quickwin765412.com Open in urlscan Pro
94.242.229.244 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://quickwin765412.com/
Submission: On December 25 via api (December 25th 2023, 9:29:52 am UTC) from US — Scanned from DE

Summary HTTP 373 Redirects Behaviour Indicators

Summary

This website contacted 79 IPs in 11 countries across 75 domains to perform 373 HTTP transactions. The main IP is 94.242.229.244, located in Luxembourg and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is quickwin765412.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2023. Valid for: a year.

This is the only time quickwin765412.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
166	94.242.229.244 94.242.229.244	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	143.204.205.221 143.204.205.221	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
6	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	78.47.189.205 78.47.189.205	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	34.120.135.117 34.120.135.117	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	94.242.230.31 94.242.230.31	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:672	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.228.178.86 18.228.178.86	16509 (AMAZON-02) (AMAZON-02)
2	88.214.195.93 88.214.195.93	46636 (NATCOWEB) (NATCOWEB)
1	2600:9000:214... 2600:9000:214f:8a00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	138.197.230.29 138.197.230.29	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
3 9	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
4	2606:4700:303... 2606:4700:3032::6815:4d08	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
15	185.199.175.191 185.199.175.191	43927 (HOSTERION) (HOSTERION)
5 10	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.162.159.92 178.162.159.92	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:303... 2606:4700:3038::6815:ea9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
4 7	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	2.16.1.235 2.16.1.235	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1 11	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
4 4	13.32.27.83 13.32.27.83	16509 (AMAZON-02) (AMAZON-02)
4	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 3	52.49.2.43 52.49.2.43	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	44.193.120.159 44.193.120.159	14618 (AMAZON-AES) (AMAZON-AES)
1 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4264:cd63:6b3d:4f30:16c6	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.193.186.61 18.193.186.61	16509 (AMAZON-02) (AMAZON-02)
2	18.203.91.219 18.203.91.219	16509 (AMAZON-02) (AMAZON-02)
2	18.198.94.178 18.198.94.178	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	34.120.139.69 34.120.139.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.201.99 35.186.201.99	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	34.247.112.223 34.247.112.223	16509 (AMAZON-02) (AMAZON-02)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.58.74.169 52.58.74.169	16509 (AMAZON-02) (AMAZON-02)
1	89.149.192.201 89.149.192.201	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2607:ae80:4::26 2607:ae80:4::26	26558 (FREEWHEEL) (FREEWHEEL)
3 3	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 4	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	54.194.101.149 54.194.101.149	16509 (AMAZON-02) (AMAZON-02)
1 1	52.214.72.66 52.214.72.66	16509 (AMAZON-02) (AMAZON-02)
1	52.92.16.184 52.92.16.184	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.66.43 65.9.66.43	16509 (AMAZON-02) (AMAZON-02)
2 3	34.247.94.113 34.247.94.113	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.12.239 52.57.12.239	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	52.58.128.62 52.58.128.62	16509 (AMAZON-02) (AMAZON-02)
2	18.229.93.177 18.229.93.177	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::6816:85a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	34.110.191.112 34.110.191.112	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:1ce8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
373	79

166 94.242.229.244 (Luxembourg)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

quickwin765412.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.205.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-221.fra53.r.cloudfront.net

d3mi6d1ao3fzsg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.47.189.205 (Mundelsheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.205.189.47.78.clients.your-server.de

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 34.120.135.117 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.135.120.34.bc.googleusercontent.com

sb2widgetsstatic-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.242.230.31 (Luxembourg) 3 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

quickwin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:672 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adjs.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.228.178.86 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-228-178-86.sa-east-1.compute.amazonaws.com

event.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.93 (United Kingdom)

ASN46636 (NATCOWEB, US)

track.wolf22.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8a00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.230.29 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

pixel.adfyier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.6.243 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::6815:4d08 (United States)

ASN13335 (CLOUDFLARENET, US)

scpt.getrmads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.getrmads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.199.175.191 (Floreşti, Romania)

ASN43927 (HOSTERION, RO)
PTR: eros.hosterion.net

winner-slots.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.21 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.159.92 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

reichelcormier.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea9b (United States)

ASN13335 (CLOUDFLARENET, US)

track.aso1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

quickwin.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.131 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20846458p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.1.235 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-235.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.3.26 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.27.83 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.2.43 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-2-43.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.120.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-120-159.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:cd63:6b3d:4f30:16c6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.186.61 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-186-61.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.91.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.94.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-94-178.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.112.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-112-223.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.74.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-74-169.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.201 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.51.122 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.51.121 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.101.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.72.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-72-66.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.16.184 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-43.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.247.94.113 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-94-113.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.12.239 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-239.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.128.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-128-62.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.229.93.177 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-93-177.sa-east-1.compute.amazonaws.com

cms.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:85a (United States)

ASN13335 (CLOUDFLARENET, US)

sb2frontend-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.110.191.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.191.110.34.bc.googleusercontent.com

sb2auth-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sb2bonus-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1ce8 (United States)

ASN13335 (CLOUDFLARENET, US)

sb2integration-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
166	quickwin765412.com quickwin765412.com	4 MB
46	biahosted.com sb2widgetsstatic-altenar2.biahosted.com — Cisco Umbrella Rank: 337081 sb2frontend-altenar2.biahosted.com — Cisco Umbrella Rank: 180198 sb2auth-altenar2.biahosted.com — Cisco Umbrella Rank: 204926 sb2integration-altenar2.biahosted.com — Cisco Umbrella Rank: 215806 sb2bonus-altenar2.biahosted.com — Cisco Umbrella Rank: 217825	399 KB
21	adform.net 4 redirects s2.adform.net — Cisco Umbrella Rank: 6115 track.adform.net — Cisco Umbrella Rank: 4289 a1.adform.net — Cisco Umbrella Rank: 10616 c1.adform.net — Cisco Umbrella Rank: 560 dmp.adform.net — Cisco Umbrella Rank: 2870	46 KB
15	winner-slots.online winner-slots.online	229 KB
10	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	8 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234 se.semasio.net — Cisco Umbrella Rank: 21526	4 KB
7	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
7	rfihub.com 4 redirects 20846458p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 825 a.rfihub.com — Cisco Umbrella Rank: 2935	12 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	479 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	590 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2043 ekr.zdassets.com — Cisco Umbrella Rank: 2264	349 KB
6	getblue.io event.getblue.io — Cisco Umbrella Rank: 31225 widget.getblue.io — Cisco Umbrella Rank: 33320 cms.getblue.io — Cisco Umbrella Rank: 48957	7 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	148 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	34 KB
4	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	158 B
4	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 1785	3 KB
4	getrmads.com scpt.getrmads.com — Cisco Umbrella Rank: 433236 metrics.getrmads.com — Cisco Umbrella Rank: 399781	4 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2112	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661 load77.exelator.com — Cisco Umbrella Rank: 3503	2 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
3	eskimi.com dsp-media.eskimi.com — Cisco Umbrella Rank: 40740 dsp-trk.eskimi.com — Cisco Umbrella Rank: 38884 dsp-ap.eskimi.com — Cisco Umbrella Rank: 17656	4 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	61 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	quickwin.com 3 redirects quickwin.com	387 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12816	654 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	1 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	647 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	928 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	618 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	675 B
2	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 499	865 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 981	688 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 491 eu-u.openx.net — Cisco Umbrella Rank: 2473	361 B
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 859 simage2.pubmatic.com — Cisco Umbrella Rank: 723	450 B
2	seadform.net server.seadform.net — Cisco Umbrella Rank: 32226	932 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12331	2 KB
2	wolf22.xyz track.wolf22.xyz	997 B
2	adjs.media adjs.media — Cisco Umbrella Rank: 219942	2 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 72639 rtg.prdredir.com — Cisco Umbrella Rank: 155727	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	995 B
2	cloudfront.net d3mi6d1ao3fzsg.cloudfront.net	31 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1855	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23748	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	238 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	921 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20737	444 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 23648	407 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 799	266 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 526	639 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	163 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4608	38 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 461	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	235 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	199 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1153	175 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1554	182 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1491	109 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 665	620 B
1	zendesk.com quickwin.zendesk.com	1 KB
1	aso1.net track.aso1.net	332 B
1	reichelcormier.bid reichelcormier.bid — Cisco Umbrella Rank: 104997	354 B
1	adfyier.com pixel.adfyier.com — Cisco Umbrella Rank: 98062	1 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5475	6 KB
1	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 25793	76 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	adsafety.net Failed cm.adsafety.net Failed
373	75

	Domain	Requested by
166	quickwin765412.com	quickwin765412.com
33	sb2widgetsstatic-altenar2.biahosted.com	quickwin765412.com sb2widgetsstatic-altenar2.biahosted.com
15	winner-slots.online	quickwin765412.com winner-slots.online
8	c1.adform.net	1 redirects track.adform.net c1.adform.net
7	www.googletagmanager.com	quickwin765412.com www.googletagmanager.com winner-slots.online
6	cm.g.doubleclick.net	6 redirects
6	secure.adnxs.com	3 redirects quickwin765412.com c1.adform.net
6	static.zdassets.com	quickwin765412.com static.zdassets.com
5	sb2frontend-altenar2.biahosted.com	quickwin765412.com
5	analytics.tiktok.com	winner-slots.online analytics.tiktok.com
5	track.adform.net	2 redirects www.googletagmanager.com quickwin765412.com
5	www.google.com	quickwin765412.com www.gstatic.com www.google.com winner-slots.online
4	sb2bonus-altenar2.biahosted.com	quickwin765412.com
4	se.semasio.net	3 redirects c1.adform.net
4	ib.adnxs.com	2 redirects quickwin765412.com event.getblue.io
4	idsync.rlcdn.com	quickwin765412.com c1.adform.net
4	p.rfihub.com	3 redirects quickwin765412.com
4	live.rezync.com	4 redirects
4	a1.adform.net	1 redirects s2.adform.net quickwin765412.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	sb2auth-altenar2.biahosted.com	quickwin765412.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	dsum-sec.casalemedia.com	1 redirects quickwin765412.com c1.adform.net
3	dpm.demdex.net	2 redirects quickwin765412.com
3	fonts.gstatic.com	www.google.com fonts.googleapis.com
3	event.getblue.io	www.googletagmanager.com event.getblue.io
3	quickwin.com	3 redirects
2	cms.getblue.io	event.getblue.io
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	quickwin765412.com c1.adform.net
2	beacon.krxd.net	quickwin765412.com c1.adform.net
2	aa.agkn.com	1 redirects quickwin765412.com
2	ps.eyeota.net	quickwin765412.com c1.adform.net
2	a.rfihub.com	1 redirects c1.rfihub.net
2	server.seadform.net	quickwin765412.com
2	metrics.getrmads.com	scpt.getrmads.com metrics.getrmads.com
2	connect.facebook.net	winner-slots.online connect.facebook.net
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	my.rtmark.net	www.googletagmanager.com quickwin765412.com
2	scpt.getrmads.com	www.googletagmanager.com scpt.getrmads.com
2	track.wolf22.xyz	www.googletagmanager.com quickwin765412.com
2	adjs.media	quickwin765412.com adjs.media
2	www.google-analytics.com	www.googletagmanager.com quickwin765412.com
2	fonts.googleapis.com	quickwin765412.com sb2widgetsstatic-altenar2.biahosted.com
2	d3mi6d1ao3fzsg.cloudfront.net	quickwin765412.com
1	sb2integration-altenar2.biahosted.com	quickwin765412.com
1	www.google.de	winner-slots.online
1	www.facebook.com	winner-slots.online
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	match.adsrvr.org	c1.adform.net
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	dsp-ap.eskimi.com	dsp-media.eskimi.com
1	dsp-trk.eskimi.com	dsp-media.eskimi.com
1	partners.tremorhub.com	quickwin765412.com
1	x.dlx.addthis.com	quickwin765412.com
1	bpi.rtactivate.com	quickwin765412.com
1	contextual.media.net	quickwin765412.com
1	us-u.openx.net	quickwin765412.com
1	image2.pubmatic.com	quickwin765412.com
1	widget.getblue.io	event.getblue.io
1	rtg.prdredir.com	quickwin765412.com
1	dsp-media.eskimi.com	winner-slots.online
1	20846458p.rfihub.com	c1.rfihub.net
1	region1.google-analytics.com	www.googletagmanager.com
1	quickwin.zendesk.com	static.zdassets.com
1	track.aso1.net	quickwin765412.com
1	reichelcormier.bid	www.googletagmanager.com
1	s2.adform.net	quickwin765412.com
1	pixel.adfyier.com	quickwin765412.com
1	c1.rfihub.net	quickwin765412.com
1	scripts.prdredir.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ekr.zdassets.com	quickwin765412.com
1	cdn.cookie-script.com	quickwin765412.com
0	global.ib-ibi.com Failed	c1.adform.net
0	cm.adsafety.net Failed	c1.adform.net
373	101

This site contains no links.

Subject Issuer	Validity	Valid
quickwin765412.com Cloudflare Inc ECC CA-3	`2023-03-15` - `2024-03-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sb2widgetsstatic-altenar2.biahosted.com GTS CA 1D4	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
prdredir.com GTS CA 1P5	`2023-11-01` - `2024-01-30`	3 months	crt.sh
adjs.media E1	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.getblue.io Amazon RSA 2048 M02	`2023-10-30` - `2024-11-27`	a year	crt.sh
*.wolf22.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-03-31` - `2024-04-30`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
saleguard.shop Go Daddy Secure Certificate Authority - G2	`2023-06-11` - `2024-06-10`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
getrmads.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
winner-slots.online R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh
reichelcormier.bid R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
aso1.net GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
quickwin.zendesk.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-03` - `2024-01-01`	3 months	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2023-03-20` - `2024-04-12`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sb2frontend-altenar2.biahosted.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.biahosted.com Go Daddy Secure Certificate Authority - G2	`2023-08-31` - `2024-10-01`	a year	crt.sh
sb2integration-altenar2.biahosted.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://quickwin765412.com/
Frame ID: FA092292AC702DC2310607C650A31566
Requests: 264 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: B7A8C3AF933DA8E9EECBFF4ED36BF556
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=20prrnip1ubc
Frame ID: 3CFA809179BBDC0543AC96AA91FEC748
Requests: 8 HTTP requests in this frame

Frame: https://winner-slots.online/
Frame ID: 8A92F7FA8C11D83359CF1E97E6BEDC18
Requests: 35 HTTP requests in this frame

Frame: https://20846458p.rfihub.com/ca.html?ver=9&rb=48767&ca=20846458&_o=48767&_t=20846458&pe=https%3A%2F%2Fquickwin765412.com%2Fen%2F&pf=&ra=8562341102727589
Frame ID: A3C1EB044D71797165CE249CDFDA6750
Requests: 18 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&ulc=&v=29092023-1023&nocache=7182924749011.299
Frame ID: 727487FD9E4D21C1A32FA1751670E069
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Frame ID: 96CDE8D11A6C25E353FB398B2921DF21
Requests: 41 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=48767&ca=20846458&ri=3d9f20fa6d47184346a0a33b70f6766c&stats=%7B%2213488%22%3A%221426%2C2%22%2C%2217243%22%3A%22199%2C1%22%2C%2242261%22%3A%22316%2C1%22%2C%2250495%22%3A%22470%2C1%22%2C%2252220%22%3A%22352%2C1%22%2C%2253935%22%3A%22352%2C1%22%2C%2254497%22%3A%22402%2C1%22%2C%2254855%22%3A%22335%2C2%22%2C%2254863%22%3A%22613%2C1%22%2C%2255073%22%3A%22341%2C2%22%2C%2256659%22%3A%22431%2C1%22%2C%2256885%22%3A%22586%2C2%22%2C%2257347%22%3A%22426%2C2%22%2C%2257363%22%3A%221241%2C1%22%2C%2258143%22%3A%22342%2C1%22%2C%2258553%22%3A%221263%2C2%22%2C%2258561%22%3A%22445%2C1%22%7D&ra=3588854517467428
Frame ID: F1E768D73D665115261ADE2539C7B12E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Online Casino for Online Betting and Gaming | Quickwin

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

373
Requests

92 %
HTTPS

26 %
IPv6

75
Domains

101
Subdomains

79
IPs

11
Countries

6294 kB
Transfer

16347 kB
Size

66
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 148

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg

Request Chain 149

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg

Request Chain 150

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg

Request Chain 181

https://secure.adnxs.com/seg?add=35276001&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

Request Chain 182

https://secure.adnxs.com/seg?add=35276004&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

Request Chain 209

https://a1.adform.net/Serving/TrackPoint/?pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=520241208215&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=520241208215&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 210

https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=780176371070&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=780176371070&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 211

https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=94065589138&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=94065589138&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 236

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731637863112&referrer=https%3A%2F%2Fquickwin765412.com%2Fen%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D75f5a1dc-bdcf-48df-b682-2a9ec219ada1%253A1703496583.155189%26_%3D1703496583.1572313&cb=1703496583.1572561 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731637863112&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D75f5a1dc-bdcf-48df-b682-2a9ec219ada1%253A1703496583.155189%26_%3D1703496583.1572313 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.1572313

Request Chain 237

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTYzNzg2MzExMg==&forward= HTTP 302
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTYzNzg2MzExMg==&forward=&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEDu0_dK5xmBiEKryBLAYulA&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731637863112&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D75f5a1dc-bdcf-48df-b682-2a9ec219ada1%253A1703496583.155189%26_%3D1703496583.6610672&cb=1703496583.6610959 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731637863112&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D75f5a1dc-bdcf-48df-b682-2a9ec219ada1%253A1703496583.155189%26_%3D1703496583.6610672 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.6610672

Request Chain 239

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559731637863112&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731637863112&redir=

Request Chain 242

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559731637863112&bid=omt9pi0

Request Chain 245

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731637863112&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731637863112&forward=&C=1

Request Chain 252

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZYlLhwAJbqqflgAM HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYlLhwAJbqqflgAM&_test=ZYlLhwAJbqqflgAM

Request Chain 269

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8102479658319200828&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8102479658319200828&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=8102479658319200828&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7316462112846837910&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=2313369764290011469&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Nzk3NzM1NDEzMDYzMkExNg&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEJHLxKM1uotwWgCOhXcSk4w&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEJHLxKM1uotwWgCOhXcSk4w&sInitiator=internal&google_cver=1&gdpr=

Request Chain 271

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8102479658319200828 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8102479658319200828&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 276

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODEwMjQ3OTY1ODMxOTIwMDgyOA HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKjUXLi_HT5jfi3Mq3bTnkc&google_cver=1&google_ula=1641347,0

Request Chain 281

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=2313369764290011469&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6424851302511315778

Request Chain 284

https://a.audrte.com/a?adform_uid=8102479658319200828 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2ZnMUFYTHZEUktSdWktMGZXVTVuOU15Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 285

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8102479658319200828&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=43450434927851123953239613345316847490&noredirect=1

Request Chain 286

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8102479658319200828 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217233104741001031995

Request Chain 287

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7316462112846837910

Request Chain 289

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=zNiNdVoG1RhHhl5

Request Chain 293

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=164262125 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=H0ELnQSjqqJSQXlHUV7Aou

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&google_ula=6572934421&ula=6572934421&google_hm=RDE0REE0OUMtNUQ1MS00QTRBLTgwN0NBRjE5Qjc1MUE3Q0Q&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029 HTTP 302
https://cms.getblue.io/cm/?src=adx&child=europe&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&google_gid=CAESEOUFFeZ9JDqXE8k3kF__do8&google_cver=1&google_ula=6572934421,0

Request Chain 303

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&appnexusid=$UID HTTP 302
https://cms.getblue.io/cm/?src=appnexus&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&appnexusid=2313369764290011469

373 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
quickwin765412.com/ 12 KB
5 KB 165ms
94ms Document
text/html 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81925af97f3e8821604ebaa3cb625012d8eb2bf15edb7d5dc8dce3ac41f9449

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 24
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 83b00f91e821aca7-TXL
cf-revalidated: Mon Dec 25 2023 09:25:04 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1703496364566 1703496564817
content-encoding: br
content-type: text/html
date: Mon, 25 Dec 2023 09:29:38 GMT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
server: cloudflare
vary: null, Accept-Encoding

GET
H2 200 runtime.89148cf49948a80c6a45.js Show response
quickwin765412.com/ 3 KB
2 KB 82ms
80ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbde216af37a4c3b99b0cf2955a5045ded2d17cfb5e96da4226e986a2e4cf3dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 59
etag: W/"6582f8cd-c1b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496580444
cf-ray: 83b00f9299e1aca7-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:40 GMT+0000 (Coordinated Universal Time)

GET
H2 200 polyfills.250fe061a3885860ec19.js Show response
quickwin765412.com/ 56 KB
19 KB 104ms
103ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2dccb7019dff8b98265aee043f800ba56e6dfc5fa26dcf7ea029dfff8825f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 59
etag: W/"6582f8cd-de0d"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496580451
cf-ray: 83b00f9299e5aca7-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:40 GMT+0000 (Coordinated Universal Time)

GET
H2 200 main.b8bc3f321d8e2be331ed.js Show response
quickwin765412.com/ 3 MB
782 KB 103ms
101ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b824c9b63a35a3775df3b6db43259eb786f2f6871e2950fb8afc3a83744e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 19
cf-polished: origSize=3265532
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:20 GMT+0000 (Coordinated Universal Time)
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6582f8cd-31d3fc"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496620412
cf-ray: 83b00f9299ebaca7-TXL

GET
H2 200 initial.css
quickwin765412.com/assets/ 2 KB
585 B 70ms
69ms Stylesheet
text/css 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/initial.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c80d2e8672ebd49da0e7669159676c086e0b4d122d5df3b0563465d4808a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 1738595
cf-polished: origSize=2151
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: W/"65671356-867"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f9299eeaca7-TXL
expires: Thu, 18 Jan 2024 09:29:38 GMT

GET
H2 200 styles.9df026521b966c17f6cb.css
quickwin765412.com/ 218 KB
45 KB 131ms
130ms Stylesheet
text/css 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/styles.9df026521b966c17f6cb.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af270819ef7138e262d3b7b08dae6e93875f5b0f1328f1bd98d66f819686563

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 59
cf-polished: origSize=222896
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:40 GMT+0000 (Coordinated Universal Time)
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6582f8cd-366b0"
vary: null, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cf-ttl: 1703496580448
cf-ray: 83b00f9299f1aca7-TXL

GET
H3 200 dots.png
quickwin765412.com/cdn-static/images/quickwin/pattern/ 244 B
558 B 176ms
173ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/pattern/dots.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193561f978c5db1176bd70243ced9ace558b0d6b544124c7624259b605c99fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
cf-cache-status: HIT
age: 528965
cf-polished: origFmt=png, origSize=531
x-cache-status: HIT
content-disposition: inline; filename="dots.webp"
alt-svc: h3=":443"; ma=86400
content-length: 244
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-213"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1703496639144
accept-ranges: bytes
cf-ray: 83b00f92fb14aca9-TXL
expires: Sat, 30 Dec 2023 13:49:17 GMT

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 preloader.jpg
quickwin765412.com/assets/images/ 328 KB
328 KB 78ms
78ms Image
image/jpeg 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/preloader.jpg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

384e5a56b7bb4a02faf44722bb96cc1c76207e809aa295855d16484ffd633108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1738588
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
content-length: 335634
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: "65671356-51f12"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 83b00f92fb2aaca9-TXL
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H3 200 locales.48fccbdb86ab5def3035.js Show response
quickwin765412.com/ 121 KB
13 KB 137ms
136ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/locales.48fccbdb86ab5def3035.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af4ede967218ca52aa7c5d766e0af5992160ecc2382d0635db809e01a28ff18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 17
etag: W/"6582f8cd-1e3cb"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496622873
cf-ray: 83b00f952f49aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:22 GMT+0000 (Coordinated Universal Time)

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 141ms
52ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10280f6a705b52ee8eb4ee70aadf8a352a112ff9caf9266eab9666609e061e81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Dec 2023 09:29:39 GMT

GET
H3 200 translation Show response
quickwin765412.com/en/api/v2/lang/ 93 KB
27 KB 78ms
78ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/lang/translation

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4fe2b0fff3949427fae83fa1824eacdd5f66b37d59a0831bad99b0ffa5723b8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 58
request-id: feapi-b470a7fc-9136-45d8-af70-9281a60452e2
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:41 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:41 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496581794
cf-ray: 83b00f9618f3aca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 info Show response
quickwin765412.com/en/api/v2/system/ 182 B
382 B 114ms
113ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/system/info

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9663cff01110ace5123904d2f4f5a656338de9675f09e9ee722ccb124964317e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-device-type: desktop
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
request-id: feapi-aa02e277-ede5-4824-af3e-aeb33f3bc33f
cf-ray: 83b00f9618f8aca9-TXL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-device-name: Other

GET
H/1.1 200
OK webpush.min.css
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/ 13 KB
14 KB 185ms
94ms Stylesheet
text/css 143.204.205.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-221.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 969fd990bcd980d6754827a283c9c9f447f98958adbf6bd4c0e134440e2fe7e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 06:28:34 GMT
Via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Jan 2023 08:19:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
Age: 11849
x-amz-server-side-encryption: AES256
ETag: "c62351d1242c5274a315d76fd86d80d9"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13528
X-Amz-Cf-Id: vZWWaVbd6bzusNUL5yslI_bOJr2Flg8tJ68opYZiS5EIGEBEQAQyhA==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
995 B 140ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbffca692cf40b9d0611e20983dadef6e2adf9ce02b398257d0273245c619bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 09:28:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 09:29:39 GMT

GET
H/1.1 200
OK webpush.min.js Show response
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/ 17 KB
17 KB 135ms
45ms Script
application/x-javascript 143.204.205.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-221.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef7b483c3b575577f683cf3849e3a79a5385b9844b630adcdc31149900606460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 02:10:27 GMT
Via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Jan 2023 08:19:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
Age: 26358
x-amz-server-side-encryption: AES256
ETag: "e3c1f04a04c330afe06f406c451de0a1"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17209
X-Amz-Cf-Id: urHegZ2Vig-bm4d2Ix2gJITWjV54G9CKth6FmGnsm8ZPguqfabaqPw==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 121ms
49ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=78bdcf45-56b4-43b3-a452-beb220803adc

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 15
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBKdxoWerCdZwRFfTnp%2FXdbkbxzUyRfBfmcfF%2B%2BXWB4UlIYoXBZE65hSeeZRktmVnxksmaDqaJG0KBNUQEGaNuVd9vw13UHFxlmf8qabccFpi%2BNrOExhdkO3BpG500l%2B7hbTEhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 83b00f969f8358f0-TXL

GET
H2 200 36dbf80a223b706873552176b2d9cede.js Show response
cdn.cookie-script.com/s/ 409 KB
76 KB 123ms
39ms Script
application/javascript 78.47.189.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/36dbf80a223b706873552176b2d9cede.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.47.189.205 Mundelsheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.189.47.78.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ef73dba5bbbc5efe6842b89586d4293e25296937b842b8b942fe583c9f2bf3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 06:55:36 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"47e433f551608f9d05dbc65c74e5a61d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
78 KB 148ms
60ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa80ce639f14190908ade637a3462b78545e0829ec6b2b0dde3a5c3f965203fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79035
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 09:29:39 GMT

GET
H3 200 3.b4483b41d1bd2a47229b.js Show response
quickwin765412.com/ 95 KB
19 KB 100ms
100ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/3.b4483b41d1bd2a47229b.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b23f1d09ebe1ca5d6fb367ae8fd86f37e74391589bbc5fd58336fc007a4e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 25
etag: W/"6582f8cd-17d5e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496614607
cf-ray: 83b00f963947aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:14 GMT+0000 (Coordinated Universal Time)

GET
H3 200 6.9422763aa6671b693d5c.js Show response
quickwin765412.com/ 16 KB
5 KB 104ms
103ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/6.9422763aa6671b693d5c.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b13bb2a102816f21ae2b3f10a40cfbab4d4c601ddaebf4752a9076c2ff3ceb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 25
etag: W/"6582f8cd-3f7d"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496614610
cf-ray: 83b00f963949aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:14 GMT+0000 (Coordinated Universal Time)

GET
H3 200 9.dca6e2e16f0366661e9e.js Show response
quickwin765412.com/ 51 KB
11 KB 83ms
83ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/9.dca6e2e16f0366661e9e.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71c14d66d40edec2cdf95f0d0354a3f7d915413d4503d34f00151ddbc0f4a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 25
etag: W/"6582f8cd-cc36"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496614612
cf-ray: 83b00f96394caca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:14 GMT+0000 (Coordinated Universal Time)

GET
H3 200 common.2f5d41891b1bf0a8be93.js Show response
quickwin765412.com/ 9 KB
3 KB 106ms
105ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/common.2f5d41891b1bf0a8be93.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f92e3790df8c048d1425e5973b962d4f0861da99a355802bfdc941a3dccb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 25
etag: W/"6582f8cd-2202"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496614626
cf-ray: 83b00f96394eaca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:14 GMT+0000 (Coordinated Universal Time)

GET
H3 200 18.3f64b531d00305b95edc.js Show response
quickwin765412.com/ 115 KB
25 KB 95ms
95ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/18.3f64b531d00305b95edc.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace7e99e54c48ac1e0f32d73656ef409e69139bff003b7aeef76462ee0594dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 25
etag: W/"6582f8cd-1cd9b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496614604
cf-ray: 83b00f963951aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:14 GMT+0000 (Coordinated Universal Time)

GET
H3 200 Medium.woff
quickwin765412.com/assets/fonts/ 36 KB
36 KB 44ms
43ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/Medium.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf622c70cd52085f8d3672dd27abf0ccdf5600297221514aa41dbaf2a0f6b1d2

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1738496
etag: W/"65671356-90d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f963953aca9-TXL
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 148ms
45ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quickwin765412.com/
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 13:11:36 GMT

GET
H3 200 sprite.svg
quickwin765412.com/assets/ 122 KB
38 KB 60ms
60ms Other
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/assets/sprite.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

745c5d683887239e96b5e1818ca24ee736d23f4a95e23c730f1f9a0ab77bed7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 455624
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Dec 2023 13:31:30 GMT
server: cloudflare
etag: W/"657c5532-1e6ae"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f96ea95aca9-TXL
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H3 200 en.svg
quickwin765412.com/cdn-static/vector/flags/ 1 KB
895 B 115ms
114ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/flags/en.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac0eb9b299d05c43ce0bb3bccfe28d38c78ab3f8442854f1f28b1e5a64237505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 8
etag: W/"645e0e31-497"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703496631798
cf-ray: 83b00f96ea99aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:31 GMT+0000 (Coordinated Universal Time)
expires: Thu, 21 Dec 2023 14:57:15 GMT

GET
H3 200 de.svg
quickwin765412.com/cdn-static/vector/flags/ 7 KB
3 KB 101ms
100ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/flags/de.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42688c6b7c3ede14a89c83ed21e2bee0a9ef6b36efd49e975841250c3ecd63b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 15
etag: W/"645e0e31-1a27"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703496624720
cf-ray: 83b00f96ea9caca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:24 GMT+0000 (Coordinated Universal Time)
expires: Fri, 29 Dec 2023 17:53:03 GMT

GET
H3 200 BoldItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 52ms
51ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/BoldItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b24077b5d68982367d8c0653653db94c2e03d5ab5b0d8ba373610a661cbbc8

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1738486
etag: W/"65671356-9b98"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f96eaa0aca9-TXL
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H3 200 BlackItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 57ms
56ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/BlackItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d6a9b90bdd341f52f1c5dd52286c116bd7fbb8af3a325a716ae29b71a376c5

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1738486
etag: W/"65671356-9b10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f96eaa1aca9-TXL
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H2 200 78bdcf45-56b4-43b3-a452-beb220803adc Show response
ekr.zdassets.com/compose/ 852 B
1 KB 124ms
47ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/78bdcf45-56b4-43b3-a452-beb220803adc

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69330104835be5c6ef333bc402f53092e60164e83f42001901fbb3100f16b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 23
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 83469f1848bc3830-SEA, 83469f1848bc3830-SEA
x-runtime: 0.003106
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c69330104835be5c6ef333bc402f5309"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvWBiHLo%2BB%2FPlMxoJBAFYh290qZ8kksctGYIESyV3OcLKl9bsTsJWpM8pg47CLFENvBtEf3Kp32tVVseOS29zIjLNR9nlt1zDAwS9UybtiI94D3sKRVk5sECA7Mkr7rGQ7k%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 83b00f976dee2675-TXL

GET
H3 200 item Show response
quickwin765412.com/en/api/v2/seo/ 775 B
739 B 101ms
101ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/seo/item?id=home

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fbf319de6eec942f1b42488836f2862b0a3db4131f403fa692a51d930fb3f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 50
request-id: feapi-85e902fa-86bb-4f01-8289-bbd564b92f5a
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:49 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:49 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496589429
cf-ray: 83b00f971af9aca9-TXL
cache-created: 2023-12-25T09:24:45.502Z
x-device-name: Generic Smartphone

GET
H3 200 1.67277e2c2166025d3c73.js Show response
quickwin765412.com/ 35 KB
8 KB 128ms
128ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/1.67277e2c2166025d3c73.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08df647ac6ae9d6db2ed6c7a65250d04f14918a58f8ecab598d98b9e622e417d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-8b6c"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626354
cf-ray: 83b00f971afdaca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 22.f8303621a9289efc08b8.js Show response
quickwin765412.com/ 22 KB
6 KB 115ms
115ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/22.f8303621a9289efc08b8.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1dd0ff97f0f46ac10e93ab0f1307f699895f944c90016a350735f4562fe994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-560b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626350
cf-ray: 83b00f971b00aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 30.1bc01234624549a03f21.js Show response
quickwin765412.com/ 34 KB
8 KB 118ms
118ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/30.1bc01234624549a03f21.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b5cd13a5a87b250858d9e06163cd9291df802f9df9bab4e7a1fb7fcd0df5ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-88a1"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626395
cf-ray: 83b00f971b04aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 27.33ebc08ce2c074868b6b.js Show response
quickwin765412.com/ 8 KB
3 KB 156ms
156ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/27.33ebc08ce2c074868b6b.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a377f6c1d2fc313f46d5aae100fd800a40dabb4f5cdf9b2b33604455fedda7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-1fe9"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626495
cf-ray: 83b00f971b07aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 28.9ad0b625c1f66c726629.js Show response
quickwin765412.com/ 32 KB
7 KB 131ms
130ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/28.9ad0b625c1f66c726629.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bff57770500e5694938c47feeaddccb7ccd8d226f23f69d3551bfee94e2e672

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-7e21"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626513
cf-ray: 83b00f971b09aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 29.466887f8223291d22d3d.js Show response
quickwin765412.com/ 12 KB
4 KB 152ms
146ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/29.466887f8223291d22d3d.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eab38026906bdd534b057b203e53d186a30a6d1e439b87485bdc24d5b0e2d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-2f6e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626519
cf-ray: 83b00f972b10aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 5.7e88bb3d92e9c2e701f9.js Show response
quickwin765412.com/ 39 KB
9 KB 179ms
174ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/5.7e88bb3d92e9c2e701f9.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a805c5457dba39514e74a7ad2b5dbd4c0095c1095d6b7299a82e6afd01196e09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-9b78"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626592
cf-ray: 83b00f972b14aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 8.63d7e2dc0b84ce76f42a.js Show response
quickwin765412.com/ 22 KB
5 KB 175ms
170ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/8.63d7e2dc0b84ce76f42a.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bada8511476ba1eec49ed28d1cb9617792cbeb82e46c8c6741a1a237107e293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-58f9"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626708
cf-ray: 83b00f972b15aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 17.6c7576df3d5aea1019bc.js Show response
quickwin765412.com/ 33 KB
8 KB 154ms
150ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/17.6c7576df3d5aea1019bc.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941c4c5d10e5812e7bef2c8b115965eac81d5b6681c825aba74a2edd9c82a7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-855e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626710
cf-ray: 83b00f972b16aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 33.a7ae611ffd25df97fb90.js Show response
quickwin765412.com/ 31 KB
8 KB 102ms
97ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/33.a7ae611ffd25df97fb90.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4fa92f5ae0317e4ff1f819c2a9d327562b65b62909654f5a6310557e9470937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-7bc5"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626718
cf-ray: 83b00f972b19aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 7.3c26a44e231800dafcb8.js Show response
quickwin765412.com/ 110 KB
22 KB 99ms
95ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/7.3c26a44e231800dafcb8.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d886c930b20c15f30e80372395c572095464710452c302063f3e7bfb9bb233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-1b656"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626847
cf-ray: 83b00f972b1aaca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 20.f0f16656165772ddc12a.js Show response
quickwin765412.com/ 62 KB
16 KB 185ms
181ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/20.f0f16656165772ddc12a.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb831d7be3c3cf3ece0a36846a16187987a318b8ee6fb304ccf492466fd3dc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-f62a"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626849
cf-ray: 83b00f972b1daca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 10.1914b7e5703827aa44d7.js Show response
quickwin765412.com/ 25 KB
7 KB 199ms
195ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/10.1914b7e5703827aa44d7.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a2a6d9c4ca38a7e4047e3f4a4af653a932bf432ae5d7c65e27843b98fda0151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-63d6"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626962
cf-ray: 83b00f972b1eaca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 4.e76cfcb5d8a26867822d.js Show response
quickwin765412.com/ 20 KB
6 KB 151ms
146ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/4.e76cfcb5d8a26867822d.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04bd9bbfbeb00e309f51d8d6cc6d990caa9c4cbfd9170f51efd232f6580dcb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 13
etag: W/"6582f8cd-4faf"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496626989
cf-ray: 83b00f972b1faca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:26 GMT+0000 (Coordinated Universal Time)

GET
H3 200 32.7173caaff4c3a8d1c04f.js Show response
quickwin765412.com/ 24 KB
7 KB 151ms
147ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/32.7173caaff4c3a8d1c04f.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: eedbdcd7b8acfbd5ee57f6bbfc862dbd202cccec3884a3503b71b538064cb825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-61b0"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627016
cf-ray: 83b00f972b20aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 24.2f2f76e65ec97400bcd3.js Show response
quickwin765412.com/ 10 KB
3 KB 150ms
145ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/24.2f2f76e65ec97400bcd3.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05d4ced653380378d6d9033fef8bec46d38adaf31238d183c762366bdbbeb75c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-263e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627061
cf-ray: 83b00f972b21aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 25.35ac421e6957a0f95063.js Show response
quickwin765412.com/ 9 KB
3 KB 160ms
156ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/25.35ac421e6957a0f95063.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92787ccfb81cc2be5343e18ff09c31e3a2bde375a7ba5a91b28cf862aaec7166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-25b8"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627097
cf-ray: 83b00f972b22aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 16.952c42f57e5b0a230c24.js Show response
quickwin765412.com/ 22 KB
7 KB 123ms
119ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/16.952c42f57e5b0a230c24.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfa1caff97f8f5ced70fc7aef1870d091bdf32616748b1b4ba5bdde5f336002f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-584f"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627794
cf-ray: 83b00f973b26aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 34.fe1eaf09072265aca475.js Show response
quickwin765412.com/ 4 KB
2 KB 113ms
110ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/34.fe1eaf09072265aca475.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c64c1bb9f01e55f12929d8d01690bc3f8736249530cb84fce3038559d29b6f27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-f77"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627796
cf-ray: 83b00f973b27aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 31.03320bc9e0a0e747989c.js Show response
quickwin765412.com/ 4 KB
2 KB 161ms
158ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/31.03320bc9e0a0e747989c.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93a7d15f544c8733a8dc610901f65db0a52a4e3c5c9555c274691e2a8262631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-f49"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627856
cf-ray: 83b00f973b28aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 23.7874d0f5f07b707848cf.js Show response
quickwin765412.com/ 75 KB
15 KB 196ms
192ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/23.7874d0f5f07b707848cf.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9eb98053bf9fc2a5147b4796de61dce179aeb0d0e9b6e49c2bcfc71b529533a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-12b38"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627874
cf-ray: 83b00f973b2aaca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 26.88890eabe720c888a178.js Show response
quickwin765412.com/ 5 KB
2 KB 120ms
116ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/26.88890eabe720c888a178.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbcbdacde7ac192393e1200a9b00c7958bb08dac022092e1424fa47989296c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-1522"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627894
cf-ray: 83b00f973b2baca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 19.593e72717dea46715cc2.js Show response
quickwin765412.com/ 72 KB
13 KB 115ms
112ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/19.593e72717dea46715cc2.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d90fd26e8cc7c0853639d15bfd9cd080c1080ab25f023419d4b29c8e2780b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 12
etag: W/"6582f8cd-11f39"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703496627956
cf-ray: 83b00f973b2caca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:27 GMT+0000 (Coordinated Universal Time)

GET
H3 200 sprite.svg
quickwin765412.com/assets/ 122 KB
38 KB 62ms
61ms Other
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/assets/sprite.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

745c5d683887239e96b5e1818ca24ee736d23f4a95e23c730f1f9a0ab77bed7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 455624
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Dec 2023 13:31:30 GMT
server: cloudflare
etag: W/"657c5532-1e6ae"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f974b65aca9-TXL
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/holidays/ 27 B
276 B 456ms
456ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/holidays/list

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dd812109c87559552ac89eb7f352a08baae02f5343b43b28d62c871a9e78df8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: DYNAMIC
x-device-type: desktop
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
request-id: feapi-d2b0cfff-8c0a-4362-b1b0-e9d1e808f975
cf-ray: 83b00f975b76aca9-TXL
alt-svc: h3=":443"; ma=86400
content-length: 27
x-xss-protection: 1; mode=block
x-device-name: Other

GET
H3 200 carbon.png
quickwin765412.com/cdn-static/images/quickwin/pattern/ 408 B
752 B 142ms
142ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/pattern/carbon.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f784c882e926082511adb84468522f5b4ddb936e151b984fefeb30fea62166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
cf-cache-status: HIT
age: 15
cf-polished: origSize=647, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 408
cf-revalidated: Mon Dec 25 2023 09:29:24 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-287"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1703496624403
accept-ranges: bytes
cf-ray: 83b00f977bb2aca9-TXL
expires: Sat, 30 Dec 2023 05:41:30 GMT

GET
DATA 200
OK truncated
/ 501 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f242e7f1afd4035ff39b92603ed40a8d7d3fc878bf86c3ec61896a9e0532e28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 MediumItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 52ms
51ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/MediumItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf3d3c393d6648a70ff135348b8f09a763b675d6b106e38bd9b5a73c2d6577ae

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1738486
etag: W/"65671356-9c2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f978bc1aca9-TXL
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H3 200 Bold.woff
quickwin765412.com/assets/fonts/ 36 KB
36 KB 63ms
62ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/Bold.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6d77b0c54018fe4e0a717e47a8ba92bc3598a5ef0a1f977be6045537cb158a

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1738486
etag: W/"65671356-9048"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f978bc3aca9-TXL
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/collection/ 8 KB
1 KB 135ms
135ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/collection/list

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d0f88d2d90a6cca64799580591669544ff7d81e4eb1df9d89ebf7bc59a7f88

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 10
request-id: feapi-0f474584-504f-4765-b275-b149413e894f
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:29 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:29:29 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496629838
cf-ray: 83b00f978bd0aca9-TXL
cache-created: 2023-12-25T09:27:52.729Z
x-device-name: Generic Smartphone

GET
H2 200 altenarWSDK.js Show response
sb2widgetsstatic-altenar2.biahosted.com/ 779 KB
181 KB 200ms
60ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e17efc9807190079c37d6cfa06df1a6748750cf956dedc4bfdc257475c72bfa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702644371
age: 0
x-guploader-uploadid: ABPtcPquyFb1gk73H7YexiQ7tXrFuSQDu8zbZVbmGs_y5rbj4bBMjjboHKS2a7kFVd94mrf_YT4eH5IfJQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184527
last-modified: Fri, 15 Dec 2023 12:46:27 GMT
server: UploadServer
etag: "02bee576c96ef609f8ff268d557c8c58"
vary: Accept-Encoding
x-goog-generation: 1702644387303503
x-goog-hash: crc32c=VVHjtw==, md5=Ar7ldslu9gn4/yaNVXyMWA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 184527
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:29:39 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/icon/ 2 KB
814 B 123ms
123ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/icon/list?count=10

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

036582f2a848015ce1307dda67910e24b6f6b3a2c853031bd1d0558ce448c459

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 50
request-id: feapi-ab8a05d5-ea24-422a-b28f-212376f5288d
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:49 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:49 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496589523
cf-ray: 83b00f979be7aca9-TXL
cache-created: 0
x-device-name: Generic Smartphone

GET
H3 200 tournament_promo_state Show response
quickwin765412.com/en/api/v2/tournament/ 290 B
534 B 139ms
139ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/tournament/tournament_promo_state

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65557ac587cbc6aa93a7b4040391d362c8d3a13b70365dc5381d9de03078df6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 10
request-id: feapi-001c88f8-a34a-4d05-85f4-d239769b890c
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:29 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:29:29 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496629889
cf-ray: 83b00f979befaca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 43 KB
8 KB 296ms
295ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=top&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

136daf42e7913ec0cb00e0d0b42ee434c85097250151518e0a5ea22c2ee69ac9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 50
request-id: feapi-92852821-a68f-4280-a5be-e6df652c9fae
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:49 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:49 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496589567
cf-ray: 83b00f97bc1aaca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 37 KB
5 KB 132ms
131ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=new&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c5ce2a67d045bccdea2726547c294bcc210db23725b8b358e83a5afd953440

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 50
request-id: feapi-ae39e7b7-2345-4aae-8791-fc7cbd592915
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:49 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:49 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496589576
cf-ray: 83b00f97cc31aca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 44 KB
6 KB 108ms
107ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=top-rated&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b18162bc79c360388c04ee49dae95f63e0195785d194323f60128d66a7494d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 50
request-id: feapi-33cf60c7-2866-4a71-81f6-3feaf35f9e1e
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:49 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:49 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496589575
cf-ray: 83b00f97cc37aca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 latest Show response
quickwin765412.com/en/api/v2/jackpot/ 47 B
310 B 245ms
244ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/jackpot/latest?currencyIsoCode=EUR

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b6e31d15a5d9ce78536eb6e655410fa363d6cfc06e98ea11a24a3641855355

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: DYNAMIC
x-device-type: desktop
request-id: feapi-3d89740a-e5b1-47a8-b9dd-dc3e78fed543
alt-svc: h3=":443"; ma=86400
content-length: 47
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
cf-ray: 83b00f97cc47aca9-TXL
cache-created: 0
x-device-name: Other

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 22 KB
4 KB 115ms
113ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=jackpots&count=16

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a19fdbfca0d103d1fd437df3c9affbb48b6c20ac252c4aca856204aa7aa761d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 50
request-id: feapi-8c36a995-6be3-44aa-98cc-7862b28555c3
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:49 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:49 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496589692
cf-ray: 83b00f97dc50aca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 37 KB
7 KB 109ms
108ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=all-games&count=28

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a58eeefc14ed42aff923660643dd42366f06234e697cb4b993e53274d90d8b4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 1177
request-id: feapi-b23b4704-54a0-4e9f-a4ad-166079469540
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:10:02 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:10:02 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703495462209
cf-ray: 83b00f97dc54aca9-TXL
cache-created: 0
x-device-name: Samsung SM-T505

GET
H3 200 item Show response
quickwin765412.com/en/api/v2/article/ 9 KB
3 KB 168ms
166ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/article/item?name=home

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c413164a9b4ed42792a4fe35e0d5787dc48aa26ffc99159ec329b47b665b8269

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-device-type: desktop
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
request-id: feapi-4943884e-dd4c-4d2f-adfd-cb112f3e6bc3
cf-ray: 83b00f97dc5daca9-TXL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-device-name: Other

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/promo/ 115 KB
19 KB 385ms
384ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/promo/list?count=100

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6275dbf3e6c09f7158e3b17cd4256d991c4e825dccd90e2eb11a1db4f2fe47

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-device-type: desktop
request-id: feapi-eda856de-6201-4460-ba8c-1b2ab759957f
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
cf-ray: 83b00f97dc61aca9-TXL
cache-created: 0
x-device-name: Other

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 682 B
687 B 106ms
104ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=cars_collection&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 10
request-id: feapi-fdf386a0-3e12-4a02-bf8f-f8423f81ffd7
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:29 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:29:29 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496629901
cf-ray: 83b00f97dc67aca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 603 B
699 B 122ms
120ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=entrance_sporttour&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7025aae009c4562e6049990255420de5f854ee5b25e2e627c7d47a1cc51d13f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 10
request-id: feapi-eba0fcc1-8fc1-4b38-90f1-dbd7379f6162
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:29 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:29:29 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496629914
cf-ray: 83b00f97dc6aaca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 45 KB
9 KB 140ms
140ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=popular&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc197118bc5867f8763f59fc8c45da24f7a50fec00064e412041cdcf0255f3a3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 50
request-id: feapi-f5af8bae-983a-4074-985d-46de90f7787d
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:49 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:49 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496589687
cf-ray: 83b00f97dc6baca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 682 B
687 B 135ms
133ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=cars_collection&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 10
request-id: feapi-fdf386a0-3e12-4a02-bf8f-f8423f81ffd7
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:29 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:29:29 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496629901
cf-ray: 83b00f97ec80aca9-TXL
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/icon/ 614 B
605 B 118ms
111ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/icon/list?category=footer_pay&count=3

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b61f379164930f075993f6b3bb7eb9766adec8be31f7fcedc5d138833f7d3bb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 50
request-id: feapi-ff174949-c90e-4262-a9c3-1c781de0cf50
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:49 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:28:49 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496589552
cf-ray: 83b00f982cdbaca9-TXL
cache-created: 0
x-device-name: Generic Smartphone

GET
H3 200 ferrari-logo.svg
quickwin765412.com/assets/images/ferrari-campaign/ 6 KB
3 KB 57ms
50ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/ferrari-campaign/ferrari-logo.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

979b86364648e67957ed75c12ec72a584055ec6a8352ad6ceaefe35800e371f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1738614
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: W/"65671356-1626"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f982ce1aca9-TXL
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H3 200 logo.svg
quickwin765412.com/cdn-static/images/quickwin/general/ 6 KB
3 KB 127ms
120ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/logo.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d053ad19ac0f9a306b470ab5a507d03f53860e7b64157f43ceef9d9f7a1088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:50 GMT
server: cloudflare
age: 52
etag: W/"645e0e52-19bf"
x-cache-status: MISS
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703496587637
cf-ray: 83b00f982ce9aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:47 GMT+0000 (Coordinated Universal Time)
expires: Tue, 02 Jan 2024 06:35:31 GMT

GET
H3 200 ferrari-text.svg
quickwin765412.com/assets/images/ferrari-campaign/ 4 KB
2 KB 64ms
57ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/ferrari-campaign/ferrari-text.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8afca9512d3621d70ef92f344d7038b85116758f29d7f8880bca9f4d77f1de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 513306
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Dec 2023 13:31:30 GMT
server: cloudflare
etag: W/"657c5532-f78"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f982ceeaca9-TXL
expires: Thu, 18 Jan 2024 09:29:39 GMT

GET
H3 200 en.svg
quickwin765412.com/cdn-static/vector/flags/ 1 KB
895 B 129ms
122ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/flags/en.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac0eb9b299d05c43ce0bb3bccfe28d38c78ab3f8442854f1f28b1e5a64237505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 8
etag: W/"645e0e31-497"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703496631798
cf-ray: 83b00f982cf0aca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:31 GMT+0000 (Coordinated Universal Time)
expires: Thu, 21 Dec 2023 14:57:15 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e297ed4f454d334c906e98fbff8f880b9f9d9bec25755d4cd994c9e104d6fedb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ticker-bg.png
quickwin765412.com/cdn-static/images/quickwin/general/ 62 KB
62 KB 123ms
103ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/ticker-bg.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936d9f31827f42dab25eb52fd38e687df4d2b8fab254bd05e36806a026cfc2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:39 GMT
cf-cache-status: HIT
age: 27
cf-polished: status=not_needed
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 63445
cf-revalidated: Mon Dec 25 2023 09:29:12 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-f7d5"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1703496612949
accept-ranges: bytes
cf-ray: 83b00f984d3caca9-TXL
expires: Sat, 30 Dec 2023 15:13:37 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 649 B
570 B 186ms
185ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=ferrari_stage_one&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b997a2cf7bfceb289ff0acd6e4799b72af3ce3361b70411e3b53884a6499bc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-device-type: desktop
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
request-id: feapi-03d8643a-4c1d-4ccd-a56a-7c57f7681759
cf-ray: 83b00f991edaaca9-TXL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-device-name: Other

GET
H3 200 card-bg-square.png
quickwin765412.com/cdn-static/images/quickwin/gamehall/ 164 B
486 B 101ms
100ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/gamehall/card-bg-square.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf582dd3f06c3e5980570e1f97c5467c4ea9077a4d1a526fd109b34e67acfb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 528965
cf-polished: origFmt=png, origSize=246
x-cache-status: MISS
content-disposition: inline; filename="card-bg-square.webp"
alt-svc: h3=":443"; ma=86400
content-length: 164
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-f6"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1703496640201
accept-ranges: bytes
cf-ray: 83b00f99d870aca9-TXL
expires: Sat, 30 Dec 2023 23:52:56 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 441c4f94bd62d62ac5a317442cee2f7805f2b743c3492d5490cad7355ad95f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 glare-star.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 1 KB
2 KB 109ms
107ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/glare-star.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf3f64e557664715822118f634f01674945e63c8cec05f7e87831137e630a1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1081061
cf-polished: origFmt=png, origSize=1582
x-cache-status: MISS
content-disposition: inline; filename="glare-star.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1328
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-62e"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1703496640206
accept-ranges: bytes
cf-ray: 83b00f99d874aca9-TXL
expires: Tue, 26 Dec 2023 16:05:35 GMT

GET
H3 200 center-glow-default.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 3 KB
4 KB 102ms
100ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/center-glow-default.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0dbbfa46f6e2ef2d26d258ba555db6677788f35198005b9a9cc66ef98a71b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 62
cf-polished: origSize=3875, status=webp_bigger
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 3433
cf-revalidated: Mon Dec 25 2023 09:28:38 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-f23"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1703496578602
accept-ranges: bytes
cf-ray: 83b00f99d876aca9-TXL
expires: Sat, 30 Dec 2023 02:32:59 GMT

GET
H3 200 glare-side.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 1005 B
1 KB 101ms
99ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/glare-side.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904bf79f059c1e22b4b20cb1e86895a89c017c85e48dad545928a6e103d2d8cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 56
cf-polished: origSize=1347, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1005
cf-revalidated: Mon Dec 25 2023 09:28:44 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-543"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1703496584724
accept-ranges: bytes
cf-ray: 83b00f99d878aca9-TXL
expires: Mon, 01 Jan 2024 14:31:21 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7597f783523d4fdb4e0574234bbdd5ea3e19f7f10bc5e5f881e4bf48b2a2c1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 930 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c97995267e0c2da1ded20bd58c8063750e48c2b107b32411f12b2f10636212b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1660141033873_360840megafireblazeroulettelive.jpg
quickwin765412.com/dimg/game/ 14 KB
15 KB 45ms
44ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1660141033873_360840megafireblazeroulettelive.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e9eaa138a48931f160746196b6c14044914c584a180324b2a296ae9fed972d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1736988
content-disposition: inline; filename="1660141033873_360840megafireblazeroulettelive.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 14836
last-modified: Tue, 05 Dec 2023 06:35:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9aba51aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 25 Apr 2023 09:26:48 GMT

GET
H3 200 1699371146081_360840extreasureisland.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 47ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699371146081_360840extreasureisland.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8af1a21aaebbabbbe5599ffc3021593ec26006c7691bc4bf4a4c3f5dffa9c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1736988
content-disposition: inline; filename="1699371146081_360840extreasureisland.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 13926
last-modified: Tue, 05 Dec 2023 06:35:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9aba53aca9-TXL
x-conv-cache-status: HIT
expires: Wed, 08 Nov 2023 13:39:44 GMT

GET
H3 200 1702538678171_360x840luckyballroulette.jpg
quickwin765412.com/dimg/game/ 9 KB
10 KB 45ms
44ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702538678171_360x840luckyballroulette.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac48966b26e0ea4ce7309bd715593533840de4f72df6b60ba9b73ce0e9b4b641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 587680
content-disposition: inline; filename="1702538678171_360x840luckyballroulette.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9599
last-modified: Mon, 18 Dec 2023 14:12:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9aba54aca9-TXL
x-conv-cache-status: MISS
expires: Mon, 18 Dec 2023 15:12:00 GMT

GET
H3 200 1701961068473_3608403luckyrainbow.jpg
quickwin765412.com/dimg/game/ 12 KB
13 KB 45ms
44ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701961068473_3608403luckyrainbow.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7cf33a0c90169057203c9191c75cbd31306880fcf33203cf5158b96b0e662e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1472279
content-disposition: inline; filename="1701961068473_3608403luckyrainbow.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12516
last-modified: Fri, 08 Dec 2023 08:29:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9aba58aca9-TXL
x-conv-cache-status: MISS
expires: Fri, 08 Dec 2023 09:29:08 GMT

GET
H3 200 1634796608381_360x840pragmaticspeedroulette.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 43ms
42ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1634796608381_360x840pragmaticspeedroulette.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd99ae891271f08519932a03c375a607b662b7ddecf47d45b7d3b9771504b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 453989
content-disposition: inline; filename="1634796608381_360x840pragmaticspeedroulette.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 14016
last-modified: Wed, 20 Dec 2023 03:23:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9aba59aca9-TXL
x-conv-cache-status: HIT
expires: Wed, 29 Mar 2023 14:24:53 GMT

GET
H3 200 1688722143351_360x840roulette2.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 61ms
60ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1688722143351_360x840roulette2.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e633a579f1df557d2d9e90c93ad222dea5c8e8193c1a085fcbb1f05274ed0197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1719955
content-disposition: inline; filename="1688722143351_360x840roulette2.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11999
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9aba5baca9-TXL
x-conv-cache-status: HIT
expires: Fri, 18 Aug 2023 14:04:43 GMT

GET
H3 200 1699863783728_360840reddoorroulette.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 65ms
64ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699863783728_360840reddoorroulette.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1fe21b0bc502937ca6c447ceebdfc4671f21c6be720a112143a486efdacc093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1736988
content-disposition: inline; filename="1699863783728_360840reddoorroulette.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13204
last-modified: Tue, 05 Dec 2023 06:35:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9aba5faca9-TXL
x-conv-cache-status: HIT
expires: Mon, 13 Nov 2023 11:19:00 GMT

GET
H3 200 1678180276898_bgcarscollection.jpg
quickwin765412.com/dimg/banner/ 69 KB
69 KB 51ms
51ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/banner/1678180276898_bgcarscollection.jpg?type=image/avif?extension=avif&width=2000&resize_type=fill&gravity=ce
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aefbc53a26bcf50b968ec231b9848483e043e5e47518a8fe0d93349f7ed15fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1738054
cf-polished: qual=85, origFmt=jpeg, origSize=87452
content-disposition: inline; filename="1678180276898_bgcarscollection.webp"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 70796
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Dec 2023 06:32:56 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9b6bbaaca9-TXL
x-conv-cache-status: HIT
expires: Mon, 20 Nov 2023 13:41:54 GMT

GET
H3 200 banner-arrow.png
quickwin765412.com/cdn-static/images/quickwin/general/ 2 KB
2 KB 134ms
134ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/banner-arrow.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d94f01fd8cd981adbedb5fc397328c3506733e5e0ad7c6c4a70d55eea04093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 280355
cf-polished: origFmt=png, origSize=2551
x-cache-status: MISS
content-disposition: inline; filename="banner-arrow.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2108
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-9f7"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1703496640504
accept-ranges: bytes
cf-ray: 83b00f9b8c0caca9-TXL
expires: Wed, 03 Jan 2024 19:51:09 GMT

GET
H3 200 SemiboldItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 44ms
43ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/SemiboldItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba129f3fab709dcad8916478c2d18c9cdb1b37ffd1fdc8fd998dc4f3753460c6

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1738470
etag: W/"65671356-9bd4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b00f9bbc4aaca9-TXL
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 09:29:40 GMT

GET
H3 200 posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.gif
quickwin765412.com/dimg/game/ 103 KB
103 KB 47ms
47ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.gif?width=400&height=600
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a568ac0428f6d7e4801f330902d4a6e47cc31a58b9afccd687d90aede26aa17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 381055
cf-polished: origFmt=gif, origSize=126720
content-disposition: inline; filename="posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.webp"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 105352
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Dec 2023 23:38:44 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c2d67aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 11:57:20 GMT

GET
H3 200 1631168035296_400x600starlightprincess.jpg
quickwin765412.com/dimg/game/ 17 KB
17 KB 51ms
49ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1631168035296_400x600starlightprincess.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81569f8b6ab95cfd030493954ccc55b629cf0d29f8627c6904fc3dffa8fa896c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="1631168035296_400x600starlightprincess.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 16912
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e59aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:18 GMT

GET
H3 200 1643123968929_400x600gigantoonz.jpg
quickwin765412.com/dimg/game/ 9 KB
10 KB 83ms
78ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1643123968929_400x600gigantoonz.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b658c9e042fd550658e26af78a29a677807fd11f642fe7d78d601402ce7a13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="1643123968929_400x600gigantoonz.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9560
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e6aaca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:15 GMT

GET
H3 200 1683099939783_400x600infernodiamonds100.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 51ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1683099939783_400x600infernodiamonds100.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d8591614eb328a49a0b95739f839cbed7a1c0f5f075914011f384c1cf567fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="1683099939783_400x600infernodiamonds100.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7465
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e70aca9-TXL
x-conv-cache-status: HIT
expires: Thu, 11 May 2023 08:43:08 GMT

GET
H3 200 1632215547284_400x600dynamiterichesmegaways.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 51ms
47ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1632215547284_400x600dynamiterichesmegaways.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086f1cceadf3a6d1b743e026baa82a170c1b5b3e19f1d2ce8ccc3de200bec30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="1632215547284_400x600dynamiterichesmegaways.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11412
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e73aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:30:33 GMT

GET
H3 200 1682586892225_extra-chilli4.jpeg
quickwin765412.com/dimg/game/ 8 KB
9 KB 54ms
49ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1682586892225_extra-chilli4.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8474a6f4a9416306a41afb581ef666c6c23406210d45455590408e2567014d8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1733829
content-disposition: inline; filename="1682586892225_extra-chilli4.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8701
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e74aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:18 GMT

GET
H3 200 1701337012074_itssharktimebanner400x600.png
quickwin765412.com/dimg/game/ 13 KB
13 KB 51ms
47ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701337012074_itssharktimebanner400x600.png?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb5b7c3b7023f20cf02e5d9bade5c67664df2027d7c09929d3fb8a52d7d50cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1736988
content-disposition: inline; filename="1701337012074_itssharktimebanner400x600.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13033
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e76aca9-TXL
x-conv-cache-status: HIT
expires: Thu, 30 Nov 2023 11:24:14 GMT

GET
H3 200 1695279958890_400x600clashofgods.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 63ms
59ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1695279958890_400x600clashofgods.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cd4cc982d4edfad6e2c99173c1ce32e2c3b381e4d5a1f126ee3a71566c2170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="1695279958890_400x600clashofgods.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7980
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e79aca9-TXL
x-conv-cache-status: HIT
expires: Thu, 21 Sep 2023 08:59:06 GMT

GET
H3 200 400x600bookofsunchoce2.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 60ms
55ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/400x600bookofsunchoce2.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34952ec20476833833b0d39326c2a85bd26f1ab04b355187f53eacddbdb7c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1732179
content-disposition: inline; filename="400x600bookofsunchoce2.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8203
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e7baca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:30:40 GMT

GET
H3 200 1636101823411_400x600jewelseapirateriches.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 60ms
56ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1636101823411_400x600jewelseapirateriches.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d495de2f7d8af5a0bae5ca9c4891c40b1680046747d3fc927c85eae120d93ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 399544
content-disposition: inline; filename="1636101823411_400x600jewelseapirateriches.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10250
last-modified: Wed, 20 Dec 2023 01:05:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e7daca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:17 GMT

GET
H3 200 1663572906507_400x600moneytrain3.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 52ms
48ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1663572906507_400x600moneytrain3.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf364725e43f8e13a2ef4fd655ad9455a89921cee588624134f2b6dd660744ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="1663572906507_400x600moneytrain3.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11619
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e7eaca9-TXL
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:32:27 GMT

GET
H3 200 1646131530692_400x600bigbamboo.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 53ms
49ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1646131530692_400x600bigbamboo.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5a53d99b4e015e652e675e9dfedc98345a7c2fc7d0c945aa0d8ddb2647efdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1732245
content-disposition: inline; filename="1646131530692_400x600bigbamboo.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12306
last-modified: Tue, 05 Dec 2023 06:59:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e7faca9-TXL
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:06:29 GMT

GET
H3 200 1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 53ms
49ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb07c03575d9216bbc7f32e716129101e0dd878a19a0adbc249656f47cf1a3a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11000
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e80aca9-TXL
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:36:41 GMT

GET
H3 200 poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.jpg
quickwin765412.com/dimg/game/ 12 KB
13 KB 56ms
52ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e3efc7a45f53d0d553f3ca64dbad85f50eea562865265a2883f82f9d34b935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12586
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e81aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:15 GMT

GET
H3 200 poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.jpg
quickwin765412.com/dimg/game/ 9 KB
9 KB 60ms
56ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 379fb57fa01d94da1f94ca7069a3cc71339b93efeb6061156fa07598132c5849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1729777
content-disposition: inline; filename="poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9111
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e83aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 04 Apr 2023 19:46:51 GMT

GET
H3 200 1669827950366_400x600santasstackdreamdrop.jpg
quickwin765412.com/dimg/game/ 7 KB
7 KB 59ms
55ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1669827950366_400x600santasstackdreamdrop.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48965fdac12d5f498b3b99c515be39aa125cb31c6708271eab187df5df5edfc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1731389
content-disposition: inline; filename="1669827950366_400x600santasstackdreamdrop.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7102
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e84aca9-TXL
x-conv-cache-status: HIT
expires: Fri, 17 Mar 2023 15:50:33 GMT

GET
H3 200 1700813635245_400x600jinglebellsbonanza.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 61ms
57ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1700813635245_400x600jinglebellsbonanza.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e53d876c9ecb2883a9d7ebeb3715ab8ee8ba347b330e730a7859d2b9b37162c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1731389
content-disposition: inline; filename="1700813635245_400x600jinglebellsbonanza.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8199
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e85aca9-TXL
x-conv-cache-status: HIT
expires: Fri, 01 Dec 2023 13:31:04 GMT

GET
H3 200 1674548734869_400x600pineofplinkodreamdrop.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 55ms
52ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1674548734869_400x600pineofplinkodreamdrop.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90438c83bdc3d682d1a6d494328898e6ce1faf37ced4da7191fcc29d4fb22358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 989969
content-disposition: inline; filename="1674548734869_400x600pineofplinkodreamdrop.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 7559
last-modified: Wed, 13 Dec 2023 12:26:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e87aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 07 Nov 2023 15:32:49 GMT

GET
H3 200 400x600winterwonder.jpg
quickwin765412.com/dimg/game/ 5 KB
6 KB 61ms
58ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/400x600winterwonder.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff94aac9e2aba6d9fefa11d478cb79b634b658a54f1f93865ce3b6826d2c2da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1731388
content-disposition: inline; filename="400x600winterwonder.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 5565
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e8baca9-TXL
x-conv-cache-status: HIT
expires: Fri, 01 Dec 2023 13:31:04 GMT

GET
H3 200 jingle45.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 54ms
51ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/jingle45.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28278bd04e7e55be32df39e901249a0ef8dbacd10381b25b66a94688567c6115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1731389
content-disposition: inline; filename="jingle45.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 7452
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9c9e8daca9-TXL
x-conv-cache-status: HIT
expires: Fri, 01 Dec 2023 13:31:04 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5cb2cf05f6698df24cfd83ae39f05f17c2b46cc3d28faaf99b42393e7b33013

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1701682379753_400x600krakenbayexclusive.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 46ms
45ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701682379753_400x600krakenbayexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 900e0c399099619f153ab1457e02b2311a73f99908b2a3ba35566b1beecfc65e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1537374
content-disposition: inline; filename="1701682379753_400x600krakenbayexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11800
last-modified: Thu, 07 Dec 2023 14:22:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e1965aca9-TXL
x-conv-cache-status: HIT
expires: Thu, 07 Dec 2023 15:16:26 GMT

GET
H3 200 1702895008494_400x600holidaysjokerxmas.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 56ms
53ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702895008494_400x600holidaysjokerxmas.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8f0a5a2ac4d52d33bcdd4e13b96572b8114f5851bc763d6af46c2eb1144281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 350132
content-disposition: inline; filename="1702895008494_400x600holidaysjokerxmas.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10368
last-modified: Thu, 21 Dec 2023 08:14:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e1969aca9-TXL
x-conv-cache-status: HIT
expires: Thu, 21 Dec 2023 09:12:00 GMT

GET
H3 200 1699961244343_400x600cashofgodsexclusive.jpg
quickwin765412.com/dimg/game/ 13 KB
14 KB 55ms
53ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699961244343_400x600cashofgodsexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaacc720264e77de9d27705284a709816ed317c515eae856298675a45ad55f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1736988
content-disposition: inline; filename="1699961244343_400x600cashofgodsexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13545
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e196caca9-TXL
x-conv-cache-status: HIT
expires: Thu, 16 Nov 2023 14:44:45 GMT

GET
H3 200 1702538678171_400x600luckyballroulette.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 47ms
45ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702538678171_400x600luckyballroulette.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50873012c7b4c1f152711839d081d9b1a297c39fba83a21eb0b983da0867af8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 601091
content-disposition: inline; filename="1702538678171_400x600luckyballroulette.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7391
last-modified: Mon, 18 Dec 2023 10:23:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e196daca9-TXL
x-conv-cache-status: MISS
expires: Mon, 18 Dec 2023 11:23:17 GMT

GET
H3 200 1702655494565_400x600excash20luckyclover.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 61ms
58ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702655494565_400x600excash20luckyclover.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f262287849334dc8011d608935f66e34b77085857f493e6a4407bda0eba209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 587681
content-disposition: inline; filename="1702655494565_400x600excash20luckyclover.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9844
last-modified: Mon, 18 Dec 2023 14:11:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e196eaca9-TXL
x-conv-cache-status: HIT
expires: Mon, 18 Dec 2023 15:11:58 GMT

GET
H3 200 1702655362667_400x600exstickybanditsunchained.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 43ms
41ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702655362667_400x600exstickybanditsunchained.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d68afa6971b9e5ffae1297175d8681926ca9bad65d389732f31f559952c0155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 500174
content-disposition: inline; filename="1702655362667_400x600exstickybanditsunchained.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9781
last-modified: Tue, 19 Dec 2023 14:30:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e196faca9-TXL
x-conv-cache-status: MISS
expires: Tue, 19 Dec 2023 15:30:56 GMT

GET
H3 200 1702894883026_400x600hottest666.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 44ms
41ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702894883026_400x600hottest666.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcb61bd7ccd26df74d46c0a2c75b9681ba90cf8c19f2dfb15fc0a47bb696561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 434438
content-disposition: inline; filename="1702894883026_400x600hottest666.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10070
last-modified: Wed, 20 Dec 2023 08:34:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e1970aca9-TXL
x-conv-cache-status: HIT
expires: Wed, 20 Dec 2023 09:27:19 GMT

GET
H3 200 1701937739967_400x60081jokerx.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 47ms
45ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701937739967_400x60081jokerx.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeed7bffc4bcd87c8d0d0eba7efb375c73c4eeb034c2e887e348859b31e874e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 327376
content-disposition: inline; filename="1701937739967_400x60081jokerx.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11580
last-modified: Thu, 21 Dec 2023 14:32:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e1971aca9-TXL
x-conv-cache-status: HIT
expires: Thu, 07 Dec 2023 11:21:34 GMT

GET
H3 200 1699282022598_400x600dragonsmirror.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 48ms
45ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699282022598_400x600dragonsmirror.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12b5482636f480bdd67bc854e25e176860b3ed7018a01bce897eb304a52a02a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="1699282022598_400x600dragonsmirror.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 14462
last-modified: Tue, 05 Dec 2023 07:40:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e1972aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 07 Nov 2023 09:25:23 GMT

GET
H3 200 1699714666027_400x600bloodaxe.jpg
quickwin765412.com/dimg/game/ 12 KB
13 KB 44ms
42ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699714666027_400x600bloodaxe.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd644f4d4edfa6684b7266e28e21a3f4c13fd3bb56109335727870efe69535cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="1699714666027_400x600bloodaxe.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12593
last-modified: Tue, 05 Dec 2023 07:40:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e1974aca9-TXL
x-conv-cache-status: HIT
expires: Thu, 16 Nov 2023 11:18:17 GMT

GET
H3 200 1692802756233_400x600vikingswildcashexclusive.jpg
quickwin765412.com/dimg/game/ 13 KB
14 KB 47ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1692802756233_400x600vikingswildcashexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f63b66b05fb2dbd61e2be4a961ae7a8b67e82b0fae5dc9de9f18597381666a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 1736988
content-disposition: inline; filename="1692802756233_400x600vikingswildcashexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13652
last-modified: Tue, 05 Dec 2023 06:35:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e1976aca9-TXL
x-conv-cache-status: HIT
expires: Wed, 30 Aug 2023 09:00:13 GMT

GET
H3 200 1703141090219_400x6002023hitslotdice.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 49ms
47ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1703141090219_400x6002023hitslotdice.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92f383732552d6f8440c1202b484ae36567ff65a360f6f58a1ed1f1f2bf246f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 257513
content-disposition: inline; filename="1703141090219_400x6002023hitslotdice.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8026
last-modified: Fri, 22 Dec 2023 09:50:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e1979aca9-TXL
x-conv-cache-status: MISS
expires: Fri, 22 Dec 2023 10:50:32 GMT

GET
H3 200 1703019714224_400x600royalxmassdice.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 48ms
47ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1703019714224_400x600royalxmassdice.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c2a278772fd74d92cb7f5b5e486048490456e49ecd65c14e2df39e7a9d9530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:40 GMT
cf-cache-status: HIT
age: 257513
content-disposition: inline; filename="1703019714224_400x600royalxmassdice.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10917
last-modified: Fri, 22 Dec 2023 09:50:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9e197baca9-TXL
x-conv-cache-status: MISS
expires: Fri, 22 Dec 2023 10:50:32 GMT

GET
H3 200 1702480933780_400x600gatesofolympus1000.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 49ms
48ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702480933780_400x600gatesofolympus1000.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 253bf135859fd11113deb79262ffb8d9831dc7dbaf46c3470c1b54a7f4372606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 933677
content-disposition: inline; filename="1702480933780_400x600gatesofolympus1000.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 13498
last-modified: Thu, 14 Dec 2023 09:26:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bb8aca9-TXL
x-conv-cache-status: HIT
expires: Thu, 14 Dec 2023 09:57:53 GMT

GET
H3 200 posterthumbnail0c5b318b13ec5320d9d61de223a5ab95e.jpg
quickwin765412.com/dimg/game/ 8 KB
9 KB 55ms
52ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/posterthumbnail0c5b318b13ec5320d9d61de223a5ab95e.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a685ebb1a291fc1b2ee17a2b9c67815c6ab5e239281e13d2b2caca4591473d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="posterthumbnail0c5b318b13ec5320d9d61de223a5ab95e.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8634
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bbdaca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 11:28:36 GMT

GET
H3 200 1669717285072_400x600cashtruckxmasdelivery.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 52ms
49ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1669717285072_400x600cashtruckxmasdelivery.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3782d42c013742311733c9d666146bc5ee7b43e484cbb1cad18e403e5f8f7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1719956
content-disposition: inline; filename="1669717285072_400x600cashtruckxmasdelivery.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9733
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bbfaca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:26:09 GMT

GET
H3 200 1687859479709_400x600777strike.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 47ms
44ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1687859479709_400x600777strike.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e9d7d9259501d12483e279c6fd405e2bccdd35999d7990c58aa3603ce3f35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1736989
content-disposition: inline; filename="1687859479709_400x600777strike.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10255
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bc1aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 27 Jun 2023 12:14:09 GMT

GET
H3 200 poster_thumbnail_05a375fa12dafc7ff18b65fd6fbd8fbfc.jpg
quickwin765412.com/dimg/game/ 9 KB
10 KB 48ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_05a375fa12dafc7ff18b65fd6fbd8fbfc.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ed465b5e6c3c472c46e04e78143ca909bdd12094604dc79868ca192bd0f852c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="poster_thumbnail_05a375fa12dafc7ff18b65fd6fbd8fbfc.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9485
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bc3aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 14:13:52 GMT

GET
H3 200 400x600royalsevenxxl.jpg
quickwin765412.com/dimg/game/ 6 KB
6 KB 48ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/400x600royalsevenxxl.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20710d5060f2ecaaf5f99778d59b74e023491f5ffa96c952e2d56db4cede2ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="400x600royalsevenxxl.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 6166
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bc6aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 12:33:40 GMT

GET
H3 200 1640875252121_1639058925856400x600bookofthefallen.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 48ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1640875252121_1639058925856400x600bookofthefallen.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 945f22255230aabc25d78408dcd96344d469b91149c5c18e1fad99cc39757ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 964216
content-disposition: inline; filename="1640875252121_1639058925856400x600bookofthefallen.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13410
last-modified: Thu, 14 Dec 2023 05:39:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bc8aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:14:08 GMT

GET
H3 200 1698654077204_400x6009coinsgranddiamondedition.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 50ms
48ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1698654077204_400x6009coinsgranddiamondedition.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9464ddcc583f654dfd738be0e287d5e9c3a581600578242140c734ba8023f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="1698654077204_400x6009coinsgranddiamondedition.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11559
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bcaaca9-TXL
x-conv-cache-status: HIT
expires: Thu, 16 Nov 2023 18:48:20 GMT

GET
H3 200 1648134977582_400x600fortunefivedouble.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 67ms
65ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1648134977582_400x600fortunefivedouble.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 875f3b18a64e0e96fe9b347eb06ea49f94a7cb2986209acc800d05fae9210dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="1648134977582_400x600fortunefivedouble.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11847
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bcfaca9-TXL
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 10:58:57 GMT

GET
H3 200 1674650121054_buffalo-power-hold-and-win-4.jpeg
quickwin765412.com/dimg/game/ 8 KB
9 KB 50ms
48ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1674650121054_buffalo-power-hold-and-win-4.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486d29980f9335e62a392e6e76591543173a8f2a026d3df4080bc09e2b5ee5f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="1674650121054_buffalo-power-hold-and-win-4.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8610
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bd2aca9-TXL
x-conv-cache-status: HIT
expires: Mon, 24 Apr 2023 12:35:11 GMT

GET
H3 200 1702541641367_400x600vikingrunecraft100.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 51ms
50ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702541641367_400x600vikingrunecraft100.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3613c7c5b215ff02db94cdded93b6bdba644f59836e948f075a00ef36cf746e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 953427
content-disposition: inline; filename="1702541641367_400x600vikingrunecraft100.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12034
last-modified: Thu, 14 Dec 2023 08:33:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bd4aca9-TXL
x-conv-cache-status: MISS
expires: Thu, 14 Dec 2023 09:33:06 GMT

GET
H3 200 1657267730692_400x600veryhot5.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 52ms
50ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1657267730692_400x600veryhot5.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb385d033a48d86d5141d6dcd3d54ebfeec39a62c5e25687b342edfb4a6e7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732130
content-disposition: inline; filename="1657267730692_400x600veryhot5.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9758
last-modified: Tue, 05 Dec 2023 06:39:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00f9f4bd6aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 10:51:50 GMT

GET
H3

200

paymsystem_visa.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg

4 KB
2 KB

85ms
85ms

Image
image/svg+xml

94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819139ba1036d6cea3e0d6ae29c27254a81b04cfde04b56cd7b9b7edb980e7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 20
etag: W/"645e0e31-e94"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703496621756
cf-ray: 83b00fa08eafaca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:21 GMT+0000 (Coordinated Universal Time)
expires: Fri, 29 Dec 2023 17:56:03 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
date: Mon, 25 Dec 2023 09:29:41 GMT
server: cloudflare
cf-ray: 83b00f9fce02452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3

200

paymsystem_mastercard.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg

5 KB
2 KB

69ms
68ms

Image
image/svg+xml

94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c76aaa9d4eb842dbf166f25fde1ab73cb3035c7347775bebb3b9611e7edee93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 20
etag: W/"645e0e31-1490"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703496621785
cf-ray: 83b00fa08eadaca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:21 GMT+0000 (Coordinated Universal Time)
expires: Fri, 29 Dec 2023 18:06:25 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
date: Mon, 25 Dec 2023 09:29:41 GMT
server: cloudflare
cf-ray: 83b00f9fce01452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3

200

paymsystem_banktransfer.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg

12 KB
5 KB

93ms
92ms

Image
image/svg+xml

94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025cf6abb05fc2309b52b049d6761b66fd2f0ad005380ccdf4613612202ad037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 20
etag: W/"645e0e31-2eec"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703496621770
cf-ray: 83b00fa08eaeaca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:21 GMT+0000 (Coordinated Universal Time)
expires: Fri, 29 Dec 2023 22:56:35 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
date: Mon, 25 Dec 2023 09:29:41 GMT
server: cloudflare
cf-ray: 83b00f9fcdfa452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3 200 1695298123121_400x600luckydwarfsexclusive.jpg
quickwin765412.com/dimg/game/ 15 KB
16 KB 40ms
39ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1695298123121_400x600luckydwarfsexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a399b035f9774d3ee9bf4ae99dd261a1e5abe94b321c71c61b3edfd84b5b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1736989
content-disposition: inline; filename="1695298123121_400x600luckydwarfsexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15838
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08e8daca9-TXL
x-conv-cache-status: HIT
expires: Thu, 28 Sep 2023 09:28:37 GMT

GET
H3 200 1667489197478_400x600riseofolympus100.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 44ms
41ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1667489197478_400x600riseofolympus100.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8b5f4f08d1c133e211fa18f260d505a82d862c219c25e707d7232989385996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1736989
content-disposition: inline; filename="1667489197478_400x600riseofolympus100.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11031
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08e9baca9-TXL
x-conv-cache-status: HIT
expires: Thu, 30 Mar 2023 14:49:41 GMT

GET
H3 200 1663078079116_400x600fruitparty.jpeg
quickwin765412.com/dimg/game/ 10 KB
10 KB 47ms
44ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1663078079116_400x600fruitparty.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bea9b4ffb09fc3c9c5f5dd38e96894ff1c5fa75afc4a9e5bedd640202e7763e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1736989
content-disposition: inline; filename="1663078079116_400x600fruitparty.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10124
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08ea1aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:18 GMT

GET
H3 200 1643293046251_400x600-secrets-of-christmas.jpeg
quickwin765412.com/dimg/game/ 9 KB
9 KB 49ms
45ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1643293046251_400x600-secrets-of-christmas.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ebefe4601d5c0739e24e93436ff97f93e0f5bb3782e0f93cfb48811f18a05d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 857466
content-disposition: inline; filename="1643293046251_400x600-secrets-of-christmas.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9149
last-modified: Fri, 15 Dec 2023 11:15:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08ea2aca9-TXL
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:41:41 GMT

GET
H3 200 1631610764562_400x600ascensionrisetoriches.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 60ms
57ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1631610764562_400x600ascensionrisetoriches.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 705757ab484571b93cb8950a54c6f565e689a0223751f36d46df63c589bf6992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1717195
content-disposition: inline; filename="1631610764562_400x600ascensionrisetoriches.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11460
last-modified: Tue, 05 Dec 2023 12:29:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08ea4aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:14:08 GMT

GET
H3 200 1649323990103_400x600gladiatorlegends.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 46ms
42ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1649323990103_400x600gladiatorlegends.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8813ea274fb47c71a14bc23a8a2572753ec02c4bd5cf0ca1f191371fa8cc5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732245
content-disposition: inline; filename="1649323990103_400x600gladiatorlegends.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11898
last-modified: Tue, 05 Dec 2023 07:40:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08ea6aca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 11:28:36 GMT

GET
H3 200 1648716702955_400x600sakurafortune2.jpg
quickwin765412.com/dimg/game/ 15 KB
15 KB 47ms
43ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1648716702955_400x600sakurafortune2.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3926eb7b9eee88ede5b574303fda25cd5cb9389ec39ef70baf5a046c38fae87e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1732180
content-disposition: inline; filename="1648716702955_400x600sakurafortune2.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15401
last-modified: Tue, 05 Dec 2023 08:20:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08ea8aca9-TXL
x-conv-cache-status: HIT
expires: Wed, 02 Aug 2023 21:13:02 GMT

GET
H3 200 posterthumbnail0026baf5f8df01f3acef6345a0d0e92ad.jpeg
quickwin765412.com/dimg/game/ 10 KB
11 KB 53ms
50ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/posterthumbnail0026baf5f8df01f3acef6345a0d0e92ad.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8522b134acc65a6c69fe47dca21cf7cd3ca815b80db6a900c1e1b4b0c091645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1736989
content-disposition: inline; filename="posterthumbnail0026baf5f8df01f3acef6345a0d0e92ad.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10712
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08ea9aca9-TXL
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:57:36 GMT

GET
H3 200 1670236566601_400x600jokerscharmsxmas.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 49ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1670236566601_400x600jokerscharmsxmas.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c675e6cf81d73d4158f4284a764302c47687ac7f6fb6f4929dee2a8e76809e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 327315
content-disposition: inline; filename="1670236566601_400x600jokerscharmsxmas.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13359
last-modified: Thu, 21 Dec 2023 14:32:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08eaaaca9-TXL
x-conv-cache-status: HIT
expires: Sun, 09 Apr 2023 20:08:42 GMT

GET
H3 200 1669115459381_400x600wondersofchristmas.jpg
quickwin765412.com/dimg/game/ 15 KB
15 KB 49ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1669115459381_400x600wondersofchristmas.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a2185312272132d675b3fde9ecde32f0eac7ba575afee1a945fb33e3bbb3832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 975488
content-disposition: inline; filename="1669115459381_400x600wondersofchristmas.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15240
last-modified: Thu, 14 Dec 2023 01:26:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08eabaca9-TXL
x-conv-cache-status: HIT
expires: Tue, 06 Jun 2023 16:38:46 GMT

GET
H3 200 1647848543458_400x600sunofegypt3.jpg
quickwin765412.com/dimg/game/ 13 KB
14 KB 49ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1647848543458_400x600sunofegypt3.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1252aff629065ef907864c2a694343c8d49ba69483d6ee1d734bfb3aaf61a7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 1736989
content-disposition: inline; filename="1647848543458_400x600sunofegypt3.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 13629
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa08eacaca9-TXL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 14:54:47 GMT

GET
H3 200 vip-slider-arrow.svg
quickwin765412.com/cdn-static/images/quickwin/vip-page/ 1 KB
877 B 94ms
94ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/vip-page/vip-slider-arrow.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983ccb9144855e909faaf3a4ae344c8f8075d023b109163ef50308ac540c0d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:50 GMT
server: cloudflare
age: 47
etag: W/"645e0e52-480"
x-cache-status: MISS
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703496594518
cf-ray: 83b00fa0cf1baca9-TXL
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:28:54 GMT+0000 (Coordinated Universal Time)
expires: Sat, 30 Dec 2023 13:49:24 GMT

GET
H3 200 1700555715192_ferrariactive.jpg
quickwin765412.com/dimg/banner/ 37 KB
38 KB 43ms
43ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/banner/1700555715192_ferrariactive.jpg?type=image/avif?extension=avif&width=2000&resize_type=fill&gravity=ce
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef86e3158c682926a1a0bdb1d74d83207c363d0fb125ce12dbd9e37966f56bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 379661
cf-polished: qual=85, origFmt=jpeg, origSize=59824
content-disposition: inline; filename="1700555715192_ferrariactive.webp"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 38068
cf-bgj: imgq:85,h2pri
last-modified: Thu, 21 Dec 2023 00:00:20 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b00fa10f8caca9-TXL
x-conv-cache-status: HIT
expires: Thu, 21 Dec 2023 01:00:14 GMT

GET
H3 200 casino-dashboard-bg-desk.webp
quickwin765412.com/cdn-static/images/quickwin/entrance/dashboard/webp/ 110 KB
110 KB 78ms
77ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/entrance/dashboard/webp/casino-dashboard-bg-desk.webp
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f48e1f13877f3a2b73bdf8f280632d8d42f4004f83b2417d8192649b501058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
cf-cache-status: HIT
age: 2
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 112574
cf-revalidated: Mon Dec 25 2023 09:29:39 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:50 GMT
server: cloudflare
etag: "645e0e52-1b7be"
vary: null, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 83b00fa1684caca9-TXL
cf-ttl: 1703496639202

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame B7A8 923 KB
265 KB 95ms
95ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=78bdcf45-56b4-43b3-a452-beb220803adc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
x-amz-version-id: PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPBW7W4HNMQNRZQ
age: 1752047
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"6f8511a72c96db8b22e6373718b842ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRrCBVhu%2FEt21fY010qbAtl%2BqbR7yb%2FGNZSXEjn%2BVy18qmSKTk9KsN1zRsjNk4ym7bO%2B9oIA6YKOuklYMK8FY6s5sFJD3%2FBwkt3pR8THrG0SnkKWIjC%2BPob29xz1BIF33e%2B3phg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b00fa1afe458f0-TXL
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3CFA 41 KB
26 KB 61ms
60ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=20prrnip1ubc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a4de5d815ab2606f7ebad35a8c167e9f87edffc646e44e9973672bc9c8496be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uzvplWlJ9P0DA9VJXmu5pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uzvplWlJ9P0DA9VJXmu5pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 09:29:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EFZEET6PW6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a898a9b3ec6a8b54affc4ebc354ed9076a0a3f846abf2c20d514a576bc8cfcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 09:29:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 07:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6084
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Dec 2023 09:48:17 GMT

GET
H2 200 hotjar-3550387.js Show response
static.hotjar.com/c/ 9 KB
4 KB 131ms
39ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3550387.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

bee312a608434a924bf063b224effb547a32f61483741ca6c9817edc5054b2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 09:29:27 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 14
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/5753d3b31fe4dc6ce7c959416d381c59
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Nhj0C0Cy57RqUIcniAkD3Nc7F0F3pb8ERc-SB97bKFaDiQhgKhKVKw==

GET
H2 200 k_quickwin.js Show response
scripts.prdredir.com/scripts/ 2 KB
1 KB 520ms
419ms Script
text/javascript 2606:4700:20::681a:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_quickwin.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime: 0.009434
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"448d305ad6e8d6b57c5e4d37afbf26c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6XSRSjjSaJl16LvVQT3ZFubBRzlOGfed3sgy59eSSYyodgKN%2FuI%2FdNPfaOsMBEt1iN0lRlZhszW3Dgdty7cyNcZGeyL8MVw4efqdU%2B3HluJ0c3PtSYUgIBWwXt00y5tbtHJ4WAMn78YLES%2FeeJQq%2BR%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 83b00fa45be61e30-FRA
x-request-id: cc1950d8-2d90-449d-8a72-39eb01fe04eb

GET
H2 200 quickwin.js Show response
adjs.media/resources/content/ 3 KB
2 KB 262ms
149ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/resources/content/quickwin.js

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bdcd0c8b8b3b686a3d9fd02dc3f5b716f810115bad6d5b284c34923b8b0797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: aa812917-2c53-4f4e-827b-688e557d1b72
x-runtime: 0.001044
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a0bdcd0c8b8b3b686a3d9fd02dc3f5b7"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuPDyAaq8uyxYhGoFTLILuKrDi%2FvyC4ZUWdKCKGyfx%2B0z84FiopyAPqEMPrPJV5e4jpNYgT9P3NAsj0Yf9hLJvmoxq36WETgkVEQDxXe3HbmVKWZMZb9ANIoGeNHF%2Bh5jdk7nJRUak42"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, private
cf-ray: 83b00fa469209136-FRA

GET
H2 200 blue-tag.min.js Show response
event.getblue.io/js/ 9 KB
3 KB 731ms
242ms Script
application/javascript 18.228.178.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/js/blue-tag.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.228.178.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-228-178-86.sa-east-1.compute.amazonaws.com

Software

Resource Hash

a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 07:10:41 GMT
etag: W/"9113-1703488241506"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK js Show response
track.wolf22.xyz/pixel/ 412 B
737 B 469ms
115ms Script
text/javascript 88.214.195.93
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wolf22.xyz/pixel/js?auth=dg12ck&event=visit
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.93 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 1bb43e5e70bbd280f2cff81dd2fbdc1c87e3e4cb3cbbb2afd7f5e4a559dc8ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 09:29:42 GMT
Server: nginx/1.20.0
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 412
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 154ms
42ms Script
application/x-javascript 2600:9000:214f:8a00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8a00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:50:39 GMT
content-encoding: gzip
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Mon, 25 Dec 2023 08:50:29 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1
age: 2342
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: sXyOZ-zLKdDe9ON-i7Ugi537ue20PzzttYK9kterRi1JtYsppPyH3Q==
expires: Mon, 25 Dec 2023 09:50:39 GMT

GET
H/1.1 200
OK merchant.js Show response
pixel.adfyier.com/ 853 B
1 KB 365ms
128ms Script
application/javascript 138.197.230.29
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adfyier.com/merchant.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.230.29 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: 60ff18a2a6e54394d6dc4e1bb368c47850848306d56e177b4a02270db7e80603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
x-powered-by: Express
surrogate-control: no-store
transfer-encoding: chunked
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate,private
expires: 0

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 208ms
88ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000ea239e22e83b616b-00646c8ee1-3295d06f-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ 73 B
618 B 218ms
40ms Script
text/javascript 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 180
expires: -1

GET
H2 200 mt_quickwin.js Show response
scpt.getrmads.com/src/ 3 KB
2 KB 321ms
220ms Script
text/javascript 2606:4700:3032::6815:4d08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scpt.getrmads.com/src/mt_quickwin.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d70f37d0643d718c68550e8f30873988b9f7df5a856bb9f79fc47e9184184ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChWpfR%2FlTe3Fr%2FFaba%2BoSGn8%2FhRs2eJElLAgaa9SbdtSGt9k4CxZYU3C9WewCy2HruCGpir2VsDa5JVjHxYMfA9IMZhRk2up1pmDnBOfjFou3gPlDB3F%2F5T3s%2F0lya2QSQK03jsLQyFyTTMs5qq2jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83b00fa52e494d86-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 156ms
45ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=6dbc1654108520062cc5e1b2cbe1761d0aeee75ec04eecdef0bd17e37b76a87c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1d3ebdb0a13d47d07c440c8dbd6dcaa96a58ec8ac53446a140497c2013c2567

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H2 200 / Show response
winner-slots.online/ Frame 8A92 130 KB
34 KB 240ms
95ms Document
text/html 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed / PHP/8.2.13
Resource Hash: 2024178346f942d57c649c7d981f280b3821c05d6b6d9ebfa38464d10550ad6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 09:29:41 GMT
link: <https://winner-slots.online/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.2.13

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=35276001&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

0
806 B

41ms
40ms

Script
application/javascript

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
an-x-request-uuid: 9222f4d0-a2fa-48ff-89ba-321241ac1824
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:41 GMT
an-x-request-uuid: cad7dc72-1935-4cab-abbb-9df9708583a8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1
x-proxy-origin: 80.255.7.107; 80.255.7.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=35276004&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

0
806 B

40ms
40ms

Script
application/javascript

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
an-x-request-uuid: c121f53c-c76f-4032-a047-5a0844ca2e07
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:41 GMT
an-x-request-uuid: 2615769b-ff7a-4a94-84e5-d046fc85d773
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1
x-proxy-origin: 80.255.7.107; 80.255.7.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content / Show response
reichelcormier.bid/point/ 0
354 B 130ms
42ms Script
text/plain 178.162.159.92
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://reichelcormier.bid/point/?method=s&id=101011&key=0ac6f97d792b9914d65b8fb292be9dd7&seg=101&btag=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Dec 2023 09:29:42 GMT
Access-Control-Allow-Credentials: true
Server: openresty
Connection: close
Access-Control-Allow-Method: GET,POST

GET
H2 204 audience
track.aso1.net/ 0
332 B 183ms
70ms Image
image/gif 2606:4700:3038::6815:ea9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.aso1.net/audience?id=100579&_cb=0.11939769503173014
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, max-age=0
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-ray: 83b00fa61d6bc2ca-VIE
alt-svc: h3=":443"; ma=86400
expires: Sun, 27 May 1979 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 3CFA 55 KB
24 KB 134ms
44ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=20prrnip1ubc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 09:19:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 3CFA 505 KB
203 KB 146ms
62ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 13:11:36 GMT

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame B7A8 25 KB
6 KB 53ms
53ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
x-amz-version-id: Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPFGS4SBCJ216KA
age: 1752035
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified: Tue, 05 Dec 2023 00:24:12 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qxxs0iEI3DJ1xJzsY7V%2FIzfgBWsPq2uTqcy%2FFxCaQktwiI%2FPC%2F9VklZeGVHsKPllRo8%2FcniZXS0ip6mUztZvLpLRIjuQwfQEG8STrJKwm9I43Rd8gHpcF7X2YSQeT7l%2FYwJaCqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b00fa639ef58f0-TXL
expires: Wed, 04 Dec 2024 00:24:11 GMT

GET
H2 200 config Show response
quickwin.zendesk.com/embeddable/ Frame B7A8 508 B
1 KB 131ms
47ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 073c099d4311d75bb5dd92d4f7fb539af3f161acbe89bb7e7b0e3e2d445412cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18
x-zendesk-origin-server: embeddable-app-server-8694cc55d4-jf9sq
x-cached: STALE
x-request-id: 83afeb050d51cb15-FRA
x-runtime: 0.001987
last-modified: Mon, 25 Dec 2023 09:28:23 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfAGBwnUc3idUVW6RwQ6mFjxvhPwlfpGYT0erRaax84LyRKDXrOkTcKsQjKAZZ8A9JeYcrUXfe6drB8iTkpHlziqmIS2PPPQ3gQ91V42GLi2rGCVvtimbkQfu%2F9NJcVtPUiM86GD"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 83b00fa6bb9c4510-TXL

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/cover/ Frame 8A92 18 KB
2 KB 64ms
62ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/cover/style.min.css?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: fba567510c78e74f786a08758c04c5ea612bd27ee9c775c5fb4753e57c1df6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1470
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/image/ Frame 8A92 7 KB
1 KB 64ms
62ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/image/style.min.css?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1441
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/navigation/ Frame 8A92 16 KB
2 KB 65ms
63ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/navigation/style.min.css?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2061
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/social-links/ Frame 8A92 10 KB
1 KB 65ms
63ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/social-links/style.min.css?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1402
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 style.css
winner-slots.online/wp-content/themes/bizboost/ Frame 8A92 209 KB
29 KB 65ms
64ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/style.css?ver=1696847757
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 3f75e2446874c812c9f47612105104fa5d3d8833dbf077c4daaeeffc3b767403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29239
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8A92 274 KB
91 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NFB7D7V

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5914dfcd9f74f5057511991f76155592bef412eeb803d4860897047610503b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93035
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 09:29:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8A92 228 KB
79 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11435815060

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

daff29abcd50ad7f32277c54cb33d14b551e50f9218509508c33ab65443366b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80952
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 09:29:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8A92 274 KB
91 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2NM3GY57HJ

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56fcc023815c94252732362c13279f66490c1839e885c5fae65bebbcd62f56a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 09:29:42 GMT

GET
H2 200 video-featured.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 8A92 30 KB
30 KB 124ms
123ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/video-featured.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: d83979120aea89605f3fef94e0acbdc5724473cbd9084b27bea5ffd899839f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31159
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 hero-content.png
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 8A92 49 KB
49 KB 125ms
124ms Image
image/png 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/hero-content.png
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: c009807b93d04cb58be1e2cdac7934a512c8b3913eefd0d3f9a72563228a02dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 50151
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 featured-content-1.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 8A92 25 KB
25 KB 62ms
61ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-1.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 33e9ca0a9a965ad4da451eca1f42935be45141b420134584831739400c688058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26063
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 featured-content-2.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 8A92 29 KB
29 KB 62ms
62ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-2.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 486c3ad09607caa76fd99d9e460e0f7c2943bf4e889efbe296cf7430e12ba2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30043
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 featured-content-3.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 8A92 15 KB
15 KB 63ms
61ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-3.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 8af864b837e8fb646957e684235bccb6b097dbc41953112cea38d43c4785de99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15783
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 promotional-contact.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 8A92 5 KB
5 KB 64ms
63ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/promotional-contact.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: df2b4dfc7e9d7d2f321750c35c586c1a5606f0b65cd7c7a43304249ad8dde209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4692
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 custom.js Show response
winner-slots.online/wp-content/themes/bizboost/assets/js/ Frame 8A92 5 KB
1 KB 62ms
62ms Script
application/javascript 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/js/custom.js?ver=1696847757
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: cb91e5a485f9cb8d412446bed3cd1b84c7df47f308d30be5b6399722d6717c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1195
expires: Mon, 01 Jan 2024 09:29:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 140ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EFZEET6PW6&gtm=45je3bt0v9103640448z89103625674&_p=1703496579542&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=374403969.1703496582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703496582&sct=1&seg=0&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&dt=New%20Online%20Casino%20for%20Online%20Betting%20and%20Gaming%20%7C%20Quickwin&en=page_view&_fv=1&_nsi=1&_ss=1&up.UserID=Not%20Login&tfd=3472
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFZEET6PW6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quickwin765412.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.618aa075c4d9b6424e07.js Show response
script.hotjar.com/ 220 KB
55 KB 132ms
44ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.618aa075c4d9b6424e07.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3550387.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 10:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 343176
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55689
last-modified: Thu, 21 Dec 2023 10:09:33 GMT
etag: "6ed2c6300d63320c76677ced187741fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: a4TxfimRkIbJ9WcBEZBsicasLzK3_jhAECs6wI8KE-gBibLZLCcBnw==

GET
H/1.1 200
OK ca.html Show response
20846458p.rfihub.com/ Frame A3C1 5 KB
6 KB 266ms
51ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20846458p.rfihub.com/ca.html?ver=9&rb=48767&ca=20846458&_o=48767&_t=20846458&pe=https%3A%2F%2Fquickwin765412.com%2Fen%2F&pf=&ra=8562341102727589
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: b83989a859495fe6a5eb99a688955c8f5d5e65d72bafe70afc17de0e8809faa3

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4921
Content-Type: text/html;charset=utf-8
Date: Mon, 25 Dec 2023 09:29:42 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 48ms
47ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=432849211&t=pageview&_s=1&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&ul=en-us&de=UTF-8&dt=New%20Online%20Casino%20for%20Online%20Betting%20and%20Gaming%20%7C%20Quickwin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=376761805&gjid=1416191671&cid=374403969.1703496582&tid=UA-258885462-1&_gid=1661998465.1703496582&_r=1&_slc=1&gtm=45He3bt0n81PV2Q5X5v9103625674&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1454044650

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quickwin765412.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 730 B
1 KB 79ms
40ms Script
text/javascript 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?pm=2796857&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=992083660131&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

544fc1f2d051647b7d43eb10ee57ec39e3f8b537944b9366dc3ab58b1e7811b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 480
expires: -1

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=520241208215&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.c...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=520241208215&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765...

116 B
719 B

41ms
39ms

Script
text/javascript

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=520241208215&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e56d883115ac449f6460cbab8cba4dc92efaf906a10d8ffd31471282e695c301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 190
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=520241208215&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=780176371070&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=780176371070&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x...

835 B
1 KB

41ms
40ms

Script
text/javascript

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=780176371070&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

91c1daa193269cc915f63f7a251352fb86a49a5ee99bbcee6e735ad8d7161076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 671
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=780176371070&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=94065589138&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=94065589138&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1...

835 B
1 KB

41ms
41ms

Script
text/javascript

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=94065589138&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b98f9b390ff8e9f83e6498d83f18d341557830c12eb80ce035cd8d8fedcd35a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 679
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=94065589138&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 quickwin.gif Show response
adjs.media/hit/ 0
350 B 150ms
149ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/hit/quickwin.gif?date=1703496582371&page=https%3A%2F%2Fquickwin765412.com%2Fen%2F&ref=&tid=tid-374417a46.39fcc77db

Requested by

Host: adjs.media
URL: https://adjs.media/resources/content/quickwin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 653fa09a-1149-48c7-be91-d47e161ea933
x-runtime: 0.003562
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3OVwGRoVqt2ILUdFB8YE97RmzAUEwRmHT0QkYB1DJocjIWK6P5lfrpmRwC537XZDJOgcIIK7eZE%2B3SLaFdQcrKZPovFD1FZmILjF38JUe1ljnQG78JLDdkkJQ8L8Lq%2FBUomdOOwYqYW"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 83b00fa7fc779136-FRA

GET
BLOB 200
OK e3d0b875-cb03-418d-b2cb-5ccacd948914
https://winner-slots.online/ Frame 8A92 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://winner-slots.online/e3d0b875-cb03-418d-b2cb-5ccacd948914
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response
www.google.com/js/bg/ Frame 3CFA 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=20prrnip1ubc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 02:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 02:49:29 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3CFA 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 19:56:54 GMT
x-content-type-options: nosniff
age: 567168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Dec 2023 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3CFA 15 KB
16 KB 129ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 295366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3CFA 15 KB
15 KB 138ms
48ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 390495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3CFA 102 B
135 B 50ms
50ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=20prrnip1ubc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Dec 2023 09:29:42 GMT

GET
H2 200 web-widget-chat-sdk-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame B7A8 202 KB
51 KB 57ms
57ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
x-amz-version-id: TdcYv88Lf5u9m3AG8eAA2HBmnexgob8V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0X24BSPSV39D8D28
age: 1752047
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 1eGND/GjxrlQxia9pWdTTwHT8UuCrrKDdbJzZuma1/VkfAY1PcOzD5FH1w1FjTJn2c8rVgJg5Po=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PALobEFcWtIgmLySDxQAFVBip0l5PLu2gnzdx1%2BbF%2FK2aD7eGOSX%2FhoNyHYy9tGBZqx6UZsayoJlyV2hqwPbolxiq1rn4XfCHqg7WaUXTc0vbWExam%2FXn%2F4XAoYLUwm2Qgg1Rcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b00fa8af1558f0-TXL
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 8A92 4 KB
2 KB 238ms
135ms Script
application/javascript 2.16.1.235
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK8KFRRC77UACAV1FU60&lib=ttq
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-235.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 087f7d70567d437a794ecd352dfb06429e7142084476c900fd44a697c71f0990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 1b3b7714
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-23122509294232A4490CA7304233FBF0-3B4A54E9EC2A96FC-00
x-cache: TCP_MISS from a2-16-1-231.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=93
content-length: 1327
pragma: no-cache
server: nginx
x-tt-logid: 2023122509294232A4490CA7304233FBF0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 93,2.16.1.231
x-tt-trace-host: 01e68f26c3a9b73ae1f5007f932e91ef32eb4efbc8c386d0741c5f817f1db6e43deefb7252babb9a9be67c7d332011c3bea48b361f4ddf557310ed99f87824514d9a0a17a0745060e202106b0f20869c817a9ece73aeca86491e0fef1c4bfb3b3c
expires: Mon, 25 Dec 2023 09:29:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 8A92 202 KB
54 KB 124ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Dec 2023 09:29:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: BGxU8b4mrMCgFC4RBK9s8+SGN7Vds2ucnwcan3fr/vMwzV17GrDyed5FVaGI4dcRJJub2J0y+Mwwy7jqRR/fxA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 8A92 5 KB
3 KB 151ms
38ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 30 Oct 2024 19:01:13 GMT
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/31/2023 19:01:13
cdn-pullzone: 692289
last-modified: Fri, 04 Aug 2023 14:59:50 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64cd1266-1353"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 212c2f0f2d4b687bdba6580a9038de86
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sync
rtg.prdredir.com/ 43 B
654 B 182ms
172ms Image
image/gif 2606:4700:20::681a:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fquickwin765412.com%2Fen%2F&sh=1200&sw=1600&date=1703496582546&fp=uid-4898070734.7496413350

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="pixel.gif"
x-xss-protection: 1; mode=block
x-request-id: 0b6353de-c7d2-4df7-8da6-1a4c0c940dee
x-runtime: 0.001093
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjohWxUrcTWXeme4abbw2VgdzdtjhZoeZOOhdSYUvNSImg4M25LMtXv%2B8J7ngKhi%2BC0GN3TT2ncmUf7Gm4pD4tb6EtUD0KOxte6rGmxCXzXOTaPnC3zVvS7ZPJkkwulgpTM3GNK7LvcNHrUj7I4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 83b00fa91a2f1e30-FRA

GET
H2 206 video-featured.mp4
winner-slots.online/wp-content/themes/bizboost/assets/video/ Frame 8A92 528 KB
0 65ms
64ms Media
video/mp4 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/video/video-featured.mp4
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://winner-slots.online/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-7262571/7262572
date: Mon, 25 Dec 2023 09:29:42 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
Content-Length: 7262572
content-type: video/mp4

GET
H2 200 wp-emoji-release.min.js Show response
winner-slots.online/wp-includes/js/ Frame 8A92 18 KB
5 KB 172ms
172ms Script
application/javascript 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 04:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Mon, 01 Jan 2024 09:29:42 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 116 B
718 B 40ms
40ms Script
text/javascript 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2796857&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=992083660131&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=3558886116402739059

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a4f6ca79d14dad289eb7035d0e81e04571532d249fa80845c38bd1d274a493e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 189
expires: -1

GET
H/1.1 200
OK pixel
track.wolf22.xyz/ 0
260 B 120ms
119ms Image
text/plain 88.214.195.93
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.wolf22.xyz/pixel?auth=dg12ck&event=visit&site=quickwin765412.com&ln=en-US
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.93 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 09:29:42 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Server: nginx/1.20.0
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mt_quickwin Show response
scpt.getrmads.com/t/ 0
294 B 174ms
173ms Script
text/plain 2606:4700:3032::6815:4d08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scpt.getrmads.com/t/mt_quickwin?ts=1703496582740&sh=1200&sw=1600&ref=&lp=https%3A%2F%2Fquickwin765412.com%2Fen%2F&fp=29fd4ee0c.29adb4677.308b10c76
Requested by: Host: scpt.getrmads.com
URL: https://scpt.getrmads.com/src/mt_quickwin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyl6uVKFiU9qScfdeQT1rIlPCPjB4A3PCqAX6fU%2FUKgSFNg4vYaEBMUTMENnHHLSLy7JSZIOQZVSsLPHtNPUYnvyLG2%2F%2FW9KnSNFtZLynlI20gnerqmQtqx061imfVmhxiRMOgeNIN6qdoejLeD70g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83b00faa3c104d86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
metrics.getrmads.com/tag/ 4 KB
2 KB 173ms
163ms Script
text/javascript 2606:4700:3032::6815:4d08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Requested by: Host: scpt.getrmads.com
URL: https://scpt.getrmads.com/src/mt_quickwin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70f3083a31279768ce4485d94f7a71a1588232bfd7add408e71ae95a03d80c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHY5GDcc0Nn5FtEQUpDoH69Fa5bHDR9o%2BdF2adodIxuRWeh%2FQad9ACMURP6cwfi2QJUzqvqS%2F3shiyCL6J0m6yD%2FlDU8%2BdgP8rTNO0dD3WHFS08Oy7hnnyBOK9ygIsLtAHjnSk4z91HPYhLwCy40E%2FInyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83b00faa4c234d86-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 browser-perf.28a8c6b22b3c0474c577.js Show response
script.hotjar.com/ 4 KB
2 KB 45ms
44ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.618aa075c4d9b6424e07.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2489723
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1589
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "d065ec1659ab8dbb93042fdf9a225634"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4DjqRiWYpeUrp7CZGaE1i7tfoxurLrfZZuw3AMNq8afdHjH_8LFq8Q==

GET
H2 200 / Show response
event.getblue.io/p/ Frame 7274 1 KB
869 B 425ms
425ms Document
text/html 18.228.178.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&ulc=&v=29092023-1023&nocache=7182924749011.299
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.228.178.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-228-178-86.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: 08a8ef24752517739216448551889da604a883725af877aceb4b01141c86db97

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 25 Dec 2023 09:29:43 GMT
tagcontainer-version: 1201-09112023-2349
vary: Accept-Encoding

GET
H2 200 / Show response
widget.getblue.io/event/ 13 B
92 B 262ms
252ms Script
text/javascript 18.228.178.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getblue.io/event/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&ulc=&v=29092023-1023&if=0&nocache=6996533387326.0205
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.228.178.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-228-178-86.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
content-length: 13
content-type: text/javascript;charset=UTF-8

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 96CD 4 KB
2 KB 163ms
47ms Document
text/html 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=780176371070&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

62851a5fee23c8238424e61b63ee22fc5c5f28a4ae2b5b7256ebe5cc084cedbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 09:29:43 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
465 B 148ms
40ms Image
image/gif 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=8102479658319200828&stamp=IbU_wwt4IeYDvP-67D9Y4w2

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
467 B 147ms
40ms Image
image/gif 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=6424851302511315778&stamp=GvZZ_Vc0GqIDvP-67D9Y4w2

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame A3C1
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731637863112&referrer=https%3A%2F%2Fquickwin765412.com%2Fen%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D75f5a1dc-bdcf-48df-b682-2a9ec219...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731637863112&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D75f5a1dc-bdcf-48df-b6...
https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.1572313

0
9 B

50ms
49ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.1572313
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Mon, 25 Dec 2023 09:29:43 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.1572313
content-length: 445
x-amz-cf-id: nF7iv3IiDd-xKLM9z-GHFdJWjoFilXLcDho-j-QSFQGygkxQm0iJAg==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame A3C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTYzNzg2MzExMg==&forward=
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTYzNzg2MzExMg==&forward=&google_tc=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEDu0_dK5xmBiEKryBLAYulA&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731637863112&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D75f5a1dc-bdcf-48df-b682-2a9ec219...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731637863112&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D75f5a1dc-bdcf-48df-b6...
https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.6610672

0
9 B

52ms
51ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.6610672
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Mon, 25 Dec 2023 09:29:44 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.6610672
content-length: 445
x-amz-cf-id: dgrgd6CQMaiWjGtyeR5fLh4gxPB_1v00QkEHCuo9-Kwj5OKUT2XfjA==

GET
H2 200 setuid
ib.adnxs.com/ Frame A3C1 43 B
830 B 44ms
39ms Image
image/gif 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5108559731637863112

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:42 GMT
an-x-request-uuid: 4f9fe05a-459c-4b09-877a-2ef3f04bd12e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.107; 80.255.7.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame A3C1
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559731637863112&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731637863112&redir=

42 B
717 B

58ms
58ms

Image
image/gif

52.49.2.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731637863112&redir=

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

52.49.2.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-2-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0422bf190.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: vlDk8NZHRIs=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-083ffdefc.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: nNaVS9NPSa0=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731637863112&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame A3C1 0
225 B 167ms
49ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5108559731637863112&r=
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 25 Dec 2023 09:29:43 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame A3C1 43 B
264 B 145ms
54ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5108559731637863112&r=
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame A3C1
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559731637863112&bid=omt9pi0

0
344 B

178ms
49ms

Image
text/plain

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559731637863112&bid=omt9pi0
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 09:29:43 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559731637863112&bid=omt9pi0
Date: Mon, 25 Dec 2023 09:29:43 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame A3C1 57 B
620 B 192ms
70ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559731637863112

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 09:29:43 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Mon, 25 Dec 2023 09:29:43 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame A3C1 43 B
109 B 413ms
162ms Image
image/gif 44.193.120.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559731637863112
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.120.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-120-159.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A3C1
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731637863112&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731637863112&forward=&C=1

43 B
343 B

78ms
76ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731637863112&forward=&C=1
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOXUFih48P%2BLPgmYZsvkI7427ce7%2Fj%2FI%2BiM%2F8aIoPf8V0yHggXjytKpOtsUVjkIDPWwViVckMlWuWH%2FPK%2BAiCXsvTV9YYGInKZa705C8UmnIHl9M0NkHf2W8W3LbiZVJx8wMSqG3PW1tDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b00fac8cd12681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1n86AUp5Mx1ftJPZBvyxinXG3lsBWNv0Ecn%2Bv1wfuRwXWObFaNrhSDli4byqsjMURORO%2FueUVup6jEIDRzEsfyhCCTphQ4dl9Ll1GRLBBiljsoxcANrY5%2BipNRrBoaH4thlCW5QBYV%2BCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5108559731637863112&forward=&C=1
cache-control: no-cache
cf-ray: 83b00fac1bfe2681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame A3C1 0
98 B 146ms
55ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559731637863112
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame A3C1 43 B
182 B 291ms
188ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559731637863112

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 09:29:43 GMT
pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame A3C1 43 B
175 B 362ms
117ms Image
image/gif 2600:1f18:612b:4264:cd63:6b3d:4f30:16c6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5108559731637863112&r=yd0-UJItJF9e
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cd63:6b3d:4f30:16c6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 25 Dec 2023 09:29:43 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame A3C1 43 B
377 B 148ms
44ms Image
image/gif 18.193.186.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559731637863112
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.186.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-186-61.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame A3C1 0
338 B 173ms
54ms Image
text/plain 18.203.91.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559731637863112
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Mon, 25 Dec 2023 09:29:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1703496583
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame A3C1 43 B
146 B 165ms
43ms Image
image/gif 18.198.94.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559731637863112&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.94.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-94-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame A3C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZYlLhwAJbqqflgAM
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYlLhwAJbqqflgAM&_test=ZYlLhwAJbqqflgAM

42 B
1 KB

46ms
46ms

Image
image/gif

193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYlLhwAJbqqflgAM&_test=ZYlLhwAJbqqflgAM
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 25 Dec 2023 09:29:43 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-etou8220063-FRA
pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1703496584.534372,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYlLhwAJbqqflgAM&_test=ZYlLhwAJbqqflgAM
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8A92 228 KB
79 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11435815060&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NFB7D7V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba307dacc6a84e2bd318b61edf8870a455bbe571913133a075fa369928701782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81014
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 09:29:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8A92 274 KB
91 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2NM3GY57HJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NFB7D7V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a69e4564195fee19c9112e911e3669f444d0bff0e07f2f081a47514b667f7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 09:29:43 GMT

GET
H2 200 cssession Show response
dsp-trk.eskimi.com/tracking/ Frame 8A92 2 B
172 B 146ms
48ms XHR
text/plain 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-trk.eskimi.com/tracking/cssession?tst&id=32550&url=https%3A%2F%2Fwinner-slots.online%2F&t=1703496583103
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://winner-slots.online
date: Mon, 25 Dec 2023 09:29:42 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/plain; charset=UTF-8

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ Frame 8A92 116 B
578 B 144ms
47ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?id=32550&url=https%3A%2F%2Fwinner-slots.online%2F&t=1703496583104
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 9358a4627489c95daf14a2f09e04c9b47ade29857bdd5ebb6901f7c955b757e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://winner-slots.online
date: Mon, 25 Dec 2023 09:29:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 main.MWNkZmM2YTcxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 8A92 401 KB
109 KB 50ms
49ms Script
application/javascript 2.16.1.235
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK8KFRRC77UACAV1FU60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-235.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 87260ecf581a44a18ca2165015348383b430e6b77ca0b0ec4a9a3b1ebff57160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 1b3b77e0
date: Mon, 25 Dec 2023 09:29:43 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202312211225582FCBB6CBC3D220FA8486
x-tt-trace-id: 00-2312211225582FCBB6CBC3D220FA8486-46E776827AEACA11-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-1-231.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d8a829ef52f4b58bb68bd9d0f1eb195f48710acdd4bfbb1576fbc71d6817f28073cf660e4b0a54185aaacf9d36a4c6494eec958bd412214d936ccbf608709351c80701ff99d34bf0eb95d1b94bd4ca72855903841e108a89aec07ffcac25eccf
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=15
content-length: 110479

GET
H2 200 2039699393095584 Show response
connect.facebook.net/signals/config/ Frame 8A92 133 KB
35 KB 46ms
42ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2039699393095584?v=2.9.138&r=stable&domain=winner-slots.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6bc617ac8e5122153b2daed71181bdf2a735d28a71ac27101f766125f36a8126

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Dec 2023 09:29:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35377
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ExfbIm3fam73xYTd/ajJ10iswYlZ/xVMGrYhiH+8QeGn3tasegHu0jUspwCvbhF9JpoqRLUHyPpPRp1IQi5CkA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11435815060/ Frame 8A92 3 KB
2 KB 168ms
79ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11435815060/?random=1703496583200&cv=11&fst=1703496583200&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&top=https%3A%2F%2Fquickwin765412.com&hn=www.googleadservices.com&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&did=dZTNiMT&gdid=dZTNiMT&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11435815060

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cc96eb83822c2ea850a7be9dea083f1001e53a49a4d8b9c04d7625fb2375862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 96CD 0
384 B 47ms
47ms Image
text/plain 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 96CD 43 B
199 B 169ms
54ms Image
image/gif 34.247.112.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=8102479658319200828&Expiration=1704706183
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.112.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-112-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 09:29:43 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 96CD 0
235 B 174ms
64ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 09:29:43 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 24 Dec 2023 09:29:43 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 96CD 0
214 B 201ms
41ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 96CD 0
38 B 142ms
39ms Image
text/plain 52.58.74.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8102479658319200828&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.74.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-74-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
content-length: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 96CD 43 B
163 B 139ms
43ms Image
image/gif 89.149.192.201
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=8102479658319200828&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.201 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:42 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 96CD 43 B
639 B 232ms
40ms Image
image/gif 2607:ae80:4::26
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 09:29:43 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1703496583468085-594

GET
H2 200 sync
x.bidswitch.net/ Frame 96CD 43 B
145 B 51ms
40ms Image
image/gif 18.198.94.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.94.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-94-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 rum
dsum-sec.casalemedia.com/ Frame 96CD 43 B
768 B 99ms
90ms Image
image/gif 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8102479658319200828&expiration=1704706183
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1ChbiEw6GcYG89OpIPsgf1G%2BkrPzXjUgbDRwW2ZremACI5SK%2BkNaznb1oROOneFATvQc3Mgqgp2EwvFlmXl%2FXxDO7ikpV0MZ42KYRQMKMh5ffiDdA2hyl%2FeKHuH72i94GVpFU3B4G2llg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b00fae1e9e2671-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame 96CD
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8102479658319200828&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8102479658319200828&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=8102479658319200828&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7316462112846837910&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=2313369764290011469&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Nzk3NzM1NDEzMDYzMkExNg&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEJHLxKM1uotwWgCOhXcSk4w&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEJHLxKM1uotwWgCOhXcSk4w&sInitiator=internal&google_cver=1&gdpr=

0
415 B

52ms
51ms

Image
text/plain

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEJHLxKM1uotwWgCOhXcSk4w&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:46 GMT
uip-status: Ok
frontend-id: 06
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:46 GMT
frontend-id: 7
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEJHLxKM1uotwWgCOhXcSk4w&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 96CD 0
344 B 114ms
41ms Image
text/plain 52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8102479658319200828&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 09:29:43 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 96CD
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8102479658319200828
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8102479658319200828&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
386 B

198ms
38ms

Image
image/gif

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 25 Dec 2023 09:29:44 GMT
x-age-lb: 522587
x-77-cache: HIT
x-accel-date: 1702973997
content-length: 43
x-77-nzt: EQwBnJIhiwH3W/kHAA
x-accel-expires: @1703945611
x-77-age: 522587
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: cf87872763594d0d884b8965e3c3350c
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Mon, 25 Dec 2023 09:29:43 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 96CD 0
42 B 58ms
49ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8102479658319200828/gdpr=/ Frame 96CD 49 B
266 B 186ms
56ms Image
image/gif 54.194.101.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8102479658319200828/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.101.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.202
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 96CD 62 B
218 B 193ms
177ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 25 Dec 2023 09:29:43 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 96CD 43 B
97 B 54ms
48ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 96CD
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

186ms
69ms

Image
image/gif

52.92.16.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Server: 52.92.16.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 09:29:45 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: DVF792FPG1MZQX3E
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: hn47Oig5Uj1LzZYX3VQQMYaz21980Sdtx1I7mjXRFvzw4fzD1nbq+qZwckmgndTapBKXYOL0d0A=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 25 Dec 2023 09:29:42 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET /
cm.adsafety.net/ Frame 96CD 0
0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 96CD 0
337 B 68ms
61ms Image
text/plain 18.203.91.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Mon, 25 Dec 2023 09:29:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1703496583
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 96CD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODEwMjQ3OTY1ODMxOTIwMDgyOA
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKjUXLi_HT5jfi3Mq3bTnkc&google_cver=1&google_ula=1641347,0

35 B
600 B

48ms
47ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKjUXLi_HT5jfi3Mq3bTnkc&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKjUXLi_HT5jfi3Mq3bTnkc&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 96CD 0
384 B 54ms
47ms Image
text/plain 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame 96CD
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=2313369764290011469&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6424851302511315778

43 B
918 B

40ms
40ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6424851302511315778

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
an-x-request-uuid: a15b076a-ebf4-4428-9542-a7816aa0ab47
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.107; 80.255.7.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=6424851302511315778
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 96CD 0
225 B 133ms
41ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 25 Dec 2023 09:29:41 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 96CD 43 B
444 B 143ms
40ms Image
image/gif 65.9.66.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-43.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 18:52:22 GMT
Via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-C1
Age: 52641
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: j_jLcQ5Z3r0tPjzRotsYxXzcWUzK357P-JdtUGoFYpsrAmXPbUGplw==

GET
H/1.1

200

p
a.audrte.com/ Frame 96CD
Redirect Chain

https://a.audrte.com/a?adform_uid=8102479658319200828
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2ZnMUFYTHZEUktSdWktMGZXVTVuOU15Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

56ms
56ms

Image
image/png

34.247.94.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: HTTP/1.1
Server: 34.247.94.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-94-113.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 09:29:44 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 25 Dec 2023 09:29:44 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 96CD
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8102479658319200828&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://c1.adform.net/serving/cookie/match?party=1007&cid=43450434927851123953239613345316847490&noredirect=1

35 B
591 B

47ms
47ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=43450434927851123953239613345316847490&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-irl1-2-v054-0dcc54b67.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: JwywQbBwTJA=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=43450434927851123953239613345316847490&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 96CD
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8102479658319200828
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217233104741001031995

35 B
591 B

62ms
49ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217233104741001031995

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217233104741001031995
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 96CD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7316462112846837910

35 B
591 B

49ms
48ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7316462112846837910

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7316462112846837910
Date: Mon, 25 Dec 2023 09:29:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 96CD 62 B
429 B 178ms
178ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 25 Dec 2023 09:29:43 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 96CD
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=zNiNdVoG1RhHhl5

35 B
591 B

47ms
46ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=zNiNdVoG1RhHhl5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 09:29:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=zNiNdVoG1RhHhl5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 96CD 70 B
149 B 178ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET image.sbmx
global.ib-ibi.com/ Frame 96CD 0
0

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 96CD 43 B
921 B 128ms
40ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=8102479658319200828

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 96CD
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=164262125
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=H0ELnQSjqqJSQXlHUV7Aou

35 B
591 B

56ms
55ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=H0ELnQSjqqJSQXlHUV7Aou

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
via: 1.1 google
last-modified: Mon, 25 Dec 2023 09:29:44 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=H0ELnQSjqqJSQXlHUV7Aou
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 96CD 23 B
163 B 201ms
68ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 09:29:44 GMT
pragma: no-cache
date: Mon, 25 Dec 2023 09:29:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 /
s.ad.smaato.net/c/ Frame 96CD 0
238 B 161ms
69ms Image
text/plain 2600:9000:211e:a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
cache-control: no-cache, must-revalidate
via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 7E7UZp4MM-9t-CEjJ6Dx9AklyR5HjQ_JLqfIxXs_RI9ZcCcdmpjzPA==
x-cache: Miss from cloudfront

GET
H2 200 8102479658319200828
match.contentexchange.me/adform/ Frame 96CD 0
49 B 161ms
49ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/8102479658319200828?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 96CD 37 B
140 B 120ms
40ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=8102479658319200828&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame 96CD 0
44 B 130ms
40ms Image
text/plain 52.58.128.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=8102479658319200828
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.128.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-128-62.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 96CD 0
384 B 52ms
48ms Image
text/plain 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8102479658319200828&agencyId=9093&advertiserId=2180301&src=tp&rnd=903957
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 47ms
46ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=6dbc1654108520062cc5e1b2cbe1761d0aeee75ec04eecdef0bd17e37b76a87c&ttl=&rurl=https%3A%2F%2Fquickwin765412.com%2Fen%2F

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

/
cms.getblue.io/cm/ Frame 7274
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&google_ula=6572934421&ula=65729344...
https://cms.getblue.io/cm/?src=adx&child=europe&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&google_gi...

2 B
100 B

727ms
240ms

Image
application/json

18.229.93.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&google_gid=CAESEOUFFeZ9JDqXE8k3kF__do8&google_cver=1&google_ula=6572934421,0
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&ulc=&v=29092023-1023&nocache=7182924749011.299
Protocol: H2
Server: 18.229.93.177 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-93-177.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&google_gid=CAESEOUFFeZ9JDqXE8k3kF__do8&google_cver=1&google_ula=6572934421,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 493
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame 7274 43 B
880 B 44ms
41ms Image
image/gif 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=449&code=D14DA49C-5D51-4A4A-807CAF19B751A7CD

Requested by

Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&ulc=&v=29092023-1023&nocache=7182924749011.299

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
an-x-request-uuid: a8492f43-637b-4c62-b506-b48c205755b1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.107; 80.255.7.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame 7274
Redirect Chain

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&appn...
https://cms.getblue.io/cm/?src=appnexus&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&appnexusid=2313369764290011469

2 B
99 B

637ms
240ms

Image
application/json

18.229.93.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=appnexus&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&appnexusid=2313369764290011469
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&ulc=&v=29092023-1023&nocache=7182924749011.299
Protocol: H2
Server: 18.229.93.177 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-93-177.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
an-x-request-uuid: 5c2ba853-da2d-425e-b8e1-ed1309c95982
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cms.getblue.io/cm/?src=appnexus&ckid=D14DA49C-5D51-4A4A-807CAF19B751A7CD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=c79c007b-034b-4de0-ae11-62a72dd9a029&appnexusid=2313369764290011469
x-proxy-origin: 80.255.7.107; 80.255.7.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 audience-pixel.min.js Show response
event.getblue.io/r/ Frame 7274 5 KB
3 KB 245ms
243ms Script
application/javascript 18.228.178.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/r/audience-pixel.min.js?nocache=1090

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.228.178.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-228-178-86.sa-east-1.compute.amazonaws.com

Software

Resource Hash

53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 03:42:18 GMT
etag: W/"5608-1703475738546"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H3 200 wmetrics Show response
metrics.getrmads.com/ 0
515 B 156ms
154ms Script
text/javascript 2606:4700:3032::6815:4d08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.getrmads.com/wmetrics?rtid=REH-1691446272083886&lg=en-us&sr=1600x1200&fr=0&dr=&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: metrics.getrmads.com
URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RsgVoCJ3KE8DRF4w8r%2BeopKTGL06vwmb4TW2ST6knsTx5dCF75t89nsLcOdK9%2BvU3TBt6ZH6Isj4Epp5K7aWsnY335ppFUJTzelM%2FDaG8pPYs0VSYwjbN%2FdV4LKvvyCdZr7VHfqtzM4WzCJwfEELhezfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83b00fae2fc7913d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 8A92 0
185 B 132ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2039699393095584&ev=PageView&dl=https%3A%2F%2Fwinner-slots.online%2F&rl=&if=true&ts=1703496583439&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=empty&it=1703496583130&coo=false&rqm=GET

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 25 Dec 2023 09:29:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_ce767.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 8A92 135 KB
36 KB 44ms
43ms Script
application/javascript 2.16.1.235
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-235.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 1b3b7868
date: Mon, 25 Dec 2023 09:29:43 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231221122558EA9330604E6CD05DD083
x-tt-trace-id: 00-231221122558EA9330604E6CD05DD083-3E03433B8E62332E-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-1-231.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e986f5f446f9c4b61d94662c922dd894b7b17604eadb1d5323ecb0dc98c9699fd62a6991a48174c54c7f4af2bb0e6a5c5e0d380b0cf94239a58811974a9a31f3eedcf5d75c1659740a0ed52e63241f6c1e5aca21dda541e9b66820784956dc86
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 36096

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 8A92 0
838 B 165ms
164ms Ping
text/plain 2.16.1.235
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-235.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winner-slots.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b6abbbf0.1b3b7884
date: Mon, 25 Dec 2023 09:29:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312250929434629DF02F4F70A0AC789-46E7768292B36AF5-00
x-cache: TCP_MISS from a2-16-1-231.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 116,2.16.1.231
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=31, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312250929434629DF02F4F70A0AC789
x-cache-remote: TCP_MISS from a23-48-200-77.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.48.200.77
x-tt-trace-host: 01e68f26c3a9b73ae1f5007f932e91ef3283d7b9eecf61bebe732d6a6fed41efc306f72d8204a84346320b0bca082003168b557e751c763712b44bf90f888e540472941ee47746e9f1c0779444576362a18278271bb486b645b17984e1da81d8c66b1c41f4a48cb551f5c3ba53b0c850b2
access-control-allow-headers: Authorization,*
expires: Mon, 25 Dec 2023 09:29:43 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11435815060/ Frame 8A92 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11435815060/?random=1703496583200&cv=11&fst=1703494800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_FKAaBk1cz0XdkxKV1F1YMUzwiKoLtF00W88E_cZFILgMf6kf&random=2845363143&rmt_tld=0&ipr=y

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11435815060/ Frame 8A92 42 B
455 B 139ms
49ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11435815060/?random=1703496583200&cv=11&fst=1703494800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_FKAaBk1cz0XdkxKV1F1YMUzwiKoLtF00W88E_cZFILgMf6kf&random=2845363143&rmt_tld=1&ipr=y

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 09:29:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame B7A8 236 B
639 B 42ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
x-amz-version-id: vFeMRdO_ves3AqXqcJa51X.kBsGbKmeW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: A4N17FH4T4Q3T2FA
age: 1752048
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: jj3IJP8SG1qYvE4k5/yGOQQcVY1t9fS2FwFAUdl7K5931Xd3flm5WF8IJiZ/yy12ah/e+h8TsYA=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ov%2BHyFNlr5prfGA%2FwbCHoakd04Ao%2FzQQIpxHKIKzPh5MfQT%2FHInNQdlbX17fvILF0K2CQFKsjGcOQy8V8FK3Js6niDMHkc4G1ioELn05ehHe%2FPc3k7ztD3FrAMZGgl3DT8BY%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b00fb2cc4858f0-TXL
expires: Wed, 04 Dec 2024 00:24:09 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ Frame 8A92 0
839 B 178ms
177ms Ping
text/plain 2.16.1.235
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-235.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winner-slots.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6c8f0ec5.1b3b79cf
date: Mon, 25 Dec 2023 09:29:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231225092944411342ACF72B2E856336-3EF8C84ADBEA0F0F-00
x-cache: TCP_MISS from a2-16-1-231.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 125,2.16.1.231
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=39, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231225092944411342ACF72B2E856336
x-cache-remote: TCP_MISS from a23-220-105-152.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.220.105.152
x-tt-trace-host: 01e68f26c3a9b73ae1f5007f932e91ef321d8698954536b06e203e3862ba77376fd719f51f81de5da9548a6d49b3131177f7b85a6abb73f31efaa36c5c705127bf8f153bff37063b1319cabf71efe6314a8e1698286369ab2e8f0181af07467490ebd58e83e27a9fc70b2efcd3e61073a0
access-control-allow-headers: Authorization,*
expires: Mon, 25 Dec 2023 09:29:44 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame B7A8 19 KB
20 KB 47ms
47ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 25 Dec 2023 09:29:44 GMT
x-amz-version-id: 4bV_wFumuJbx5cco1BXg1VPt41lZHsX1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZJZE7JMCCHH4D6TV
age: 2711058
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: eANrIaPqScX/HcTBuO9Ygxuy2PDIF5gMPbbtEnNP4r8awfJScAcJ08j4BwLBd4anl8viLy0rADU=
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq0xvawzIOT6cCzwyv%2FLhScOzre7bm7MDYbOur9VjeacmlTWeL46uJDjJTTZLYtv7Lt0E80v69m8U649NdKk%2FAcPUmo1UGTVejAInRxjHB7ahvIoHRWboYvz3t4c2wkVyIJFOkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b00fb3ee9a58f0-TXL
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame F1E7 26 B
1023 B 46ms
45ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=48767&ca=20846458&ri=3d9f20fa6d47184346a0a33b70f6766c&stats=%7B%2213488%22%3A%221426%2C2%22%2C%2217243%22%3A%22199%2C1%22%2C%2242261%22%3A%22316%2C1%22%2C%2250495%22%3A%22470%2C1%22%2C%2252220%22%3A%22352%2C1%22%2C%2253935%22%3A%22352%2C1%22%2C%2254497%22%3A%22402%2C1%22%2C%2254855%22%3A%22335%2C2%22%2C%2254863%22%3A%22613%2C1%22%2C%2255073%22%3A%22341%2C2%22%2C%2256659%22%3A%22431%2C1%22%2C%2256885%22%3A%22586%2C2%22%2C%2257347%22%3A%22426%2C2%22%2C%2257363%22%3A%221241%2C1%22%2C%2258143%22%3A%22342%2C1%22%2C%2258553%22%3A%221263%2C2%22%2C%2258561%22%3A%22445%2C1%22%7D&ra=3588854517467428
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Mon, 25 Dec 2023 09:29:44 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 StaticTranslations Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 30 KB
9 KB 177ms
60ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76b62116376801eb5ddd47252fe3a7b5525cf95e5c056e33fc359675d845e771

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
age: 4841
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=600
cf-ray: 83b00fb878c2bbd3-FRA
content-length: 9293

GET
H2 200 GetCountryCode Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 20 B
180 B 179ms
59ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetCountryCode?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 GetWidgetsConfiguration Show response
sb2integration-altenar2.biahosted.com/api/Widget/ 4 KB
1 KB 181ms
64ms Fetch
application/json 2606:4700:10::ac43:1ce8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB&theme=light

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ce8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a37fd2b63accd942753709978d237c49cd1372250d1efdfa471ae6d58d7db60

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 83b00fb87f451ad7-FRA

GET
H3 200 launch Show response
quickwin765412.com/en/api/v2/sport/ 159 B
567 B 154ms
154ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/sport/launch?code=sport

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae82102158a00126d6386338f5729f70962283d5faf3f0d109c5974a0b67629

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 9
request-id: feapi-961348a5-a325-4c96-8a03-41608f00e38c
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 09:29:35 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 09:29:35 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703496635601
cf-ray: 83b00fb7cdd2aca9-TXL
x-device-name: Generic Smartphone

OPTIONS
H2 204 GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0
0 67ms
50ms Preflight 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://quickwin765412.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Dec 2023 09:29:45 GMT
server: nginx
strict-transport-security: max-age=15552000
via: 1.1 google

POST
H2 200 GetMultipleBonuses Show response
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ 1 KB
1 KB 56ms
55ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1062

GET
H2 200 GetRules Show response
sb2frontend-altenar2.biahosted.com/api/BetMentor/ 12 B
92 B 60ms
60ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/BetMentor/GetRules?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da506c8a9c8a9f31aa00eaeef23d49764b9ace97158a1a0a7aa628e6d446b0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 83b00fb8c90cbbd3-FRA

GET
H2 200 GetSystemParams Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 517 B
581 B 55ms
54ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6e12a1b5de1229a598cc5764d4df956c4e5d185269c091f11f77def8528a1318

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517

OPTIONS
H2 204 GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0
0 57ms
55ms Preflight 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://quickwin765412.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Dec 2023 09:29:45 GMT
server: nginx
strict-transport-security: max-age=15552000
via: 1.1 google

POST
H3 200 GetMultipleBonuses Show response
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ 1 KB
1 KB 57ms
55ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1062

GET
H2 200 GetSystemParams Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 517 B
577 B 57ms
56ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB&countryCode=DE

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6e12a1b5de1229a598cc5764d4df956c4e5d185269c091f11f77def8528a1318

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517

GET
H2 200 81851.f8d2ff4e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 2 KB
1 KB 43ms
43ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/81851.f8d2ff4e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bf08d53d64bd0d01bce2588cb207bb8a4e4676a50fca383612c0f4e977dbf6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:16:48 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 777
x-guploader-uploadid: ABPtcPo0M7fNRi0A9z456-fD_yVc3UY-fWYfSjoPDrp5WFZ9IuLXujwn9yJxt-xTGA6o5RHbxfc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1046
last-modified: Fri, 15 Dec 2023 12:47:11 GMT
server: UploadServer
etag: "abc23df0cdfc03af5eb446730a00a460"
vary: Accept-Encoding
x-goog-generation: 1702644431117439
x-goog-hash: crc32c=CaywRQ==, md5=q8I98M38A69etEZzCgCkYA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1046
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 10:16:48 GMT

GET
H2 200 58455.b15af96e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 195 KB
20 KB 41ms
41ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/58455.b15af96e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bc8894bdb4894c36652d8b265a5cb7f77635ffc48ff5764957a73f602a3c26e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:55:56 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2029
x-guploader-uploadid: ABPtcPoMNV9fhEE6P8_RLx0xn5mSofH4XMCYxADjnx10S9cAvi2y7uOi2PslE7Sbtgnbq4COHPQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20671
last-modified: Fri, 15 Dec 2023 12:47:03 GMT
server: UploadServer
etag: "2a8bb22c3dbfd596ca11d9d812a0fba3"
vary: Accept-Encoding
x-goog-generation: 1702644423760285
x-goog-hash: crc32c=2QMH+A==, md5=KouyLD2/1ZbKEdnYEqD7ow==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 20671
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:55:56 GMT

GET
H2 400 css2
fonts.googleapis.com/ 0
0 51ms
51ms Stylesheet
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=%22Gilroy%22:wght@400;500&family=Roboto:wght@300;400;500;700&family=Libre+Barcode+39:wght@400&display=swap
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 58463.24ff136d.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 19 KB
7 KB 41ms
40ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/58463.24ff136d.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 155883ac227c8554ed4bfb278b6f99bfbcd93a3305c28bf7d05e0b3b67ac3166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPokv2huP8zorSsMcWYT4eJhk2qjINISfmoJWsJcc2jIegq3WmefoLcP0yfBfDf89KCpJmgnpWPc4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7416
last-modified: Fri, 15 Dec 2023 12:47:03 GMT
server: UploadServer
etag: "2d7e195fa87ea26fa61651fb4ec7bd1d"
vary: Accept-Encoding
x-goog-generation: 1702644423809702
x-goog-hash: crc32c=cbIE5w==, md5=LX4ZX6h+om+mFlH7Tse9HQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 7416
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 1604.c67894d0.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 52 KB
12 KB 41ms
41ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/1604.c67894d0.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93ce75e5eb31481969ea384e9b1464cdf304eec087ccc4149cd593715921507f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:47:52 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2513
x-guploader-uploadid: ABPtcPpQOURrVKQayjPZPI7WLacXPPzqmWYanEKbDP6S7Mu1IvTtd-F5BUQC63gfnXm_mq0WyEerqz8svw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12612
last-modified: Fri, 15 Dec 2023 12:46:50 GMT
server: UploadServer
etag: "0062cf973fe91754304d4bc2281f8f31"
vary: Accept-Encoding
x-goog-generation: 1702644410224428
x-goog-hash: crc32c=HFTz/g==, md5=AGLPlz/pF1QwTUvCKB+PMQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 12612
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:47:52 GMT

GET
H3 200 57333.2fcb7446.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 13 KB
5 KB 51ms
50ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/57333.2fcb7446.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ae63da45700241400f827429003ec1048254997563a16d4c174de6a32720706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:46:24 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2601
x-guploader-uploadid: ABPtcPrjVIQSYQKqM_VjYpofG1-ui2tyNLT7GHz5D5Xl0rxixhzABz5oaUBeQ4KwLGayWJ-u1ltUs5UTjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5082
last-modified: Fri, 15 Dec 2023 12:47:03 GMT
server: UploadServer
etag: "522742a9f70120b01e5fef0faaf015b4"
vary: Accept-Encoding
x-goog-generation: 1702644423513193
x-goog-hash: crc32c=JtA1Og==, md5=UidCqfcBILAeX+8PqvAVtA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5082
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:46:24 GMT

GET
H3 200 41335.e0d4ee39.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
5 KB 54ms
54ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/41335.e0d4ee39.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 89f95f5e6eb76319aeac8f44337b4a21ba82d266b60a495658f48ac6b9759b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:13:06 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 999
x-guploader-uploadid: ABPtcPrTr4XcgTbYsp5PHtlrCGRglcKkZ4N5y--MwKuq9TaqV3eCbaDMXk2EAqSIwNQtdY8Ainc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5544
last-modified: Fri, 15 Dec 2023 12:46:58 GMT
server: UploadServer
etag: "6aa973e524a62cae3eac0c4e3b2f3668"
vary: Accept-Encoding
x-goog-generation: 1702644418547779
x-goog-hash: crc32c=+rsqmw==, md5=aqlz5SSmLK4+rAxOOy82aA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5544
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 10:13:06 GMT

GET
H3 200 191.2503dd8b.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 100 KB
33 KB 58ms
58ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/191.2503dd8b.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2233754fdfaada7798be8f96854289b010c426db98f7a7d01e008b4828afa545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:20:44 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 541
x-guploader-uploadid: ABPtcPpxo1TnxiNIwr_nt44BEIEbJ64myc3YmvgRVQG-YNgeXvsOs6OXVp6tgizoZPWoXGzt1M0wNHT1Yw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33625
last-modified: Fri, 15 Dec 2023 12:46:51 GMT
server: UploadServer
etag: "384987c6a7668447335779330020c6ff"
vary: Accept-Encoding
x-goog-generation: 1702644411367411
x-goog-hash: crc32c=PyCueA==, md5=OEmHxqdmhEczV3kzACDG/w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 33625
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 10:20:44 GMT

GET
H3 200 51844.f8ec3d8d.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 5 KB
2 KB 74ms
73ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/51844.f8ec3d8d.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c138f5424629d2a5ca8504b783784078b326a7a8426ce38386e4f4a419047b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:20:34 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 551
x-guploader-uploadid: ABPtcPosH_JmdwRUNL6U4sPXJOGJWzoAB1HGAHnEu2rE0EPSAaLkJ2nL7C6MEZoaLG_JH1UJnHUNnhibWA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2080
last-modified: Fri, 15 Dec 2023 12:47:01 GMT
server: UploadServer
etag: "196f91e70638065ed6ae5673a9e861af"
vary: Accept-Encoding
x-goog-generation: 1702644421785874
x-goog-hash: crc32c=H7rptg==, md5=GW+R5wY4Bl7WrlZzqehhrw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2080
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 10:20:34 GMT

GET
H3 200 32156.183cca06.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 12 KB
4 KB 74ms
74ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/32156.183cca06.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 342922b9815914af8a301d4429feba88cdf99af5aa40065a68b170deb3144709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPrFkxcKskjnku40BWDqUHHZApGhIGJJRhSE4coqbkY3dITillfrOEndzdvhUR25P7wOU5AJ3gEvHQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
last-modified: Fri, 15 Dec 2023 12:46:55 GMT
server: UploadServer
etag: "80fae61b897b8b4dc9b23b3178703515"
vary: Accept-Encoding
x-goog-generation: 1702644415389874
x-goog-hash: crc32c=Jr3nqA==, md5=gPrmG4l7i03JsjsxeHA1FQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3729
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 11602.7834f8fc.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 2 KB
990 B 79ms
78ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/11602.7834f8fc.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8810a5432c47d6ef190d61ff42f61843e1321590ccb1feb54f786f268aa979f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPrq5-FiwDh1GV5c91-kcZLwR1y--U5LzsD8OP-CQaMaQ-GY0YwiL8y9TLTyY_wa5Kjl2NN3Z2GG3g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 946
last-modified: Fri, 15 Dec 2023 12:46:49 GMT
server: UploadServer
etag: "6400fda64cb121319ce423d1f2f6aaf5"
vary: Accept-Encoding
x-goog-generation: 1702644408937410
x-goog-hash: crc32c=Kii41g==, md5=ZAD9pkyxITGc5CPR8vaq9Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 946
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 8125.6aa1f591.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 5 KB
2 KB 78ms
78ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/8125.6aa1f591.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dfbca6040f3d8352da55124ac60a7f6b2535173a3b47bec0c9323b71a5b775a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:18 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 27
x-guploader-uploadid: ABPtcPq2lUQpBHCK53NOTqqzub4W-x-Usq-kaKBPQRPv1CfYWXG5PnhxbjKcIA1xdkLH95ch3F-xGZfkPQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1584
last-modified: Fri, 15 Dec 2023 12:47:10 GMT
server: UploadServer
etag: "27c5dbc5088455609ce0ce15cb6cba8c"
vary: Accept-Encoding
x-goog-generation: 1702644430878654
x-goog-hash: crc32c=zh+nbw==, md5=J8XbxQiEVWCc4M4Vy2y6jA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1584
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 10:29:18 GMT

GET
H3 200 70234.89a57a8b.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 11 KB
3 KB 79ms
79ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/70234.89a57a8b.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f9c9f6c70ddd55d39e67461890729c9e0bf8e426e2e02122b4699f9783dd7c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:46:49 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2576
x-guploader-uploadid: ABPtcPrcVbJ24jDWj-Rsf9SDHO_KlPrlHIJ7D75jvmhcki9VsvGPNEBdr8WTz2a7bQM5pt8WPurh8OFy_g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2705
last-modified: Fri, 15 Dec 2023 12:47:07 GMT
server: UploadServer
etag: "c630738849a76b3969380f18742fdb8c"
vary: Accept-Encoding
x-goog-generation: 1702644427730693
x-goog-hash: crc32c=i7ytXg==, md5=xjBziEmnazlpOA8YdC/bjA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2705
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:46:49 GMT

GET
H3 200 2826.07ad82b3.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 12 KB
3 KB 82ms
81ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/2826.07ad82b3.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8035763ab5fb9a8c404326596a14a168089d87e84f717258cf96bfc77c5e0178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPpNkZzO2iz_gb0CDJXf7oypLMYc3dVFoB-28_JFa1QOFcJf9Wekzq7A4QZQP4iSWcXIkczRAUrT7w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3081
last-modified: Fri, 15 Dec 2023 12:46:54 GMT
server: UploadServer
etag: "507a71b66d1c94c3b55d917f04c687a6"
vary: Accept-Encoding
x-goog-generation: 1702644414187361
x-goog-hash: crc32c=jPYWFg==, md5=UHpxtm0clMO1XZF/BMaHpg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3081
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 69182.2408f4d2.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
5 KB 82ms
81ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/69182.2408f4d2.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4290f8735f531628998cf650136b94db9674c7238e65605c0e331e76c28295cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPr563NP8BITyjrvHHxIRAg590AFdLtpK3kZyU8tEcTV4bSLJDXNu-U8I8STZ_jKvp3GPGvgvDX63Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5007
last-modified: Fri, 15 Dec 2023 12:47:07 GMT
server: UploadServer
etag: "7dae7445ea63cf49bed5a5446e61e9c3"
vary: Accept-Encoding
x-goog-generation: 1702644427337738
x-goog-hash: crc32c=m9utRg==, md5=fa50Repjz0m+1aVEbmHpww==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5007
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 69863.445f9be3.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
4 KB 89ms
88ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/69863.445f9be3.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a4e8174ae3e747763d7ba7362b16e4b5c49c7538727982f7c0a094e9db49f8bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPozbUYsbbj3O_95d37aqt33hI8Zs8ir53WfC_wti6hV3wEQj2ZwxynZhbRaD5UtqkkcZv7lOdSfNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3692
last-modified: Fri, 15 Dec 2023 12:47:07 GMT
server: UploadServer
etag: "09280d09e1085ea7fc493000e1d54cea"
vary: Accept-Encoding
x-goog-generation: 1702644427601487
x-goog-hash: crc32c=7xs3qA==, md5=CSgNCeEIXqf8STAA4dVM6g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3692
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 85548.eeeca7f1.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
3 KB 86ms
86ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/85548.eeeca7f1.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 14a2fe57e4f52b39b42dd580cfc3826c6a422ae0a2d2f94af5bd1b979744e2fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPrnuDzfKfmM6U6bwTulQvxdBY0VtaOtGJetOByrD3Upnqt2Px-ag5T2wX_4vdTSoJqOeIkqZt38lw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3164
last-modified: Fri, 15 Dec 2023 12:47:12 GMT
server: UploadServer
etag: "9669dc6576138834ff9461c8aee52b97"
vary: Accept-Encoding
x-goog-generation: 1702644432438733
x-goog-hash: crc32c=HbsqoA==, md5=lmncZXYTiDT/lGHIruUrlw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3164
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 17060.9fd15f5e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
4 KB 90ms
90ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/17060.9fd15f5e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f2714a441b8b3609c365b8570c4e08fc5bac9d6866f842d0029d905b01df398e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPpd4yWSVRQekZFimb25LDQ477EfwcY-7s90HA1oIUkmPyTSunRSHwqe1zL1XBuGAOGufWwvQpi_kw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4009
last-modified: Fri, 15 Dec 2023 12:46:50 GMT
server: UploadServer
etag: "50e41ddcb4aa64bac3004099926cdc87"
vary: Accept-Encoding
x-goog-generation: 1702644410700201
x-goog-hash: crc32c=N4TYwg==, md5=UOQd3LSqZLrDAECZkmzchw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4009
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 4956.c24f1926.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 20 KB
5 KB 91ms
91ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/4956.c24f1926.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b7c23cb2475f67db84f2b2bb59c3f8315747b1af584c7e97d1c80fe85653594a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPqxP0Zy-xlLCTAdqPIL2vzvCGtxMDmnXgth4ajDa3Tu12peHnzJ1bSTsRO2Ofukx9G3ycvOndwFow
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4877
last-modified: Fri, 15 Dec 2023 12:47:01 GMT
server: UploadServer
etag: "96559ea66e594b078df079bb197680f4"
vary: Accept-Encoding
x-goog-generation: 1702644421373749
x-goog-hash: crc32c=77DfZA==, md5=llWepm5ZSweN8Hm7GXaA9A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4877
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 96901.cd639ed4.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 41 KB
8 KB 93ms
93ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/96901.cd639ed4.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d44a77af748ee535171bfd04986e6e4c474bb989284e0c828ecb54fe8ceecb70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:47:52 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2513
x-guploader-uploadid: ABPtcPrAGtayN3t4LtBajj4kDz5nfcezbOo3NKdF4_rrAEXKuXokxoZIIFhTCbZlywHYjIaJiU6uA48J0Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8011
last-modified: Fri, 15 Dec 2023 12:47:15 GMT
server: UploadServer
etag: "95d5208c12ba039819df92c09da39e83"
vary: Accept-Encoding
x-goog-generation: 1702644435763595
x-goog-hash: crc32c=P+WXzg==, md5=ldUgjBK6A5gZ35LAnaOegw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8011
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:47:52 GMT

GET
H3 200 39246.78080e9c.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 11 KB
3 KB 98ms
97ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/39246.78080e9c.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e2bd2875521e41f499f90de3aa5bb55c195f011a8e186dcc72cf608ec8e8485b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPpELAkt2D8bcU9NVeMgGDYbtP4tSrXjTSxUEksPxFpjGmBaWEMjqHSocjsOZ6JPHizVbIuKkIEKpA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3474
last-modified: Fri, 15 Dec 2023 12:46:57 GMT
server: UploadServer
etag: "460821a825aa54e3bf2291e1146d30b2"
vary: Accept-Encoding
x-goog-generation: 1702644417823799
x-goog-hash: crc32c=+U4QVg==, md5=RgghqCWqVOO/IpHhFG0wsg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3474
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 85650.926859aa.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
5 KB 98ms
97ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/85650.926859aa.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3af3862b6da63e2b5900c8fca35e3686125ac5a80235442066a6ee77a57e35e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPr1_duP9UaUFyJXboutzc2dJs3VWZPkMPpRcnfzdDzKhGTUpAB2uNtBqfPPftHLLz4I8m42tNbF0g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4603
last-modified: Fri, 15 Dec 2023 12:47:12 GMT
server: UploadServer
etag: "38380cd2269e880da4d7d88242c1b18f"
vary: Accept-Encoding
x-goog-generation: 1702644432522875
x-goog-hash: crc32c=dY9RkQ==, md5=ODgM0iaeiA2k19iCQsGxjw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4603
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 62183.5874e42c.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 9 KB
3 KB 100ms
99ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/62183.5874e42c.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5ac0af5fb98a8b0f07bcf735d561ce64e8cb9e020501fa5b7d5d8f4c773b6a9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPoX8aMhxOLCRgTiUR1T4DicnN808gRupaQ4IHUQ4Q1LPLcGScz8d_Lca7MuNRfc2e0rG_H4Q_zyxQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3348
last-modified: Fri, 15 Dec 2023 12:47:05 GMT
server: UploadServer
etag: "9204431bae030b87525931c9d9cb7000"
vary: Accept-Encoding
x-goog-generation: 1702644425299059
x-goog-hash: crc32c=DTWH2Q==, md5=kgRDG64DC4dSWTHJ2ctwAA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3348
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 86437.1d4fbc4e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 23 KB
5 KB 100ms
100ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/86437.1d4fbc4e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b09128c9a5b10aa82818d517350a9c8ec712fa6778e8a802927ec7fb93edbb01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPqBEsyipj15D5pKLgGwNjXUNgBg8vUUjyMy81HBWyX6Ba8OsxJ-u1eXQ3yqi8OKx_H6kn4zkNmiJg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5346
last-modified: Fri, 15 Dec 2023 12:47:12 GMT
server: UploadServer
etag: "2ebc2b1fb07cf59e5ce984b891caea17"
vary: Accept-Encoding
x-goog-generation: 1702644432814644
x-goog-hash: crc32c=0c1p+A==, md5=LrwrH7B89Z5c6YS4kcrqFw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5346
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 40582.0fdfb0ec.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 24 KB
5 KB 100ms
100ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/40582.0fdfb0ec.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 47447f6389b91e28a7fb44bb0d9109ead0764d4fb20e0e205a8c4a1563860999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPrUZ-7qgGIwcO38siZi4SyFgd9JL4-CjeveCupN09WGj6RZaZBtuZWBbefsg3lE_-VeF5boON01Tw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4858
last-modified: Fri, 15 Dec 2023 12:46:58 GMT
server: UploadServer
etag: "567bba95ab3e1d71f9bdc4782d0ce6e1"
vary: Accept-Encoding
x-goog-generation: 1702644418288635
x-goog-hash: crc32c=J6lhPQ==, md5=Vnu6las+HXH5vcR4LQzm4Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4858
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 93209.049cd090.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 18 KB
4 KB 101ms
100ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/93209.049cd090.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e83ee36b99f5b99694fb14962ac5cd6e2d4e5258f1ed66800c9faa9b53431a55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:46:53 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2572
x-guploader-uploadid: ABPtcPoXWLqjx0K35wcG2Hr9AhD8uQ2DZhCIT54Kil8wctQfyimNeFYTLAGwLx_BK1JRwug6ebI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4085
last-modified: Fri, 15 Dec 2023 12:47:14 GMT
server: UploadServer
etag: "55bf775166886e86d2695d3142b0686d"
vary: Accept-Encoding
x-goog-generation: 1702644434606710
x-goog-hash: crc32c=pxKFiw==, md5=Vb93UWaIbobSaV0xQrBobQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4085
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:46:53 GMT

GET
H3 200 8825.2629e748.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 12 KB
4 KB 101ms
100ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/8825.2629e748.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ef68efdb442844721f8f5e8343e6c021dbe640572c7fb84481386dc08ff219db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:46:27 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2598
x-guploader-uploadid: ABPtcPo8HVLmm85hEdvUrixuyM8UjQ1asD9vpKIVifKOv-XypIT8pQoCnqazkNbAwLznN9USe1L33fb5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4081
last-modified: Fri, 15 Dec 2023 12:47:13 GMT
server: UploadServer
etag: "c7cf35b5be06950ac6a38efe9c0f8628"
vary: Accept-Encoding
x-goog-generation: 1702644433237937
x-goog-hash: crc32c=/BGxHQ==, md5=x881tb4GlQrGo47+nA+GKA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4081
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:46:27 GMT

GET
H3 200 65081.e860af08.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 8 KB
3 KB 103ms
103ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/65081.e860af08.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4551780a660e8d9f6c0e16aeda0c7cc9b0296f2aab4e53d0bb336788b6550498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:46:07 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2618
x-guploader-uploadid: ABPtcPoiSLu56COILRwt08bV-aQ-1BMEnn7ntUCxB3JNonefF6_ZOMg2HH6qeRQggbf5T99fY_k
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3282
last-modified: Fri, 15 Dec 2023 12:47:06 GMT
server: UploadServer
etag: "6aa88d0f5d00b189a062c05d6bf62fc6"
vary: Accept-Encoding
x-goog-generation: 1702644425932656
x-goog-hash: crc32c=1P6LSQ==, md5=aqiND10AsYmgYsBda/Yvxg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3282
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:46:07 GMT

GET
H3 200 20743.76c729ca.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
4 KB 104ms
103ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/20743.76c729ca.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e1597b04801911df295990c65d1932c2cb0cc91a304c8127419bca00f804ae12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2635
x-guploader-uploadid: ABPtcPrraz1iaHzVh_dosaDa5AYNltEgiS3fFw2OIYW7PyerH3paaSu2jRfqLOBSp3_DrcY_2UZRczzKug
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4152
last-modified: Fri, 15 Dec 2023 12:46:51 GMT
server: UploadServer
etag: "c81b674d89ed767ef87474e4ec0d6eab"
vary: Accept-Encoding
x-goog-generation: 1702644411761121
x-goog-hash: crc32c=xA/uLQ==, md5=yBtnTYntdn74dHTk7A1uqw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4152
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:45:50 GMT

GET
H3 200 83350.8458af05.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 65 KB
13 KB 103ms
103ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/83350.8458af05.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 577d21a2b26610180a8714a204448387dcb70731de4e198a017527053dd4ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:54:27 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2118
x-guploader-uploadid: ABPtcPp-OdC_0z1cKeM7Tnugl2gVTJ8lE8kQsmhbxQF1DHlxVHjg4FM0RBRjVI1dIyX31cRXqNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13577
last-modified: Fri, 15 Dec 2023 12:47:11 GMT
server: UploadServer
etag: "1114a4a7685e6af914b9cb532eb8593f"
vary: Accept-Encoding
x-goog-generation: 1702644431700095
x-goog-hash: crc32c=v3xzZQ==, md5=ERSkp2heavkUuctTLrhZPw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 13577
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:54:27 GMT

GET
H3 200 92089.007e8846.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 64 KB
14 KB 104ms
104ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/92089.007e8846.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cf597a3f14106e6e9ed69f14b80dca252bd0bc3c5542f03155539d607e8e10a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:46:53 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2572
x-guploader-uploadid: ABPtcPqpaiWX7PdRS5cv-bx-pKC1DYiwgv5M_9kS_emiM7XdDSpEOJiSA9t4V-HtoaepQ8si0PM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14601
last-modified: Fri, 15 Dec 2023 12:47:14 GMT
server: UploadServer
etag: "317ced46183b5ba9351ec5a22bb64976"
vary: Accept-Encoding
x-goog-generation: 1702644434307617
x-goog-hash: crc32c=Xn0OMg==, md5=MXztRhg7W6k1HsWiK7ZJdg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 14601
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:46:53 GMT

GET
H3 200 18588.1979bf45.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 34 KB
8 KB 107ms
107ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/18588.1979bf45.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cc5748832dad5ebe2db912ce4464be4a40376b103c157db67b6d57fd93b0d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:48:29 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2476
x-guploader-uploadid: ABPtcPrDb7kShgXX7KhnaqP_gvftmUrMDcsnIJgMwOsFJdWYVsMeYERQAHrxfudPAm094Q_lnn2PhDPwVnWyQ60
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7985
last-modified: Fri, 15 Dec 2023 12:46:51 GMT
server: UploadServer
etag: "605e5a91ac0a7271fe111e3063794bd5"
vary: Accept-Encoding
x-goog-generation: 1702644411246386
x-goog-hash: crc32c=popuTg==, md5=YF5akawKcnH+ER4wY3lL1Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 7985
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:48:29 GMT

GET
H3 200 90782.4c03877e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 8 KB
3 KB 111ms
110ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/90782.4c03877e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 750b6f51f97ede61dc2ae909d30da51c5501056f889c1961df6459681df635dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:48:29 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2476
x-guploader-uploadid: ABPtcPrZY95YPEhAb8EzkCOlkd4csnk53ta_ZBsOT7xBri4FMRGWuGtKBr4LR4bi8jsPdk3qaX3Dwo6H63clG0k
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3124
last-modified: Fri, 15 Dec 2023 12:47:14 GMT
server: UploadServer
etag: "c91ac989cb34ac873c768fa60bc5a2d2"
vary: Accept-Encoding
x-goog-generation: 1702644433934305
x-goog-hash: crc32c=IKOtHQ==, md5=yRrJics0rIc8do+mC8Wi0g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3124
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 09:48:29 GMT

GET
H2 200 GetTopEvents Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 6 KB
1 KB 64ms
63ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/widget/GetTopEvents?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB&countryCode=DE&eventCount=0&sportId=0&timePeriod=0

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a14657fb9016673814e7e01810f2d12e51be92f67232f5aa65c63a4dbf08e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3
cf-ray: 83b00fbc6cdcbbd3-FRA

GET
H2 200 GetTopEvents Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 93 B
162 B 62ms
61ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80346d8295c2e6aac4183c0bee0b3c356493eaa61da8b7ace46c78b7f2c34ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3
cf-ray: 83b00fbc6cddbbd3-FRA
content-length: 86

GET
H3 200 43741.png
quickwin765412.com/dimg/altenar_logo/ 36 KB
37 KB 43ms
43ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43741.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

087fcdc196cde517dd7e8a8e798f88ba505957e33d681ec9259dd22af13f4c60

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1748E78B5448A3B5
age: 257766
cf-polished: origSize=45737, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 37344
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:36 GMT
server: cloudflare
etag: "250f08bbdb0a051c61e240d9f059f54a"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdaa37aca9-TXL
x-conv-cache-status: HIT

GET
H3 200 43620.png
quickwin765412.com/dimg/altenar_logo/ 58 KB
59 KB 73ms
69ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43620.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a1dd50d7314fcdd6bd5e06259e75fc8603b42d1991b7b2e7eb3a80875a8d71

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 17709C6848433510
age: 148696
cf-polished: origSize=71775, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 59592
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:41 GMT
server: cloudflare
etag: "4617245cd41eea7b06cdf4eca83f851b"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba4caca9-TXL
x-conv-cache-status: HIT

GET
H3 200 43701.png
quickwin765412.com/dimg/altenar_logo/ 61 KB
61 KB 46ms
42ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43701.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25255eebea642aff44efb043effce8c130965162d70463f34ee8e7408c30508

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1778310EB8A2DF57
age: 190583
cf-polished: origSize=72631, status=vary_header_present
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 62343
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Aug 2023 09:20:21 GMT
server: cloudflare
etag: "8704ebef7a0768f216b0921da665fab5"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba50aca9-TXL
x-conv-cache-status: HIT

GET
H3 200 43703.png
quickwin765412.com/dimg/altenar_logo/ 52 KB
53 KB 74ms
70ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43703.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b543828b97af78d57453e24bbb18f4068bdbe1110ded8b6a00c76cc01f77385

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 177738059E23D362
age: 1644763
cf-polished: origSize=63592, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 53467
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 31 Aug 2022 09:06:06 GMT
server: cloudflare
etag: "54a26a86cf47d21336036b2e59d9e103"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba52aca9-TXL
x-conv-cache-status: HIT

GET
H3 200 43704.png
quickwin765412.com/dimg/altenar_logo/ 63 KB
63 KB 75ms
71ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43704.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b70e46dfae9a666aff3eb4a1f49cf85838c4e31769f5e511bd870be4ce9dc8e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1777341BA3198BE6
age: 323540
cf-polished: origSize=77815, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 64204
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:41 GMT
server: cloudflare
etag: "aad40af7b2947d39cc6a9266d1af3f0d"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba56aca9-TXL
x-conv-cache-status: HIT

GET
H3 200 43690.png
quickwin765412.com/dimg/altenar_logo/ 63 KB
63 KB 48ms
44ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43690.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed60d88e20b7fd9e9fcadf2c31561b829e7d998b19679e45fc290137e426853c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 17781D4FC914EB3D
age: 861512
cf-polished: origSize=75825, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 64641
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Nov 2022 15:07:03 GMT
server: cloudflare
etag: "b05e10536be1ee9a014078c63bbe1c19"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba57aca9-TXL
x-conv-cache-status: HIT

GET
H3 404 43696.png
quickwin765412.com/dimg/altenar_logo/ 347 B
347 B 77ms
73ms Image
application/xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43696.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c944330a83c9d715f57db4d742bf7e6cad58e94143aa5340ce659692f521f685

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
server: cloudflare
x-amz-request-id: 17A3D0345EE78207
age: 183
vary: Origin, Accept-Encoding
content-type: application/xml
cf-ray: 83b00fbdba5eaca9-TXL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 43625.png
quickwin765412.com/dimg/altenar_logo/ 40 KB
40 KB 77ms
73ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43625.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e61057c248057ed8a7e41bff44f79a32e6b9f33bbca7eaa66b6f18ff5bdc4390

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 174996E5164E13F4
age: 33934
cf-polished: origSize=49341, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 40900
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:37 GMT
server: cloudflare
etag: "fba4610c335bb30144040b5c7ca6154e"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba61aca9-TXL
x-conv-cache-status: HIT

GET
H3 200 44372.png
quickwin765412.com/dimg/altenar_logo/ 41 KB
42 KB 78ms
75ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44372.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f1aa5842ffa17891be38d946da663a8b05e7c8c43c8e2c647016592997893c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179DFBB5AC067CB1
age: 368716
cf-polished: origSize=45273, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 42346
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 11:18:19 GMT
server: cloudflare
etag: "bc32f6009e557d2cf05ca4fe816df606"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba64aca9-TXL
x-conv-cache-status: HIT

GET
H3 200 44358.png
quickwin765412.com/dimg/altenar_logo/ 43 KB
43 KB 48ms
44ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44358.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcbf3c26722321587d928e6354d7384bc1ada945d5efc687ed84eb46b46c636c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179E511D1E186375
age: 125512
cf-polished: origSize=46920, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 43865
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 11:18:19 GMT
server: cloudflare
etag: "014e75ef7faaa58b6d8544deaa70d5a3"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba67aca9-TXL
x-conv-cache-status: HIT

GET
H3 200 43700.png
quickwin765412.com/dimg/altenar_logo/ 72 KB
73 KB 100ms
96ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43700.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

188d84e31d011979a94c28e842f0e08695349c1e7f0a2e621a168bc39f022c35

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1738A0F198968389
age: 344102
cf-polished: origSize=88365, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 74158
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 31 Aug 2022 09:06:07 GMT
server: cloudflare
etag: "e06e0ab794893905150e89ece8db9c16"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba6aaca9-TXL
x-conv-cache-status: HIT

GET
H3 200 43698.png
quickwin765412.com/dimg/altenar_logo/ 104 KB
104 KB 101ms
97ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43698.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8595b34323d34103c66171aa6f8a3d75b0be34c70d6c703ad61995e53c97da0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179E3123C6DED498
age: 1644742
cf-polished: origSize=123344, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 106292
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Dec 2023 13:27:27 GMT
server: cloudflare
etag: "6cdeb2902af0847027d6575af4279c51"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba6caca9-TXL
x-conv-cache-status: HIT

GET
H3 404 44004.png
quickwin765412.com/dimg/altenar_logo/ 347 B
347 B 103ms
100ms Image
application/xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44004.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ef76252b5cfd262593787ebfeb5b35a343aed716268c71dc9e649c52a4358e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
server: cloudflare
x-amz-request-id: 17A3EBED1688ECEE
age: 183
vary: Origin, Accept-Encoding
content-type: application/xml
cf-ray: 83b00fbdba6daca9-TXL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 57223.png
quickwin765412.com/dimg/altenar_logo/ 347 B
347 B 104ms
100ms Image
application/xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/57223.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9487b95579ab7feea8c869e41d04aa2df85af83eba0f70ac9edf52126c28f6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
server: cloudflare
x-amz-request-id: 17A3EBED1490FE98
age: 183
vary: Origin, Accept-Encoding
content-type: application/xml
cf-ray: 83b00fbdba72aca9-TXL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 43692.png
quickwin765412.com/dimg/altenar_logo/ 54 KB
55 KB 104ms
101ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43692.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1887c1b4418ece2ab4e957d3b1c1f90fea1b893411f5d6a7e46695cb9055d6fa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1777E4E40ACF896F
age: 748667
cf-polished: origSize=66820, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 55741
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Mar 2023 14:20:11 GMT
server: cloudflare
etag: "403a8762b843c8103cc487c97177c0fa"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba73aca9-TXL
x-conv-cache-status: HIT

GET
H3 200 43691.png
quickwin765412.com/dimg/altenar_logo/ 59 KB
59 KB 111ms
108ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43691.png

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1d2dacd71dc7670eb3c2cdb7fd937015a512f58a17ef5d959f7cb28f2b5125

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:45 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 177730B47E837DCD
age: 28331
cf-polished: origSize=71724, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 60538
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Mar 2023 12:20:19 GMT
server: cloudflare
etag: "e87fdc87fd68ca6b7c517d3e39b890d5"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b00fbdba74aca9-TXL
x-conv-cache-status: HIT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 44ms
41ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 575500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:38:05 GMT

GET
H2 200 GetTopEvents Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 93 B
169 B 60ms
59ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80346d8295c2e6aac4183c0bee0b3c356493eaa61da8b7ace46c78b7f2c34ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:29:50 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3
cf-ray: 83b00fdc6b63bbd3-FRA
content-length: 86

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.adsafety.net
URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8102479658319200828

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=8102479658319200828

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
quickwin765412.com/en/api/v2/sport	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/	1970-01-20 21:30:48	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_personalization":"targeting","ad_user_data":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"}}
.adnxs.com/	1970-01-20 19:21:12	Name: uuid2 Value: 2313369764290011469
.reichelcormier.bid/	1970-01-20 19:21:12	Name: ADWUID Value: 65894dd60010386748854171
.aso1.net/	1970-01-21 01:57:12	Name: aso_uid Value: 46e20c483f858147aa83c44a3e4a3d8f30be6708
.quickwin765412.com/	1970-01-21 02:47:36	Name: _ga_EFZEET6PW6 Value: GS1.1.1703496582.1.0.1703496582.0.0.0
.quickwin765412.com/	1970-01-21 02:47:36	Name: _ga Value: GA1.2.374403969.1703496582
.quickwin765412.com/	1970-01-20 17:13:02	Name: _gid Value: GA1.2.1661998465.1703496582
.quickwin765412.com/	1970-01-20 17:11:36	Name: _gat_UA-258885462-1 Value: 1
.adform.net/	1970-01-20 17:56:14	Name: C Value: 1
.adform.net/	1970-01-20 18:38:00	Name: receive-cookie-deprecation Value: 1
quickwin765412.com/	1970-01-21 01:57:12	Name: __adm_tid Value: tid-374417a46.39fcc77db
.adform.net/	1970-01-20 17:13:02	Name: CM Value: 1\|1
.adform.net/	1970-01-20 18:38:00	Name: uid Value: 6424851302511315778
quickwin765412.com/	1970-01-21 01:57:12	Name: __user_id Value: uid-4898070734.7496413350
.rfihub.com/	1970-01-21 02:33:12	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjQzNrcwMzY0NBLiM9R1j8zNMY-PSq5ItDQCAEXJb2wlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjQzNrcwMzY0NBLiM9R1j8zNMY-PSq5ItDQCAEXJb2wlAAAA
quickwin765412.com/	1970-01-20 17:54:48	Name: adformfrpid Value: 3558886116402739059
.tiktok.com/	1970-01-21 02:33:12	Name: _ttp Value: 2a1qlLPuU1qxbIwgE1T9jrXCzOH
.quickwin765412.com/	1970-01-21 01:57:12	Name: _hjSessionUser_3550387 Value: eyJpZCI6ImJiZDE1NGU0LTM4MTItNWEzZi05NDc1LWU0OWVkOTBlNWFhZCIsImNyZWF0ZWQiOjE3MDM0OTY1ODI4MDEsImV4aXN0aW5nIjpmYWxzZX0=
.quickwin765412.com/	1970-01-20 17:11:38	Name: _hjFirstSeen Value: 1
.quickwin765412.com/	1970-01-20 17:11:38	Name: _hjIncludedInSessionSample_3550387 Value: 0
.quickwin765412.com/	1970-01-20 17:11:38	Name: _hjSession_3550387 Value: eyJpZCI6IjI4NmFmOGZkLTVkMmEtNDI3Mi04ZWZmLTQ0N2FiYTA2MTlmYSIsImMiOjE3MDM0OTY1ODI4MDIsInMiOjAsInIiOjAsInNiIjoxfQ==
.quickwin765412.com/	1970-01-20 17:11:38	Name: _hjAbsoluteSessionInProgress Value: 0
.quickwin765412.com/	1970-01-21 01:57:12	Name: blueID Value: c79c007b-034b-4de0-ae11-62a72dd9a029
.seadform.net/	1970-01-20 18:38:00	Name: uid Value: 8102479658319200828
.adform.net/	1970-01-20 17:31:46	Name: CM14 Value: 1703582983_1703496583_1_Hu7u4e4e4R7u4e4REREeEREREQ
widget-mediator.zopim.com/	1970-01-20 17:21:41	Name: AWSALBCORS Value: 45ya4OapqouyWYrJrtHPwpiTGpfpOEQn4K+Dzyk6CN2zd+KjTa45s4vZrJ3Sd07nhzBgle1McWHZ1qM5G7BIkheeJuECzDmh6D+eyLRlU03q2Ek1dt9bVaUuhX47
.casalemedia.com/	1970-01-21 01:57:12	Name: CMID Value: ZYlLhx05UpfQvPCDJdcBsgAA
.casalemedia.com/	1970-01-20 19:21:12	Name: CMPS Value: 2149
.casalemedia.com/	1970-01-20 19:21:12	Name: CMPRO Value: 2149
.demdex.net/	1970-01-20 21:30:48	Name: demdex Value: 43450434927851123953239613345316847490
.media.net/	1970-01-21 01:57:12	Name: visitor-id Value: 3464981839085957000V10
.media.net/	1970-01-21 01:55:46	Name: data-rk Value: 5108559731637863112~~3
.doubleclick.net/	1970-01-21 02:33:12	Name: IDE Value: AHWqTUkCS8mekgSdZF8h6v3XlYpqdAWFppuzAyARC7jceSOrWGlSLdeVMlgCv4Sysiw
.dpm.demdex.net/	1970-01-20 21:30:48	Name: dpm Value: 43450434927851123953239613345316847490
.eskimi.com/	1970-01-20 17:54:48	Name: __eConsent Value: 1
.eskimi.com/	1970-01-20 17:54:48	Name: __eDId Value: 0fb74379-016a-40d8-b0b4-296372ec567c
.eskimi.com/	1970-01-20 17:31:46	Name: __eP Value: 1
.rezync.com/	1970-01-20 21:30:48	Name: zync-uuid Value: 75f5a1dc-bdcf-48df-b682-2a9ec219ada1:1703496583.155189
.getblue.io/	1970-01-21 01:57:12	Name: ckid Value: D14DA49C-5D51-4A4A-807CAF19B751A7CD
.krxd.net/	1970-01-20 21:30:48	Name: _kuid_ Value: P_uOZRl3
my.rtmark.net/	1970-01-21 01:57:12	Name: ID Value: 9a8415d1c7d3425088fd6bcd7331a0ba
.agkn.com/	1970-01-21 01:57:12	Name: ab Value: 0001%3AH4us1IpP4SIbPxe0vykHkm0Xl6ZUZXn7
.everesttech.net/	1970-01-21 01:57:12	Name: everest_g_v2 Value: g_surferid~ZYlLhwAJbqqflgAM
.eyeota.net/	1970-01-20 17:11:37	Name: SERVERID Value: 18286~DM
.adnxs.com/	1970-01-20 19:21:12	Name: anj Value: dTM7k!M40h.v04ghqdmU(5<Om8QBY!]tbn.TOKQ9YfZ8=E'gDcw#YRigRP'gm4ckgm4>m<B)mwiT^mV%x$m?>%ghmBks`V0<@-ULrA2zJF:0F=J8aj^Q7hEqixU?9WBP8yIE2hyI>7aCcOi`?UV5HBtUq9pc*rz=a+F809Vu6a]#BI7y)N[UD!!$)>/Y[Uq
.exelator.com/	1970-01-20 20:04:24	Name: EE Value: "761c19776fd7f54444c6b128ce9b6b97"
.semasio.net/	1970-01-21 01:57:12	Name: SEUNCY Value: 7977354130632A16
.ads.stickyadstv.com/	1970-01-20 18:38:00	Name: uid-bp-617 Value: 8102479658319200828
.ads.stickyadstv.com/	1970-01-20 17:54:48	Name: UID Value: 405fa73d819178b9ffa87f6848af149
.exelator.com/	1970-01-20 20:04:24	Name: ud Value: "eJxrXxzq6XKLQcHczDDZ0NLc3CwtxTzN1AQIks2SDI0sklMtk8ySLM0Xl6UWLVhaWpyaknRoSUVOSU7T6rL4UMd4N0dfT5%252FIZc4ZRfm5qSvAQmGuQYsNjQyW5Bdlpi9ycV1clJLGsKik%252BFTwsQANAIVnKYo%253D"
.adfarm1.adition.com/	1970-01-20 19:21:12	Name: UserID1 Value: 7316462112846837910
.bluekai.com/	1970-01-20 21:35:07	Name: bku Value: aG/99/5niVVczZ/S
.bluekai.com/	1970-01-20 21:35:07	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEQh1e/6BpAtBEQp1EA01e9T1MQe9JtxYeL=
.audrte.com/	1970-01-20 17:33:12	Name: arcki2 Value: 7fg1AXLvDRKRui-0fWU5n9Myg!20220908!1703496583746!ip#80.255.7.107
.audrte.com/	1970-01-20 17:33:12	Name: arcki2_adform Value: 8102479658319200828!20220908!1703496583746
.w55c.net/	1970-01-21 02:43:17	Name: wfivefivec Value: zNiNdVoG1RhHhl5
.weborama.fr/	1970-01-21 02:37:31	Name: AFFICHE_W Value: PHK2MQyZBXQ817
.w55c.net/	1970-01-20 17:54:48	Name: matchadform Value: 5
.quickwin765412.com/	1970-01-21 01:57:12	Name: __zlcmid Value: 1JUmN6HG46UO4Yb
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dSk1iE_xNq3Idcp09S6qdPJxjCzNcVzFKBAVmeOTUe7olVRYmJaT7ujbxGJmbppmmmiYkqyblJKcpmtikZKmm2RmYaRrlGiZmmxkaJmYkmhoZWhuYGxiaWZqYaxnaGpqaGEJAGMP9xlqAAAA
.audrte.com/	1970-01-20 17:33:12	Name: arcki2_ddp2 Value: 7fg1AXLvDRKRui-0fWU5n9Myg!20220908!1703496584188
live.rezync.com/	1970-01-20 21:30:48	Name: sd-session-id Value: .eJwNykEOgyAQAMC_7FkaF1xY-IxBWBKi0kbspca_1-Mkc8H8kWOPTdoJ4Ty-MkDa6qMO4YJef7usEIBwZCLvDFrj2BpEDfcAXXqv7zbX_BxHhSLmpJacipo4F7VY1kpHL0mjjzliQDeayVti80IiZA_3H7JqJl0.ZYlLiA.AS1c1l1k-F2Gvir_tIvpj6LaPO4
.rfihub.com/	1970-01-21 02:33:12	Name: eud Value: H4sIAAAAAAAA_13RIU_DUBAH8LBQICwkJLV8hZLee-_aPtwb1GzDDDUMafvWjaSIkSyA5SNMTlZWVlZOIicrJ_cRUJPrnfwl__vnLnd9B48mfomfVv6bHeH3x-A9Hn3-DMZmuirM5AZCXyodYCSVD5uzkwVKrJkb5j_mA_M_87pHXTJXzDVzw_Pn1G3HElCUzu3rtBgvvswwXS7zYm6eK6cTwVDXDq3YdawwEAfm6oJYbqnFjrll-T1ze0nzv1fUTZ_ut-3T-bUbhJhjAjbzUpvlnops7qVBJDyR6FkmQCc2gYfT0feACJHeuJ0iH1VJjXuX_dalix0B679UpFkCAAA
quickwin765412.com/	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559731637863112 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8102479658319200828 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8102479658319200828/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.1572313 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=75f5a1dc-bdcf-48df-b682-2a9ec219ada1%3A1703496583.155189&_=1703496583.6610672 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=8102479658319200828 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://fonts.googleapis.com/css2?family=%22Gilroy%22:wght@400;500&family=Roboto:wght@300;400;500;700&family=Libre+Barcode+39:wght@400&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://quickwin765412.com/dimg/altenar_logo/43696.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://quickwin765412.com/dimg/altenar_logo/44004.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://quickwin765412.com/dimg/altenar_logo/57223.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20846458p.rfihub.com
a.audrte.com
a.rfihub.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
adjs.media
ads.stickyadstv.com
analytics.tiktok.com
api.adrtx.net
beacon.krxd.net
bpi.rtactivate.com
c1.adform.net
c1.rfihub.net
cdn.cookie-script.com
cm.adsafety.net
cm.g.doubleclick.net
cms.getblue.io
connect.facebook.net
contextual.media.net
d3mi6d1ao3fzsg.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
ekr.zdassets.com
eu-u.openx.net
event.getblue.io
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
live.rezync.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
metrics.getrmads.com
my.rtmark.net
p.rfihub.com
partners.tremorhub.com
pdw-adf.userreport.com
pixel.adfyier.com
pm.w55c.net
ps.eyeota.net
quickwin.com
quickwin.zendesk.com
quickwin765412.com
redirect.frontend.weborama.fr
region1.google-analytics.com
reichelcormier.bid
rtb-csync.smartadserver.com
rtg.prdredir.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sb2auth-altenar2.biahosted.com
sb2bonus-altenar2.biahosted.com
sb2frontend-altenar2.biahosted.com
sb2integration-altenar2.biahosted.com
sb2widgetsstatic-altenar2.biahosted.com
scpt.getrmads.com
script.hotjar.com
scripts.prdredir.com
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
static.hotjar.com
static.zdassets.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
track.adform.net
track.aso1.net
track.wolf22.xyz
uipglob.semasio.net
us-u.openx.net
widget.getblue.io
winner-slots.online
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
cm.adsafety.net
global.ib-ibi.com
104.16.53.111
104.18.70.113
104.18.72.113
13.248.245.213
13.32.27.107
13.32.27.83
138.197.230.29
139.45.195.8
143.204.205.221
151.101.66.49
162.19.138.83
172.64.151.101
178.162.159.92
18.193.186.61
18.198.94.178
18.203.91.219
18.228.178.86
18.229.93.177
18.66.97.53
184.30.17.243
184.30.20.22
185.199.175.191
185.64.191.210
193.0.160.131
198.47.127.205
2.16.1.235
2.16.97.41
2001:4860:4802:32::36
216.58.206.34
2400:52e0:1e00::1081:1
2600:1f18:612b:4264:cd63:6b3d:4f30:16c6
2600:9000:211e:a00:1b:5138:8a40:93a1
2600:9000:214f:8a00:1:76cf:fe80:93a1
2606:4700:10::6816:85a
2606:4700:10::ac43:1ce8
2606:4700:20::681a:672
2606:4700:3032::6815:4d08
2606:4700:3038::6815:ea9b
2607:ae80:4::26
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a02:6ea0:c700::18
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
34.110.191.112
34.120.135.117
34.120.139.69
34.247.112.223
34.247.94.113
35.186.201.99
35.190.24.218
35.244.159.8
35.244.174.68
35.71.131.137
37.157.3.26
37.157.5.73
37.157.6.237
37.157.6.243
37.252.171.21
44.193.120.159
46.19.11.36
52.214.72.66
52.49.2.43
52.57.12.239
52.57.150.20
52.58.128.62
52.58.74.169
52.92.16.184
54.194.101.149
54.78.254.47
65.9.66.43
69.173.144.165
69.192.160.219
77.243.51.121
77.243.51.122
78.47.189.205
85.114.159.93
88.214.195.93
89.149.192.201
94.242.229.244
94.242.230.31
025cf6abb05fc2309b52b049d6761b66fd2f0ad005380ccdf4613612202ad037
02e9d7d9259501d12483e279c6fd405e2bccdd35999d7990c58aa3603ce3f35a
02e9eaa138a48931f160746196b6c14044914c584a180324b2a296ae9fed972d
036582f2a848015ce1307dda67910e24b6f6b3a2c853031bd1d0558ce448c459
05d4ced653380378d6d9033fef8bec46d38adaf31238d183c762366bdbbeb75c
073c099d4311d75bb5dd92d4f7fb539af3f161acbe89bb7e7b0e3e2d445412cf
086f1cceadf3a6d1b743e026baa82a170c1b5b3e19f1d2ce8ccc3de200bec30a
087f7d70567d437a794ecd352dfb06429e7142084476c900fd44a697c71f0990
087fcdc196cde517dd7e8a8e798f88ba505957e33d681ec9259dd22af13f4c60
08a8ef24752517739216448551889da604a883725af877aceb4b01141c86db97
08df647ac6ae9d6db2ed6c7a65250d04f14918a58f8ecab598d98b9e622e417d
0a37fd2b63accd942753709978d237c49cd1372250d1efdfa471ae6d58d7db60
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76
0f242e7f1afd4035ff39b92603ed40a8d7d3fc878bf86c3ec61896a9e0532e28
10280f6a705b52ee8eb4ee70aadf8a352a112ff9caf9266eab9666609e061e81
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
1252aff629065ef907864c2a694343c8d49ba69483d6ee1d734bfb3aaf61a7e5
136daf42e7913ec0cb00e0d0b42ee434c85097250151518e0a5ea22c2ee69ac9
14a2fe57e4f52b39b42dd580cfc3826c6a422ae0a2d2f94af5bd1b979744e2fb
155883ac227c8554ed4bfb278b6f99bfbcd93a3305c28bf7d05e0b3b67ac3166
1887c1b4418ece2ab4e957d3b1c1f90fea1b893411f5d6a7e46695cb9055d6fa
188d84e31d011979a94c28e842f0e08695349c1e7f0a2e621a168bc39f022c35
18e3efc7a45f53d0d553f3ca64dbad85f50eea562865265a2883f82f9d34b935
193561f978c5db1176bd70243ced9ace558b0d6b544124c7624259b605c99fbb
19b6e31d15a5d9ce78536eb6e655410fa363d6cfc06e98ea11a24a3641855355
1a2a6d9c4ca38a7e4047e3f4a4af653a932bf432ae5d7c65e27843b98fda0151
1a4de5d815ab2606f7ebad35a8c167e9f87edffc646e44e9973672bc9c8496be
1a69e4564195fee19c9112e911e3669f444d0bff0e07f2f081a47514b667f7db
1b61f379164930f075993f6b3bb7eb9766adec8be31f7fcedc5d138833f7d3bb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb43e5e70bbd280f2cff81dd2fbdc1c87e3e4cb3cbbb2afd7f5e4a559dc8ec4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e53d876c9ecb2883a9d7ebeb3715ab8ee8ba347b330e730a7859d2b9b37162c
2024178346f942d57c649c7d981f280b3821c05d6b6d9ebfa38464d10550ad6f
20710d5060f2ecaaf5f99778d59b74e023491f5ffa96c952e2d56db4cede2ed2
21d0f88d2d90a6cca64799580591669544ff7d81e4eb1df9d89ebf7bc59a7f88
2233754fdfaada7798be8f96854289b010c426db98f7a7d01e008b4828afa545
253bf135859fd11113deb79262ffb8d9831dc7dbaf46c3470c1b54a7f4372606
28278bd04e7e55be32df39e901249a0ef8dbacd10381b25b66a94688567c6115
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af270819ef7138e262d3b7b08dae6e93875f5b0f1328f1bd98d66f819686563
2b543828b97af78d57453e24bbb18f4068bdbe1110ded8b6a00c76cc01f77385
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eab38026906bdd534b057b203e53d186a30a6d1e439b87485bdc24d5b0e2d8c
2ed465b5e6c3c472c46e04e78143ca909bdd12094604dc79868ca192bd0f852c
2f1aa5842ffa17891be38d946da663a8b05e7c8c43c8e2c647016592997893c2
2f1dd0ff97f0f46ac10e93ab0f1307f699895f944c90016a350735f4562fe994
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30cd4cc982d4edfad6e2c99173c1ce32e2c3b381e4d5a1f126ee3a71566c2170
31b824c9b63a35a3775df3b6db43259eb786f2f6871e2950fb8afc3a83744e67
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e9ca0a9a965ad4da451eca1f42935be45141b420134584831739400c688058
342922b9815914af8a301d4429feba88cdf99af5aa40065a68b170deb3144709
36b658c9e042fd550658e26af78a29a677807fd11f642fe7d78d601402ce7a13
379fb57fa01d94da1f94ca7069a3cc71339b93efeb6061156fa07598132c5849
384e5a56b7bb4a02faf44722bb96cc1c76207e809aa295855d16484ffd633108
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3926eb7b9eee88ede5b574303fda25cd5cb9389ec39ef70baf5a046c38fae87e
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3ae63da45700241400f827429003ec1048254997563a16d4c174de6a32720706
3af3862b6da63e2b5900c8fca35e3686125ac5a80235442066a6ee77a57e35e0
3bb5b7c3b7023f20cf02e5d9bade5c67664df2027d7c09929d3fb8a52d7d50cb
3d70f37d0643d718c68550e8f30873988b9f7df5a856bb9f79fc47e9184184ce
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
3f75e2446874c812c9f47612105104fa5d3d8833dbf077c4daaeeffc3b767403
4290f8735f531628998cf650136b94db9674c7238e65605c0e331e76c28295cd
441c4f94bd62d62ac5a317442cee2f7805f2b743c3492d5490cad7355ad95f3b
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4551780a660e8d9f6c0e16aeda0c7cc9b0296f2aab4e53d0bb336788b6550498
45d90fd26e8cc7c0853639d15bfd9cd080c1080ab25f023419d4b29c8e2780b7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47447f6389b91e28a7fb44bb0d9109ead0764d4fb20e0e205a8c4a1563860999
486c3ad09607caa76fd99d9e460e0f7c2943bf4e889efbe296cf7430e12ba2f3
486d29980f9335e62a392e6e76591543173a8f2a026d3df4080bc09e2b5ee5f5
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
48965fdac12d5f498b3b99c515be39aa125cb31c6708271eab187df5df5edfc3
4a2185312272132d675b3fde9ecde32f0eac7ba575afee1a945fb33e3bbb3832
4af4ede967218ca52aa7c5d766e0af5992160ecc2382d0635db809e01a28ff18
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf582dd3f06c3e5980570e1f97c5467c4ea9077a4d1a526fd109b34e67acfb0
4d8813ea274fb47c71a14bc23a8a2572753ec02c4bd5cf0ca1f191371fa8cc5b
4d8b5f4f08d1c133e211fa18f260d505a82d862c219c25e707d7232989385996
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fcb61bd7ccd26df74d46c0a2c75b9681ba90cf8c19f2dfb15fc0a47bb696561
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
50873012c7b4c1f152711839d081d9b1a297c39fba83a21eb0b983da0867af8d
53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb
544fc1f2d051647b7d43eb10ee57ec39e3f8b537944b9366dc3ab58b1e7811b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
56fcc023815c94252732362c13279f66490c1839e885c5fae65bebbcd62f56a3
577d21a2b26610180a8714a204448387dcb70731de4e198a017527053dd4ec71
5914dfcd9f74f5057511991f76155592bef412eeb803d4860897047610503b61
5a898a9b3ec6a8b54affc4ebc354ed9076a0a3f846abf2c20d514a576bc8cfcc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ac0af5fb98a8b0f07bcf735d561ce64e8cb9e020501fa5b7d5d8f4c773b6a9f
5c6d77b0c54018fe4e0a717e47a8ba92bc3598a5ef0a1f977be6045537cb158a
5d0dbbfa46f6e2ef2d26d258ba555db6677788f35198005b9a9cc66ef98a71b7
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5eb385d033a48d86d5141d6dcd3d54ebfeec39a62c5e25687b342edfb4a6e7a4
5eeed7bffc4bcd87c8d0d0eba7efb375c73c4eeb034c2e887e348859b31e874e
60ff18a2a6e54394d6dc4e1bb368c47850848306d56e177b4a02270db7e80603
61a1dd50d7314fcdd6bd5e06259e75fc8603b42d1991b7b2e7eb3a80875a8d71
62851a5fee23c8238424e61b63ee22fc5c5f28a4ae2b5b7256ebe5cc084cedbb
66fbf319de6eec942f1b42488836f2862b0a3db4131f403fa692a51d930fb3f3
68a14657fb9016673814e7e01810f2d12e51be92f67232f5aa65c63a4dbf08e2
6a19fdbfca0d103d1fd437df3c9affbb48b6c20ac252c4aca856204aa7aa761d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b70e46dfae9a666aff3eb4a1f49cf85838c4e31769f5e511bd870be4ce9dc8e
6bada8511476ba1eec49ed28d1cb9617792cbeb82e46c8c6741a1a237107e293
6bc617ac8e5122153b2daed71181bdf2a735d28a71ac27101f766125f36a8126
6d495de2f7d8af5a0bae5ca9c4891c40b1680046747d3fc927c85eae120d93ec
6e12a1b5de1229a598cc5764d4df956c4e5d185269c091f11f77def8528a1318
7025aae009c4562e6049990255420de5f854ee5b25e2e627c7d47a1cc51d13f1
705757ab484571b93cb8950a54c6f565e689a0223751f36d46df63c589bf6992
70f3083a31279768ce4485d94f7a71a1588232bfd7add408e71ae95a03d80c2a
745c5d683887239e96b5e1818ca24ee736d23f4a95e23c730f1f9a0ab77bed7f
750b6f51f97ede61dc2ae909d30da51c5501056f889c1961df6459681df635dc
7597f783523d4fdb4e0574234bbdd5ea3e19f7f10bc5e5f881e4bf48b2a2c1ef
76b62116376801eb5ddd47252fe3a7b5525cf95e5c056e33fc359675d845e771
76c5ce2a67d045bccdea2726547c294bcc210db23725b8b358e83a5afd953440
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a58eeefc14ed42aff923660643dd42366f06234e697cb4b993e53274d90d8b4
7d8591614eb328a49a0b95739f839cbed7a1c0f5f075914011f384c1cf567fd2
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
80346d8295c2e6aac4183c0bee0b3c356493eaa61da8b7ace46c78b7f2c34ca9
8035763ab5fb9a8c404326596a14a168089d87e84f717258cf96bfc77c5e0178
81569f8b6ab95cfd030493954ccc55b629cf0d29f8627c6904fc3dffa8fa896c
819139ba1036d6cea3e0d6ae29c27254a81b04cfde04b56cd7b9b7edb980e7b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f92e3790df8c048d1425e5973b962d4f0861da99a355802bfdc941a3dccb62
8474a6f4a9416306a41afb581ef666c6c23406210d45455590408e2567014d8a
85b18162bc79c360388c04ee49dae95f63e0195785d194323f60128d66a7494d
85c2a278772fd74d92cb7f5b5e486048490456e49ecd65c14e2df39e7a9d9530
87260ecf581a44a18ca2165015348383b430e6b77ca0b0ec4a9a3b1ebff57160
875f3b18a64e0e96fe9b347eb06ea49f94a7cb2986209acc800d05fae9210dd0
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
8810a5432c47d6ef190d61ff42f61843e1321590ccb1feb54f786f268aa979f1
89c80d2e8672ebd49da0e7669159676c086e0b4d122d5df3b0563465d4808a2d
89f95f5e6eb76319aeac8f44337b4a21ba82d266b60a495658f48ac6b9759b1e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a568ac0428f6d7e4801f330902d4a6e47cc31a58b9afccd687d90aede26aa17
8af864b837e8fb646957e684235bccb6b097dbc41953112cea38d43c4785de99
8bea9b4ffb09fc3c9c5f5dd38e96894ff1c5fa75afc4a9e5bedd640202e7763e
8bff57770500e5694938c47feeaddccb7ccd8d226f23f69d3551bfee94e2e672
8c76aaa9d4eb842dbf166f25fde1ab73cb3035c7347775bebb3b9611e7edee93
8cc96eb83822c2ea850a7be9dea083f1001e53a49a4d8b9c04d7625fb2375862
8d68afa6971b9e5ffae1297175d8681926ca9bad65d389732f31f559952c0155
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd812109c87559552ac89eb7f352a08baae02f5343b43b28d62c871a9e78df8
8e6275dbf3e6c09f7158e3b17cd4256d991c4e825dccd90e2eb11a1db4f2fe47
8fd99ae891271f08519932a03c375a607b662b7ddecf47d45b7d3b9771504b7c
900e0c399099619f153ab1457e02b2311a73f99908b2a3ba35566b1beecfc65e
90438c83bdc3d682d1a6d494328898e6ce1faf37ced4da7191fcc29d4fb22358
904bf79f059c1e22b4b20cb1e86895a89c017c85e48dad545928a6e103d2d8cf
91c1daa193269cc915f63f7a251352fb86a49a5ee99bbcee6e735ad8d7161076
92787ccfb81cc2be5343e18ff09c31e3a2bde375a7ba5a91b28cf862aaec7166
92f383732552d6f8440c1202b484ae36567ff65a360f6f58a1ed1f1f2bf246f6
9358a4627489c95daf14a2f09e04c9b47ade29857bdd5ebb6901f7c955b757e4
936d9f31827f42dab25eb52fd38e687df4d2b8fab254bd05e36806a026cfc2a1
93a377f6c1d2fc313f46d5aae100fd800a40dabb4f5cdf9b2b33604455fedda7
93ce75e5eb31481969ea384e9b1464cdf304eec087ccc4149cd593715921507f
941c4c5d10e5812e7bef2c8b115965eac81d5b6681c825aba74a2edd9c82a7ec
945f22255230aabc25d78408dcd96344d469b91149c5c18e1fad99cc39757ff7
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
9663cff01110ace5123904d2f4f5a656338de9675f09e9ee722ccb124964317e
969fd990bcd980d6754827a283c9c9f447f98958adbf6bd4c0e134440e2fe7e6
9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded
979b86364648e67957ed75c12ec72a584055ec6a8352ad6ceaefe35800e371f3
97b23f1d09ebe1ca5d6fb367ae8fd86f37e74391589bbc5fd58336fc007a4e97
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
983ccb9144855e909faaf3a4ae344c8f8075d023b109163ef50308ac540c0d54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99f48e1f13877f3a2b73bdf8f280632d8d42f4004f83b2417d8192649b501058
9b13bb2a102816f21ae2b3f10a40cfbab4d4c601ddaebf4752a9076c2ff3ceb2
9cc5748832dad5ebe2db912ce4464be4a40376b103c157db67b6d57fd93b0d9c
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bdcd0c8b8b3b686a3d9fd02dc3f5b716f810115bad6d5b284c34923b8b0797
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
a2d886c930b20c15f30e80372395c572095464710452c302063f3e7bfb9bb233
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a4e8174ae3e747763d7ba7362b16e4b5c49c7538727982f7c0a094e9db49f8bd
a4f6ca79d14dad289eb7035d0e81e04571532d249fa80845c38bd1d274a493e9
a4fa92f5ae0317e4ff1f819c2a9d327562b65b62909654f5a6310557e9470937
a65557ac587cbc6aa93a7b4040391d362c8d3a13b70365dc5381d9de03078df6
a685ebb1a291fc1b2ee17a2b9c67815c6ab5e239281e13d2b2caca4591473d85
a805c5457dba39514e74a7ad2b5dbd4c0095c1095d6b7299a82e6afd01196e09
a9464ddcc583f654dfd738be0e287d5e9c3a581600578242140c734ba8023f0c
aa80ce639f14190908ade637a3462b78545e0829ec6b2b0dde3a5c3f965203fd
ac0eb9b299d05c43ce0bb3bccfe28d38c78ab3f8442854f1f28b1e5a64237505
ac48966b26e0ea4ce7309bd715593533840de4f72df6b60ba9b73ce0e9b4b641
ace7e99e54c48ac1e0f32d73656ef409e69139bff003b7aeef76462ee0594dd4
aefbc53a26bcf50b968ec231b9848483e043e5e47518a8fe0d93349f7ed15fa8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09128c9a5b10aa82818d517350a9c8ec712fa6778e8a802927ec7fb93edbb01
b12b5482636f480bdd67bc854e25e176860b3ed7018a01bce897eb304a52a02a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b24077b5d68982367d8c0653653db94c2e03d5ab5b0d8ba373610a661cbbc8
b4fe2b0fff3949427fae83fa1824eacdd5f66b37d59a0831bad99b0ffa5723b8
b7c23cb2475f67db84f2b2bb59c3f8315747b1af584c7e97d1c80fe85653594a
b83989a859495fe6a5eb99a688955c8f5d5e65d72bafe70afc17de0e8809faa3
b8af1a21aaebbabbbe5599ffc3021593ec26006c7691bc4bf4a4c3f5dffa9c53
b98f9b390ff8e9f83e6498d83f18d341557830c12eb80ce035cd8d8fedcd35a4
b9eb98053bf9fc2a5147b4796de61dce179aeb0d0e9b6e49c2bcfc71b529533a
ba129f3fab709dcad8916478c2d18c9cdb1b37ffd1fdc8fd998dc4f3753460c6
ba307dacc6a84e2bd318b61edf8870a455bbe571913133a075fa369928701782
ba5a53d99b4e015e652e675e9dfedc98345a7c2fc7d0c945aa0d8ddb2647efdd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8f0a5a2ac4d52d33bcdd4e13b96572b8114f5851bc763d6af46c2eb1144281
bbffca692cf40b9d0611e20983dadef6e2adf9ce02b398257d0273245c619bbc
bc197118bc5867f8763f59fc8c45da24f7a50fec00064e412041cdcf0255f3a3
bc1d2dacd71dc7670eb3c2cdb7fd937015a512f58a17ef5d959f7cb28f2b5125
bc8894bdb4894c36652d8b265a5cb7f77635ffc48ff5764957a73f602a3c26e0
bcbf3c26722321587d928e6354d7384bc1ada945d5efc687ed84eb46b46c636c
beaacc720264e77de9d27705284a709816ed317c515eae856298675a45ad55f1
bee312a608434a924bf063b224effb547a32f61483741ca6c9817edc5054b2fc
bf08d53d64bd0d01bce2588cb207bb8a4e4676a50fca383612c0f4e977dbf6c1
bf622c70cd52085f8d3672dd27abf0ccdf5600297221514aa41dbaf2a0f6b1d2
c009807b93d04cb58be1e2cdac7934a512c8b3913eefd0d3f9a72563228a02dc
c138f5424629d2a5ca8504b783784078b326a7a8426ce38386e4f4a419047b93
c2ebefe4601d5c0739e24e93436ff97f93e0f5bb3782e0f93cfb48811f18a05d
c34952ec20476833833b0d39326c2a85bd26f1ab04b355187f53eacddbdb7c77
c413164a9b4ed42792a4fe35e0d5787dc48aa26ffc99159ec329b47b665b8269
c42688c6b7c3ede14a89c83ed21e2bee0a9ef6b36efd49e975841250c3ecd63b
c4ef76252b5cfd262593787ebfeb5b35a343aed716268c71dc9e649c52a4358e
c64c1bb9f01e55f12929d8d01690bc3f8736249530cb84fce3038559d29b6f27
c675e6cf81d73d4158f4284a764302c47687ac7f6fb6f4929dee2a8e76809e30
c69330104835be5c6ef333bc402f53092e60164e83f42001901fbb3100f16b97
c8afca9512d3621d70ef92f344d7038b85116758f29d7f8880bca9f4d77f1de2
c944330a83c9d715f57db4d742bf7e6cad58e94143aa5340ce659692f521f685
c97995267e0c2da1ded20bd58c8063750e48c2b107b32411f12b2f10636212b2
c9f262287849334dc8011d608935f66e34b77085857f493e6a4407bda0eba209
cb07c03575d9216bbc7f32e716129101e0dd878a19a0adbc249656f47cf1a3a3
cb91e5a485f9cb8d412446bed3cd1b84c7df47f308d30be5b6399722d6717c53
cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23
cf364725e43f8e13a2ef4fd655ad9455a89921cee588624134f2b6dd660744ed
cf3d3c393d6648a70ff135348b8f09a763b675d6b106e38bd9b5a73c2d6577ae
cf3f64e557664715822118f634f01674945e63c8cec05f7e87831137e630a1fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf597a3f14106e6e9ed69f14b80dca252bd0bc3c5542f03155539d607e8e10a5
d1d3ebdb0a13d47d07c440c8dbd6dcaa96a58ec8ac53446a140497c2013c2567
d2dccb7019dff8b98265aee043f800ba56e6dfc5fa26dcf7ea029dfff8825f36
d3b5cd13a5a87b250858d9e06163cd9291df802f9df9bab4e7a1fb7fcd0df5ec
d44a77af748ee535171bfd04986e6e4c474bb989284e0c828ecb54fe8ceecb70
d6d6a9b90bdd341f52f1c5dd52286c116bd7fbb8af3a325a716ae29b71a376c5
d71c14d66d40edec2cdf95f0d0354a3f7d915413d4503d34f00151ddbc0f4a07
d83979120aea89605f3fef94e0acbdc5724473cbd9084b27bea5ffd899839f79
da506c8a9c8a9f31aa00eaeef23d49764b9ace97158a1a0a7aa628e6d446b0fb
dae82102158a00126d6386338f5729f70962283d5faf3f0d109c5974a0b67629
daff29abcd50ad7f32277c54cb33d14b551e50f9218509508c33ab65443366b9
dbcbdacde7ac192393e1200a9b00c7958bb08dac022092e1424fa47989296c73
dbde216af37a4c3b99b0cf2955a5045ded2d17cfb5e96da4226e986a2e4cf3dd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7cf33a0c90169057203c9191c75cbd31306880fcf33203cf5158b96b0e662e
deb831d7be3c3cf3ece0a36846a16187987a318b8ee6fb304ccf492466fd3dc8
df2b4dfc7e9d7d2f321750c35c586c1a5606f0b65cd7c7a43304249ad8dde209
dfa1caff97f8f5ced70fc7aef1870d091bdf32616748b1b4ba5bdde5f336002f
dfbca6040f3d8352da55124ac60a7f6b2535173a3b47bec0c9323b71a5b775a1
e1597b04801911df295990c65d1932c2cb0cc91a304c8127419bca00f804ae12
e17efc9807190079c37d6cfa06df1a6748750cf956dedc4bfdc257475c72bfa4
e25255eebea642aff44efb043effce8c130965162d70463f34ee8e7408c30508
e297ed4f454d334c906e98fbff8f880b9f9d9bec25755d4cd994c9e104d6fedb
e2a399b035f9774d3ee9bf4ae99dd261a1e5abe94b321c71c61b3edfd84b5b4d
e2bd2875521e41f499f90de3aa5bb55c195f011a8e186dcc72cf608ec8e8485b
e3782d42c013742311733c9d666146bc5ee7b43e484cbb1cad18e403e5f8f7b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f63b66b05fb2dbd61e2be4a961ae7a8b67e82b0fae5dc9de9f18597381666a
e4d053ad19ac0f9a306b470ab5a507d03f53860e7b64157f43ceef9d9f7a1088
e56d883115ac449f6460cbab8cba4dc92efaf906a10d8ffd31471282e695c301
e5d94f01fd8cd981adbedb5fc397328c3506733e5e0ad7c6c4a70d55eea04093
e61057c248057ed8a7e41bff44f79a32e6b9f33bbca7eaa66b6f18ff5bdc4390
e633a579f1df557d2d9e90c93ad222dea5c8e8193c1a085fcbb1f05274ed0197
e81925af97f3e8821604ebaa3cb625012d8eb2bf15edb7d5dc8dce3ac41f9449
e83ee36b99f5b99694fb14962ac5cd6e2d4e5258f1ed66800c9faa9b53431a55
e8595b34323d34103c66171aa6f8a3d75b0be34c70d6c703ad61995e53c97da0
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed60d88e20b7fd9e9fcadf2c31561b829e7d998b19679e45fc290137e426853c
eedbdcd7b8acfbd5ee57f6bbfc862dbd202cccec3884a3503b71b538064cb825
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef68efdb442844721f8f5e8343e6c021dbe640572c7fb84481386dc08ff219db
ef73dba5bbbc5efe6842b89586d4293e25296937b842b8b942fe583c9f2bf3a9
ef7b483c3b575577f683cf3849e3a79a5385b9844b630adcdc31149900606460
f04bd9bbfbeb00e309f51d8d6cc6d990caa9c4cbfd9170f51efd232f6580dcb8
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f0b997a2cf7bfceb289ff0acd6e4799b72af3ce3361b70411e3b53884a6499bc
f1fe21b0bc502937ca6c447ceebdfc4671f21c6be720a112143a486efdacc093
f2714a441b8b3609c365b8570c4e08fc5bac9d6866f842d0029d905b01df398e
f3613c7c5b215ff02db94cdded93b6bdba644f59836e948f075a00ef36cf746e
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f5cb2cf05f6698df24cfd83ae39f05f17c2b46cc3d28faaf99b42393e7b33013
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f7f784c882e926082511adb84468522f5b4ddb936e151b984fefeb30fea62166
f8522b134acc65a6c69fe47dca21cf7cd3ca815b80db6a900c1e1b4b0c091645
f93a7d15f544c8733a8dc610901f65db0a52a4e3c5c9555c274691e2a8262631
f9c9f6c70ddd55d39e67461890729c9e0bf8e426e2e02122b4699f9783dd7c1a
fba567510c78e74f786a08758c04c5ea612bd27ee9c775c5fb4753e57c1df6ab
fd644f4d4edfa6684b7266e28e21a3f4c13fd3bb56109335727870efe69535cc
fef86e3158c682926a1a0bdb1d74d83207c363d0fb125ce12dbd9e37966f56bd
ff9487b95579ab7feea8c869e41d04aa2df85af83eba0f70ac9edf52126c28f6
ff94aac9e2aba6d9fefa11d478cb79b634b658a54f1f93865ce3b6826d2c2da7

quickwin765412.com Open in urlscan Pro 94.242.229.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

373 Requests

92 %HTTPS

26 %IPv6

75 Domains

101 Subdomains

79 IPs

11 Countries

6294 kBTransfer

16347 kBSize

66 Cookies

0 Outgoing links

Redirected requests

373 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

quickwin765412.com Open in urlscan Pro
94.242.229.244 Public Scan

Screenshot
Live screenshot

Full Image

373
Requests

92 %
HTTPS

26 %
IPv6

75
Domains

101
Subdomains

79
IPs

11
Countries

6294 kB
Transfer

16347 kB
Size

66
Cookies

373 HTTP transactions
7 data transactions