascript	2607:f8b0:4004:c19::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9yb3hjYXNpbm8tdHIucHUzMThldi5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=p49j9pwu1lzy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 22:43:41 GMT content-encoding gzip x-content-type-options nosniff age 8620 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205927 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 09 Jan 2025 22:43:41 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 0F6B	2 KB 2 KB	57ms 56ms	Image image/png	2607:f8b0:4004:c19::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 19:18:58 GMT x-content-type-options nosniff age 20904 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Wed, 17 Jan 2024 19:18:58 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 0F6B	15 KB 16 KB	167ms 54ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly9yb3hjYXNpbm8tdHIucHUzMThldi5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=p49j9pwu1lzy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:09:31 GMT x-content-type-options nosniff age 57471 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 09:09:31 GMT
OPTIONS H2	204	fcb690b3-af59-4c91-84dc-39040e84c354 f.pudaf.com/p/ Frame	0 0	616ms 145ms	Preflight	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/fcb690b3-af59-4c91-84dc-39040e84c354?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=fcb690b3-af59-4c91-84dc-39040e84c354 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://roxcasino-tr.pu318ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Thu, 11 Jan 2024 01:07:23 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	fcb690b3-af59-4c91-84dc-39040e84c354 Show response f.pudaf.com/p/	21 B 733 B	146ms 145ms	Fetch application/json	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/fcb690b3-af59-4c91-84dc-39040e84c354?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=fcb690b3-af59-4c91-84dc-39040e84c354 Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash 4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60 Request headers Accept application/json, text/html, text/plain Referer https://roxcasino-tr.pu318ev.com/ If-None-Match accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/octet-stream Response headers date Thu, 11 Jan 2024 01:07:23 GMT last-modified Thu, 11 Jan 2024 01:05:43 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 659f3f4b13ba746f602bedc1 vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 21
HEAD H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	201ms 88ms	Fetch text/javascript	2607:f8b0:4004:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://roxcasino-tr.pu318ev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 01:07:23 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51371 x-xss-protection 0 server cafe etag 12332983500256088929 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 11 Jan 2024 01:07:23 GMT
GET BLOB	200 OK	d7082066-6d5d-4e87-9794-b1cae4adb3e9 https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/d7082066-6d5d-4e87-9794-b1cae4adb3e9 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	518434d3-d930-42d9-94bf-be2973281d50 https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/518434d3-d930-42d9-94bf-be2973281d50 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	df8a8354-83d8-40dd-a9d2-dc7177847d33 https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/df8a8354-83d8-40dd-a9d2-dc7177847d33 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	f5f8fb60-55f6-4f85-a03b-e1a90e78adc6 https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/f5f8fb60-55f6-4f85-a03b-e1a90e78adc6 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	b64ed49b-6cc4-4ce3-8cb7-c7f957eeb71d https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/b64ed49b-6cc4-4ce3-8cb7-c7f957eeb71d Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	5f4ef865-caa6-48e6-80f5-a8cf51a5259d https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/5f4ef865-caa6-48e6-80f5-a8cf51a5259d Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	61c46d72-93c8-43c9-b384-97b628dfe383 https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/61c46d72-93c8-43c9-b384-97b628dfe383 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	887e6508-a2c8-4277-93ab-2798f614c105 https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/887e6508-a2c8-4277-93ab-2798f614c105 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	889deed0-874e-4be8-834a-946ee3e6528c https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/889deed0-874e-4be8-834a-946ee3e6528c Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	fb928493-4300-4071-82e7-3aae7a19c6db https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/fb928493-4300-4071-82e7-3aae7a19c6db Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	a9dc6622-e618-464c-a967-a8a4cc2381ea https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/a9dc6622-e618-464c-a967-a8a4cc2381ea Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	04e8c386-37dd-479d-8ac2-f2b08d621598 https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/04e8c386-37dd-479d-8ac2-f2b08d621598 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
GET BLOB	200 OK	7165c156-be0a-4ba8-b899-90ecd2fdb735 https://roxcasino-tr.pu318ev.com/	419 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://roxcasino-tr.pu318ev.com/7165c156-be0a-4ba8-b899-90ecd2fdb735 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Length 419 Content-Type application/javascript
POST H2	200	fcb690b3-af59-4c91-84dc-39040e84c354 Show response f.pudaf.com/p/	21 B 733 B	145ms 144ms	Fetch application/json	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/fcb690b3-af59-4c91-84dc-39040e84c354?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=fcb690b3-af59-4c91-84dc-39040e84c354 Requested by Host: fs.pudaf.com URL: https://fs.pudaf.com/fp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash 4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60 Request headers Accept application/json, text/html, text/plain Referer https://roxcasino-tr.pu318ev.com/ If-None-Match accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/octet-stream Response headers date Thu, 11 Jan 2024 01:07:25 GMT last-modified Thu, 11 Jan 2024 01:05:45 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors etag 659f3f4d5bf0fef5080840a1 vary Origin content-type application/json access-control-allow-origin * access-control-expose-headers If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified content-length 21
OPTIONS H2	204	fcb690b3-af59-4c91-84dc-39040e84c354 f.pudaf.com/p/ Frame	0 0	144ms 143ms	Preflight	52.58.237.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://f.pudaf.com/p/fcb690b3-af59-4c91-84dc-39040e84c354?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=fcb690b3-af59-4c91-84dc-39040e84c354 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.58.237.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-237-32.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,if-none-match Access-Control-Request-Method POST Origin https://roxcasino-tr.pu318ev.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,if-none-match access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * access-control-max-age 43200 date Thu, 11 Jan 2024 01:07:25 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| landingConfig string| afto function| aft object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| phonePattern object| links object| pageState object| formNotif object| recaptcha object| closure_lm_421177 string| afti function| aftUUID function| aftSID function| aftUID function| aftGenSID

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pu318ev.com/	1970-01-20 17:35:37	Name: __cf_bm Value: 7kas5U1GkPkpk.cpu7C5.GmpStuO2E7d25lwId8GhnE-1704935240-1-ATiCNb5qMgYMYE6/EDIt/FUHPcKT8sQFqEoEueI19X0Ma5cUm8dhGqWVr5Gvq6WZLkrNJmZPYTVJbKca50dCDVg=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fs.pudaf.com/fp.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.pudaf.com
fonts.googleapis.com
fonts.gstatic.com
fs.pudaf.com
pagead2.googlesyndication.com
roxcasino-tr.pu318ev.com
www.google.com
www.gstatic.com
2606:4700:20::681a:ed4
2607:f8b0:4004:c06::93
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c1b::5e
52.58.237.32
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2c9dcc4fb62b1dd4c6f1c44ee40efe583333fdf7166a98c5de85d0bf9b18aee2
3b38c2c3fffec1fb2c19381890aee532c3ce55cd97aadde29de9bf65d84fa910
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa
7178777b0bbcfb16bc95cae31fbf75d07eea332ef0015af706e2fcef0e7673ee
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
84bd81553ca94f64222fd150614e3a492ecf76cdafc20ffb0be50f08ae9c3a64
9a9e23e2620acc7e7679de55c389add58698ada404ae426fdf3ef286950b292f
a59a3af6e0ccf94c54e6e33d9514f2f06cea329d9ff9550ec41357cd41984bb2
ce3c7b9aa7606bd64b6dbf60299b7a21d8a87e69c98b45c05201c3f4faefd3d2
d60095bab9c9c1dc55b60683b5c7b86b2a3f735acbc6fb9677e8126b560d3af8
d65c13c6cc536a884c136555082a1cb3db39eaced1d00cdbb0063f64e85a6ac6
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
dea35e1e512b9c5e6b6c2c813e2590fe41f3af3d15a2a1c84cc46b2b9481d68b
e8841ae28cd23a195102486ffe06cf53f51d1beb8e024ce760b3f6379c3e3c25
f73e4d5d9be7cd1607f193655b8fc80510b38e4ebda87f0656885095014bc7cd