quickwin765412.com Open in urlscan Pro
45.8.107.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://quickwin3.com/
Effective URL:
https://quickwin765412.com/
Submission: On November 29 via api (November 29th 2023, 10:59:04 pm UTC) from US — Scanned from DE

Summary HTTP 299 Redirects Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 47 domains to perform 299 HTTP transactions. The main IP is 45.8.107.102, located in Curacao and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is quickwin765412.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2023. Valid for: a year.

This is the only time quickwin765412.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.8.105.60 45.8.105.60	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
149	45.8.107.102 45.8.107.102	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	18.239.47.54 18.239.47.54	16509 (AMAZON-02) (AMAZON-02)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	78.46.117.148 78.46.117.148	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
31	34.120.135.117 34.120.135.117	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	45.8.106.122 45.8.106.122	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.192.39 18.66.192.39	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:772	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	177.71.157.175 177.71.157.175	16509 (AMAZON-02) (AMAZON-02)
2	88.214.195.93 88.214.195.93	46636 (NATCOWEB) (NATCOWEB)
1	2600:9000:20c... 2600:9000:20c3:2e00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	138.197.230.29 138.197.230.29	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
3	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
4	2606:4700:e4:... 2606:4700:e4::ac40:a41a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
15	185.199.175.191 185.199.175.191	43927 (HOSTERION) (HOSTERION)
3 7	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:303... 2606:4700:3038::6815:ea9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4 7	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	18.173.154.87 18.173.154.87	16509 (AMAZON-02) (AMAZON-02)
4	23.38.98.168 23.38.98.168	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 4	99.84.88.128 99.84.88.128	16509 (AMAZON-02) (AMAZON-02)
3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	54.194.27.175 54.194.27.175	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	44.216.205.237 44.216.205.237	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4232:a914:a3b8:84d6:ea13	14618 (AMAZON-AES) (AMAZON-AES)
1	52.213.93.159 52.213.93.159	16509 (AMAZON-02) (AMAZON-02)
1	34.247.45.174 34.247.45.174	16509 (AMAZON-02) (AMAZON-02)
1	18.184.108.41 18.184.108.41	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	177.71.130.23 177.71.130.23	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::ac43:1ce8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	34.110.191.112 34.110.191.112	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:85a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
299	52

2 45.8.105.60 (Curacao) 2 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

quickwin3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

149 45.8.107.102 (Curacao)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

quickwin765412.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.47.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-47-54.ams58.r.cloudfront.net

d3mi6d1ao3fzsg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.117.148 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.117.46.78.clients.your-server.de

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 34.120.135.117 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.135.120.34.bc.googleusercontent.com

sb2widgetsstatic-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.8.106.122 (Curacao) 3 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

quickwin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-39.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:772 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adjs.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 177.71.157.175 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-177-71-157-175.sa-east-1.compute.amazonaws.com

event.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.93 (United Kingdom)

ASN46636 (NATCOWEB, US)

track.wolf22.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:2e00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.230.29 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

pixel.adfyier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a41a (United States)

ASN13335 (CLOUDFLARENET, US)

scpt.getrmads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.getrmads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.199.175.191 (Floreşti, Romania)

ASN43927 (HOSTERION, RO)
PTR: eros.hosterion.net

winner-slots.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea9b (United States)

ASN13335 (CLOUDFLARENET, US)

track.aso1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

quickwin.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.130 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20846458p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-87.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.38.98.168 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-168.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.88.128 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-128.muc50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.27.175 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-27-175.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.216.205.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-205-237.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:a914:a3b8:84d6:ea13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.93.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-93-159.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.45.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-45-174.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.108.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 177.71.130.23 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-177-71-130-23.sa-east-1.compute.amazonaws.com

cms.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:1ce8 (United States)

ASN13335 (CLOUDFLARENET, US)

sb2frontend-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.110.191.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.191.110.34.bc.googleusercontent.com

sb2auth-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sb2bonus-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:85a (United States)

ASN13335 (CLOUDFLARENET, US)

sb2integration-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
149	quickwin765412.com quickwin765412.com	3 MB
43	biahosted.com sb2widgetsstatic-altenar2.biahosted.com — Cisco Umbrella Rank: 342578 sb2frontend-altenar2.biahosted.com — Cisco Umbrella Rank: 148077 sb2auth-altenar2.biahosted.com — Cisco Umbrella Rank: 170869 sb2integration-altenar2.biahosted.com — Cisco Umbrella Rank: 179815 sb2bonus-altenar2.biahosted.com — Cisco Umbrella Rank: 185545	390 KB
15	winner-slots.online winner-slots.online	229 KB
7	rfihub.com 4 redirects 20846458p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 868 a.rfihub.com — Cisco Umbrella Rank: 2969	12 KB
7	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 495 ib.adnxs.com — Cisco Umbrella Rank: 246	5 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2137 ekr.zdassets.com — Cisco Umbrella Rank: 2470	349 KB
6	getblue.io event.getblue.io — Cisco Umbrella Rank: 35608 widget.getblue.io — Cisco Umbrella Rank: 37995 cms.getblue.io — Cisco Umbrella Rank: 59438	7 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	433 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	479 KB
4	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
4	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 1922	3 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	145 KB
4	getrmads.com scpt.getrmads.com — Cisco Umbrella Rank: 350519 metrics.getrmads.com — Cisco Umbrella Rank: 267120	4 KB
4	adform.net s2.adform.net — Cisco Umbrella Rank: 6944 track.adform.net — Cisco Umbrella Rank: 4256 a1.adform.net — Cisco Umbrella Rank: 11083	34 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	35 KB
3	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	149 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	quickwin.com 3 redirects quickwin.com	387 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	620 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11206	2 KB
2	wolf22.xyz track.wolf22.xyz	997 B
2	adjs.media adjs.media — Cisco Umbrella Rank: 180280	2 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 73270 rtg.prdredir.com — Cisco Umbrella Rank: 183880	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	61 KB
2	cloudfront.net d3mi6d1ao3fzsg.cloudfront.net	31 KB
2	quickwin3.com 2 redirects quickwin3.com	464 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31
1	google.de www.google.de — Cisco Umbrella Rank: 6862	455 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 758	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 560	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1279	175 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1652	182 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1570	109 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 691	616 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1148	344 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	264 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 924	225 B
1	zendesk.com quickwin.zendesk.com	1 KB
1	aso1.net track.aso1.net	623 B
1	adfyier.com pixel.adfyier.com — Cisco Umbrella Rank: 123026	651 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5089	6 KB
1	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 26997	75 KB
299	47

	Domain	Requested by
149	quickwin765412.com	quickwin765412.com
31	sb2widgetsstatic-altenar2.biahosted.com	quickwin765412.com sb2widgetsstatic-altenar2.biahosted.com
15	winner-slots.online	quickwin765412.com winner-slots.online
6	www.googletagmanager.com	quickwin765412.com www.googletagmanager.com winner-slots.online
6	static.zdassets.com	quickwin765412.com static.zdassets.com
4	sb2bonus-altenar2.biahosted.com	quickwin765412.com
4	sb2frontend-altenar2.biahosted.com	quickwin765412.com
4	p.rfihub.com	3 redirects quickwin765412.com
4	live.rezync.com	4 redirects
4	analytics.tiktok.com	winner-slots.online analytics.tiktok.com
4	secure.adnxs.com	2 redirects quickwin765412.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	quickwin765412.com www.gstatic.com www.google.com winner-slots.online
3	sb2auth-altenar2.biahosted.com	quickwin765412.com
3	ib.adnxs.com	1 redirects quickwin765412.com event.getblue.io
3	cm.g.doubleclick.net	3 redirects
3	idsync.rlcdn.com	quickwin765412.com
3	event.getblue.io	www.googletagmanager.com event.getblue.io
3	quickwin.com	3 redirects
2	cms.getblue.io	event.getblue.io
2	metrics.getrmads.com	scpt.getrmads.com metrics.getrmads.com
2	sync-tm.everesttech.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects quickwin765412.com
2	dpm.demdex.net	1 redirects quickwin765412.com
2	a.rfihub.com	1 redirects c1.rfihub.net
2	connect.facebook.net	winner-slots.online connect.facebook.net
2	a1.adform.net	s2.adform.net
2	fonts.gstatic.com	www.google.com
2	my.rtmark.net	www.googletagmanager.com quickwin765412.com
2	scpt.getrmads.com	www.googletagmanager.com scpt.getrmads.com
2	track.wolf22.xyz	www.googletagmanager.com quickwin765412.com
2	adjs.media	quickwin765412.com adjs.media
2	www.google-analytics.com	www.googletagmanager.com quickwin765412.com
2	d3mi6d1ao3fzsg.cloudfront.net	quickwin765412.com
2	quickwin3.com	2 redirects
1	fonts.googleapis.com	sb2widgetsstatic-altenar2.biahosted.com
1	sb2integration-altenar2.biahosted.com	quickwin765412.com
1	www.google.de	winner-slots.online
1	www.facebook.com	winner-slots.online
1	widget.getblue.io	event.getblue.io
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	x.bidswitch.net	quickwin765412.com
1	beacon.krxd.net	quickwin765412.com
1	aa.agkn.com	quickwin765412.com
1	partners.tremorhub.com	quickwin765412.com
1	x.dlx.addthis.com	quickwin765412.com
1	bpi.rtactivate.com	quickwin765412.com
1	contextual.media.net	quickwin765412.com
1	ps.eyeota.net	quickwin765412.com
1	us-u.openx.net	quickwin765412.com
1	image2.pubmatic.com	quickwin765412.com
1	rtg.prdredir.com	quickwin765412.com
1	script.hotjar.com	static.hotjar.com
1	20846458p.rfihub.com	c1.rfihub.net
1	quickwin.zendesk.com	static.zdassets.com
1	region1.google-analytics.com	www.googletagmanager.com
1	track.aso1.net	quickwin765412.com
1	track.adform.net	www.googletagmanager.com
1	s2.adform.net	quickwin765412.com
1	pixel.adfyier.com	quickwin765412.com
1	c1.rfihub.net	quickwin765412.com
1	scripts.prdredir.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ekr.zdassets.com	quickwin765412.com
1	cdn.cookie-script.com	quickwin765412.com
299	65

This site contains no links.

Subject Issuer	Validity	Valid
quickwin765412.com Cloudflare Inc ECC CA-3	`2023-03-15` - `2024-03-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sb2widgetsstatic-altenar2.biahosted.com GTS CA 1D4	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
prdredir.com GTS CA 1P5	`2023-11-01` - `2024-01-30`	3 months	crt.sh
adjs.media E1	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.getblue.io Amazon RSA 2048 M02	`2023-10-30` - `2024-11-27`	a year	crt.sh
*.wolf22.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-03-31` - `2024-04-30`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
saleguard.shop Go Daddy Secure Certificate Authority - G2	`2023-06-11` - `2024-06-10`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
getrmads.com GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
winner-slots.online R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
aso1.net GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
quickwin.zendesk.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-08` - `2023-12-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sb2frontend-altenar2.biahosted.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.biahosted.com Go Daddy Secure Certificate Authority - G2	`2023-08-31` - `2024-10-01`	a year	crt.sh
sb2integration-altenar2.biahosted.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://quickwin765412.com/
Frame ID: 50126503559588FF111D13BE91CFDAA2
Requests: 237 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=voijpcx4s2yy
Frame ID: 692B8180B7785B5E7AE94A5B2AE0DFFF
Requests: 7 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Frame ID: FCFB5FA8AE7BCEDD4579ED7247E4295F
Requests: 6 HTTP requests in this frame

Frame: https://winner-slots.online/
Frame ID: 04D43C3A58D93F9856C40B2F79323BBB
Requests: 30 HTTP requests in this frame

Frame: https://20846458p.rfihub.com/ca.html?ver=9&rb=48767&ca=20846458&_o=48767&_t=20846458&pe=https%3A%2F%2Fquickwin765412.com%2Fen%2F&pf=&ra=7391646772872995
Frame ID: 5A1B5C96D9DFD9592FA4C144D4449372
Requests: 18 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&ulc=&v=29092023-1023&nocache=4982757235070.297
Frame ID: 163A0FDA2C13796072AA1FA4B9F3EE95
Requests: 5 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=48767&ca=20846458&ri=de77532d30d359daba4004a311ed3f46&stats=%7B%2213488%22%3A%22810%2C2%22%2C%2217243%22%3A%2247%2C1%22%2C%2242261%22%3A%22121%2C1%22%2C%2250495%22%3A%22505%2C1%22%2C%2252220%22%3A%22127%2C1%22%2C%2253935%22%3A%22197%2C1%22%2C%2254497%22%3A%22258%2C1%22%2C%2254855%22%3A%22120%2C2%22%2C%2254863%22%3A%22505%2C1%22%2C%2255073%22%3A%22127%2C2%22%2C%2256659%22%3A%22196%2C1%22%2C%2256885%22%3A%22196%2C2%22%2C%2257347%22%3A%22246%2C2%22%2C%2257363%22%3A%22534%2C1%22%2C%2258143%22%3A%22121%2C1%22%2C%2258553%22%3A%22531%2C2%22%2C%2258561%22%3A%22505%2C1%22%7D&ra=3108716317016986
Frame ID: 6BE44241FCAAAE315AB950EBD8555C4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Online Casino for Online Betting and Gaming | Quickwin

Page URL History Show full URLs

http://quickwin3.com/ HTTP 301
https://quickwin3.com/ HTTP 307
https://quickwin765412.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

299
Requests

95 %
HTTPS

34 %
IPv6

47
Domains

65
Subdomains

52
IPs

9
Countries

5807 kB
Transfer

15447 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://quickwin3.com/ HTTP 301
https://quickwin3.com/ HTTP 307
https://quickwin765412.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg

Request Chain 83

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg

Request Chain 84

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg

Request Chain 155

https://secure.adnxs.com/seg?add=35276001&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

Request Chain 156

https://secure.adnxs.com/seg?add=35276004&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

Request Chain 207

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329866183740&referrer=https%3A%2F%2Fquickwin765412.com%2Fen%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da46e1f68-45e9-4c49-9d9c-4e71bffc4cff%253A1701298739.1920981%26_%3D1701298739.1942632&cb=1701298739.194288 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329866183740&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da46e1f68-45e9-4c49-9d9c-4e71bffc4cff%253A1701298739.1920981%26_%3D1701298739.1942632 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.1942632

Request Chain 208

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyOTg2NjE4Mzc0MA==&forward= HTTP 302
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyOTg2NjE4Mzc0MA==&forward=&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEL79mIO400G1Jo9sBNUCIZc&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329866183740&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da46e1f68-45e9-4c49-9d9c-4e71bffc4cff%253A1701298739.1920981%26_%3D1701298739.3848317&cb=1701298739.3848689 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329866183740&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da46e1f68-45e9-4c49-9d9c-4e71bffc4cff%253A1701298739.1920981%26_%3D1701298739.3848317 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.3848317

Request Chain 210

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322329866183740&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322329866183740&redir=

Request Chain 213

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5124322329866183740&bid=omt9pi0

Request Chain 216

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322329866183740&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322329866183740&forward=&C=1

Request Chain 223

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZWfCMwADVJj78gBU HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWfCMwADVJj78gBU&_test=ZWfCMwADVJj78gBU

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&google_ula=6572934421&ula=6572934421&google_hm=M0EwRTI5MDMtQzYwNy00RDVBLUI1OTNDMEI4MkJGQkZFNjI&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a HTTP 302
https://cms.getblue.io/cm/?src=adx&child=europe&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&google_gid=CAESEIqZ70MD5FsDzsP0ziZy5uE&google_cver=1&google_ula=6572934421,0

Request Chain 240

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&appnexusid=$UID HTTP 302
https://cms.getblue.io/cm/?src=appnexus&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&appnexusid=7295388309302484529

299 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
quickwin765412.com/
Redirect Chain

http://quickwin3.com/
https://quickwin3.com/
https://quickwin765412.com/

12 KB
5 KB

94ms
62ms

Document
text/html

45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7c9dd475a3dd85b8ee4e4ca9baed4ef4d2020ea8f470b41125798056d590312

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1476
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 82de7554f9551987-FRA
cf-revalidated: Wed Nov 29 2023 22:34:21 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1701297321796
content-encoding: br
content-type: text/html
date: Wed, 29 Nov 2023 22:58:57 GMT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
vary: null, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 82de75547d11922f-FRA
content-length: 0
date: Wed, 29 Nov 2023 22:58:57 GMT
location: https://quickwin765412.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 runtime.4e00ce833f90659ff609.js Show response
quickwin765412.com/ 3 KB
2 KB 43ms
43ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c01bed53e77e53b8740a42ee3e4d32573cb5027549cda7a4f8576bf5b92bd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 395
etag: W/"65671356-c1b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298402573
cf-ray: 82de755569c21987-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:52:22 GMT+0000 (Coordinated Universal Time)

GET
H2 200 polyfills.250fe061a3885860ec19.js Show response
quickwin765412.com/ 56 KB
19 KB 41ms
41ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2dccb7019dff8b98265aee043f800ba56e6dfc5fa26dcf7ea029dfff8825f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 395
etag: W/"65671356-de0d"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298402570
cf-ray: 82de755569c41987-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:52:22 GMT+0000 (Coordinated Universal Time)

GET
H2 200 main.9c48009c4175e88eff14.js Show response
quickwin765412.com/ 3 MB
778 KB 58ms
57ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b212e0e20561dcee89f85761a09d0ac4a823791bcd3051883d81acf16f00d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 395
cf-polished: origSize=3247941
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:52:22 GMT+0000 (Coordinated Universal Time)
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65671356-318f45"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298402568
cf-ray: 82de755569c61987-FRA

GET
H2 200 initial.css
quickwin765412.com/assets/ 2 KB
561 B 18ms
18ms Stylesheet
text/css 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/initial.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c80d2e8672ebd49da0e7669159676c086e0b4d122d5df3b0563465d4808a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1249596
cf-polished: origSize=2151
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 12:34:52 GMT
server: cloudflare
etag: W/"654cd1ec-867"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de755569c71987-FRA
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H2 200 styles.37af42f4c38795de472e.css
quickwin765412.com/ 218 KB
45 KB 46ms
46ms Stylesheet
text/css 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/styles.37af42f4c38795de472e.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9491e42e80522eb4fe221982275a047109c974bbe57fa16efdf912b2b4a88812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 395
cf-polished: origSize=222923
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:52:22 GMT+0000 (Coordinated Universal Time)
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65671356-366cb"
vary: null, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cf-ttl: 1701298402567
cf-ray: 82de755569c81987-FRA

GET
H3 200 dots.png
quickwin765412.com/cdn-static/images/quickwin/pattern/ 244 B
558 B 55ms
54ms Image
image/webp 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/pattern/dots.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193561f978c5db1176bd70243ced9ace558b0d6b544124c7624259b605c99fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
cf-cache-status: HIT
age: 39973
cf-polished: origFmt=png, origSize=531
x-cache-status: MISS
content-disposition: inline; filename="dots.webp"
alt-svc: h3=":443"; ma=86400
content-length: 244
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-213"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1701298797559
accept-ranges: bytes
cf-ray: 82de75557de665ae-FRA
expires: Tue, 12 Dec 2023 01:55:40 GMT

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 preloader.jpg
quickwin765412.com/assets/images/ 328 KB
328 KB 16ms
15ms Image
image/jpeg 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/preloader.jpg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

384e5a56b7bb4a02faf44722bb96cc1c76207e809aa295855d16484ffd633108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1249585
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
content-length: 335634
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 12:34:52 GMT
server: cloudflare
etag: "654cd1ec-51f12"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 82de75558dee65ae-FRA
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H3 200 locales.48fccbdb86ab5def3035.js Show response
quickwin765412.com/ 121 KB
13 KB 46ms
46ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/locales.48fccbdb86ab5def3035.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af4ede967218ca52aa7c5d766e0af5992160ecc2382d0635db809e01a28ff18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-1e3cb"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717209
cf-ray: 82de7556ef1265ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 59ms
26ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52e40ec67ede088f0823d7ade9ac98c58f07895824d88675cdb04b73723d9004

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 22:58:57 GMT

GET
H3 200 translation Show response
quickwin765412.com/en/api/v2/lang/ 94 KB
27 KB 42ms
42ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/lang/translation

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a60e2541dd1fafc192a4f94efd6b1513388bd52565bc46df74ce878ab9610bb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 22
request-id: feapi-e0a8b929-35c3-4512-866e-50a568b01a61
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:58:35 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:58:35 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298775215
cf-ray: 82de75573f6465ae-FRA
x-device-name: iPhone

GET
H3 200 info Show response
quickwin765412.com/en/api/v2/system/ 187 B
386 B 55ms
55ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/system/info

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ff2f7e3209c52e8b554d14d3d1158236f43003972f0fffdf7d9f6a2f06f1039

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-device-type: desktop
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
request-id: feapi-e95859f5-4ebd-4a3e-965c-0db514e6133c
cf-ray: 82de75573f6665ae-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-device-name: Other

GET
H/1.1 200
OK webpush.min.css
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/ 13 KB
14 KB 58ms
14ms Stylesheet
text/css 18.239.47.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.47.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-47-54.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 969fd990bcd980d6754827a283c9c9f447f98958adbf6bd4c0e134440e2fe7e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 00:31:54 GMT
Via: 1.1 852513de831fa3235a0fcf6b4f0116c4.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Jan 2023 08:19:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P3
Age: 80824
x-amz-server-side-encryption: AES256
ETag: "c62351d1242c5274a315d76fd86d80d9"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13528
X-Amz-Cf-Id: IaUx768bwmtxOs0eJqRIzj5WTCsFYiFNn2P_MeL4OztZAOyJiFyQ2A==

GET
H/1.1 200
OK webpush.min.js Show response
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/ 17 KB
17 KB 59ms
15ms Script
application/x-javascript 18.239.47.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.47.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-47-54.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef7b483c3b575577f683cf3849e3a79a5385b9844b630adcdc31149900606460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 16:18:10 GMT
Via: 1.1 8be4072f43c8c13d02688a798ea634a4.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Jan 2023 08:19:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P3
Age: 24048
x-amz-server-side-encryption: AES256
ETag: "e3c1f04a04c330afe06f406c451de0a1"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17209
X-Amz-Cf-Id: M-CKwnkPdFP6NWYNyAEWgpy_hmBToXNrFLivlz52jYVQSAH1ly3Dtg==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 51ms
18ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=78bdcf45-56b4-43b3-a452-beb220803adc

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 44
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FbzPGLhx6NZg7KBdFrCy9etVw%2BO0rYEnyFUIry8EThhyxHdLv%2BLW32o06eCSjWPeaTovtKnoECNHtH8cgUlAvJo%2Bv0exoOyVsc%2FW4DqQ3YSYLmwegEUOcj93JK2m5dZwdRYnt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 82de7557794d9271-FRA

GET
H2 200 36dbf80a223b706873552176b2d9cede.js Show response
cdn.cookie-script.com/s/ 407 KB
75 KB 38ms
10ms Script
application/javascript 78.46.117.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/36dbf80a223b706873552176b2d9cede.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.117.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.117.46.78.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7f6882edf0e792487c920e26c5887e2aa20b1ad13ceeedc3ddf71128c8711646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: gzip
last-modified: Mon, 16 Oct 2023 13:13:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"0c850f1fe66c2465fd88dd265cf69422"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
75 KB 58ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39e39b29a1bd6299b74c9b7f183aaf9374b56905528409f1a3cb40ff7fb0cd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76609
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 22:58:57 GMT

GET
H3 200 3.af2adc34a793a6d19931.js Show response
quickwin765412.com/ 95 KB
19 KB 49ms
48ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/3.af2adc34a793a6d19931.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c202fa47b1e870eda900429ac214c6cc09f83725e4102ddb52bcf54aa8021e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-17d5e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717319
cf-ray: 82de75574f7865ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 6.b1d4df025164d8930be0.js Show response
quickwin765412.com/ 16 KB
5 KB 37ms
37ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/6.b1d4df025164d8930be0.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e503fcfcd5e0554aa8441ca0b65811e2439fa9b4284bb5b531f39686aa1ca25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-3f7d"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717315
cf-ray: 82de75574f7a65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 9.fcced41fe9954d1e8450.js Show response
quickwin765412.com/ 51 KB
11 KB 41ms
41ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/9.fcced41fe9954d1e8450.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55c8dc841d5dc93a53e6a5a23187afda320ae63e3d5db4de3662e2284b718a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-cc36"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717313
cf-ray: 82de75574f7b65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 common.4b29cd82b8770e3dc368.js Show response
quickwin765412.com/ 8 KB
3 KB 42ms
42ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/common.4b29cd82b8770e3dc368.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1da13baaf4400d93f504ebb94e34fb97f801e0e40eadf4d6209f405842fdd9b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-1fd1"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717315
cf-ray: 82de75574f7d65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 18.eb967ac3b59c9afcc1f0.js Show response
quickwin765412.com/ 114 KB
24 KB 55ms
54ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/18.eb967ac3b59c9afcc1f0.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e75d36f1d44883e24a7ef4d7aa4a4a4d8a4f0b6ab24a1976a57a322bb4fbb1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-1c6f4"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717315
cf-ray: 82de75574f7e65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 49ms
15ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quickwin765412.com/
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 12:38:15 GMT

GET
H3 200 Medium.woff
quickwin765412.com/assets/fonts/ 36 KB
36 KB 19ms
19ms Font
application/font-woff 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/Medium.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf622c70cd52085f8d3672dd27abf0ccdf5600297221514aa41dbaf2a0f6b1d2

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 12:34:52 GMT
server: cloudflare
age: 1249550
etag: W/"654cd1ec-90d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de75574f8465ae-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H3 200 sprite.svg
quickwin765412.com/assets/ 126 KB
40 KB 20ms
17ms Other
image/svg+xml 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/assets/sprite.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc97ec41ce596bcb499370c188d8c8a68975d2380edf6afba5c0afb15a968146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 76346
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 13:22:36 GMT
server: cloudflare
etag: W/"655caf1c-1f9b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de75579fbe65ae-FRA
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H3 200 en.svg
quickwin765412.com/cdn-static/vector/flags/ 1 KB
896 B 38ms
35ms Image
image/svg+xml 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/flags/en.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac0eb9b299d05c43ce0bb3bccfe28d38c78ab3f8442854f1f28b1e5a64237505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 80
etag: W/"645e0e31-497"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1701298717939
cf-ray: 82de75579fbf65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
expires: Fri, 08 Dec 2023 17:46:33 GMT

GET
H3 200 de.svg
quickwin765412.com/cdn-static/vector/flags/ 7 KB
3 KB 47ms
42ms Image
image/svg+xml 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/flags/de.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42688c6b7c3ede14a89c83ed21e2bee0a9ef6b36efd49e975841250c3ecd63b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:55 GMT
server: cloudflare
age: 80
etag: W/"645e0e57-1a27"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1701298717961
cf-ray: 82de75579fc265ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
expires: Mon, 11 Dec 2023 22:11:54 GMT

GET
H3 200 BoldItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 22ms
15ms Font
application/font-woff 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/BoldItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b24077b5d68982367d8c0653653db94c2e03d5ab5b0d8ba373610a661cbbc8

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 12:34:52 GMT
server: cloudflare
age: 1249548
etag: W/"654cd1ec-9b98"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de7557afc865ae-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H3 200 BlackItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 26ms
19ms Font
application/font-woff 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/BlackItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d6a9b90bdd341f52f1c5dd52286c116bd7fbb8af3a325a716ae29b71a376c5

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 13:22:36 GMT
server: cloudflare
age: 147932
etag: W/"655caf1c-9b10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de7557afc965ae-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H2 200 78bdcf45-56b4-43b3-a452-beb220803adc Show response
ekr.zdassets.com/compose/ 852 B
1 KB 63ms
22ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/78bdcf45-56b4-43b3-a452-beb220803adc

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720013e319e14da6c8f74bae6f9bb055f939edb6c70304a32078bf90666b27ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 40
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 82545e654a3e4480-SEA, 82545e654a3e4480-SEA
x-runtime: 0.005329
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"720013e319e14da6c8f74bae6f9bb055"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19C%2BnO%2B0dmexBssVPihWJx4VO46rPxLiFnfGIR%2BomvDxJsquTB2N868BPq8DT2NSs2nDRtblXShDF5tmNrVXIUlNdGmysKuKiT68QkxV%2BOi65hEASZrJJ%2BDizF%2B9aZoBZbA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 82de7557dcfa3627-FRA

GET
H3 200 item Show response
quickwin765412.com/en/api/v2/seo/ 775 B
713 B 70ms
68ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/seo/item?id=home

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fbf319de6eec942f1b42488836f2862b0a3db4131f403fa692a51d930fb3f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-789542d8-084d-470a-9521-b1872d8635ee
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717500
cf-ray: 82de7557bfdc65ae-FRA
cache-created: 0
x-device-name: iPhone

GET
H3 200 1.8c61c747483dacb96f67.js Show response
quickwin765412.com/ 35 KB
8 KB 56ms
54ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/1.8c61c747483dacb96f67.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23dc3ba99041076ad77f5aff727105b8d376c98c019e6a69f96d5198705c0694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 264
etag: W/"65671356-8b6c"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298533389
cf-ray: 82de7557bfdd65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:54:33 GMT+0000 (Coordinated Universal Time)

GET
H3 200 21.74ca6a1e70062886f785.js Show response
quickwin765412.com/ 22 KB
6 KB 51ms
49ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/21.74ca6a1e70062886f785.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4efb6dcf5a93b760b2118391fbf8d7514512cdd99314f768674c84dd11c70c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-560b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717457
cf-ray: 82de7557bfdf65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 30.6acd9cc69594870b7697.js Show response
quickwin765412.com/ 34 KB
8 KB 66ms
64ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/30.6acd9cc69594870b7697.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd2d05563ef81e794e229a9ce946f359eb8b506e37b58b3bcedca902b7fd264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-88a1"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717473
cf-ray: 82de7557bfe065ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 26.9de68619d27a52e2730b.js Show response
quickwin765412.com/ 8 KB
3 KB 75ms
72ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/26.9de68619d27a52e2730b.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4353fa34ccc28f20f9d27816842ac9a0be061418d9ea23bb2741290a5608a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-1fe9"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717500
cf-ray: 82de7557bfe165ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 28.9d75bb91096f775b64ce.js Show response
quickwin765412.com/ 32 KB
7 KB 76ms
74ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/28.9d75bb91096f775b64ce.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5c309dc1bc82d4fe3d7053eb352bcf34e286d8181c16245a73620801c041711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-7e21"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717504
cf-ray: 82de7557bfe265ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 29.b42ffe8715a173763246.js Show response
quickwin765412.com/ 12 KB
4 KB 71ms
69ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/29.b42ffe8715a173763246.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6105ede7824e32d160e51746e88a4b2a9a72410371faaeb4938f639be9c53a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-2f6e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717500
cf-ray: 82de7557bfe365ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 5.232197112c1a8ae8a314.js Show response
quickwin765412.com/ 39 KB
9 KB 77ms
74ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/5.232197112c1a8ae8a314.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c77732b2cc82e0ec8fceaa421a89360fb6017eb17aba1629e427c54e0cc5d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-9b78"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717483
cf-ray: 82de7557bfe465ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 8.40568970b0bf8f95cbc1.js Show response
quickwin765412.com/ 22 KB
5 KB 83ms
81ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/8.40568970b0bf8f95cbc1.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf84ebaaa179f5416836ebbc971cd38da24e04640f673bd0302599faf3c39483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-58f9"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717507
cf-ray: 82de7557bfe565ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 17.b7233af606c5c0dcb650.js Show response
quickwin765412.com/ 32 KB
8 KB 73ms
70ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/17.b7233af606c5c0dcb650.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8224d6d05efe683610ac731f06c24e1b3caeec0ffac74e523764754126fe4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-8029"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717503
cf-ray: 82de7557bfe765ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 33.80a5b162fd19ffabf617.js Show response
quickwin765412.com/ 24 KB
7 KB 81ms
78ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/33.80a5b162fd19ffabf617.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: afdce64337939b626486ba0cdbe7fae47de9318d87f96806115fd034a287475d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-60ed"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717465
cf-ray: 82de7557bfe865ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 7.c0110f4820559d9d6d63.js Show response
quickwin765412.com/ 110 KB
22 KB 96ms
93ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/7.c0110f4820559d9d6d63.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 632d1247982ff4ae19a72556b5d377b59ca2f69a7850db54c16378738c9d6e77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-1b656"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717501
cf-ray: 82de7557bfe965ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 19.299bb4f01e3ff95d7c44.js Show response
quickwin765412.com/ 62 KB
16 KB 74ms
72ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/19.299bb4f01e3ff95d7c44.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15913a9b8a65863bbe7f1bbe0be299c06dfd356e5c3ff781a65fc616c5283261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-f62a"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717497
cf-ray: 82de7557bfeb65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 10.8fbee75f6e23747d9ce5.js Show response
quickwin765412.com/ 25 KB
7 KB 59ms
56ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/10.8fbee75f6e23747d9ce5.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b206e531109b2625b13710358dbc560650a4b79f3203d18089da2c747c981d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-63d6"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717513
cf-ray: 82de7557bfec65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 4.ec96e174f401fa74e0ce.js Show response
quickwin765412.com/ 20 KB
6 KB 85ms
82ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/4.ec96e174f401fa74e0ce.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3b5c34ad28ff9a2cf4f5240f4784c42b3eb912e7a0785e3f9a808471d1b3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-4faf"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717501
cf-ray: 82de7557bfed65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 32.4e6a5fe7cb92f84262ec.js Show response
quickwin765412.com/ 24 KB
7 KB 84ms
81ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/32.4e6a5fe7cb92f84262ec.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 487ee1424e1a73cef50aed36485e13de511139b6daac454c815dd4174e0c5156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-61b0"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717518
cf-ray: 82de7557bfee65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 23.6bd251daf01462fc55c3.js Show response
quickwin765412.com/ 10 KB
3 KB 86ms
84ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/23.6bd251daf01462fc55c3.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 990f842be796cd1cd8e9ef44722f29273e8dc47753c9838606d7d4c23b5bbc66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-263e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717509
cf-ray: 82de7557bfef65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 24.4a9b6efdcb797f70b82f.js Show response
quickwin765412.com/ 9 KB
3 KB 89ms
87ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/24.4a9b6efdcb797f70b82f.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49ea94600a30e656eb35d04397b1c4904f86bd1f389cde1bd4b749a8fabd765

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-25b8"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717501
cf-ray: 82de7557bff065ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 16.ca36376391016b436c71.js Show response
quickwin765412.com/ 21 KB
6 KB 100ms
98ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/16.ca36376391016b436c71.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 977dd22b80e2065a8a71e5f313e1063e81dac24d9244da5269fb830fcc3db384

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-5283"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717480
cf-ray: 82de7557bff165ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 34.3d8c2715fa94f3705d4d.js Show response
quickwin765412.com/ 4 KB
2 KB 85ms
83ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/34.3d8c2715fa94f3705d4d.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0962484096772c5f53425bce8ac45925062f481c129babd187c8261c5c5a34fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-f77"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717508
cf-ray: 82de7557bff265ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 31.5bdc9e4d850ea8012b8e.js Show response
quickwin765412.com/ 4 KB
2 KB 93ms
91ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/31.5bdc9e4d850ea8012b8e.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e66ae4df225c09ca8f88cfb59b2a6bfc34b186deda8f35d6548feb72abd28b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-f49"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717469
cf-ray: 82de7557bff365ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 22.b803df2e10ec21a08d38.js Show response
quickwin765412.com/ 75 KB
15 KB 92ms
90ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/22.b803df2e10ec21a08d38.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f127c53f82b4516768e930d903bf5e0522887074052578145e08d2ba409a28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-12b38"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717481
cf-ray: 82de7557bff565ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 25.e7b029c701032f641813.js Show response
quickwin765412.com/ 5 KB
2 KB 103ms
101ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/25.e7b029c701032f641813.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8880cd4a244227071917238cecf976d01c97ade91d9b3f81fca199f25a96d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-1522"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717501
cf-ray: 82de7557bff665ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 27.46bfd0ea32f177cbf6c5.js Show response
quickwin765412.com/ 48 KB
9 KB 88ms
86ms Script
application/javascript 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/27.46bfd0ea32f177cbf6c5.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.4e00ce833f90659ff609.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c7d10ac153c182208e67d590b088f33fe328d8c55b3705c0e32a789a88201ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
cf-bgj: minify
server: cloudflare
age: 80
etag: W/"65671356-c01b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1701298717478
cf-ray: 82de7557bff765ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/holidays/ 27 B
379 B 89ms
89ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/holidays/list

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dd812109c87559552ac89eb7f352a08baae02f5343b43b28d62c871a9e78df8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-56d1e6bc-d742-4913-8265-ee4ddb6eb147
alt-svc: h3=":443"; ma=86400
content-length: 27
x-xss-protection: 1; mode=block
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
accept-ranges: bytes
cf-ray: 82de7557c80265ae-FRA
cf-ttl: 1701298717737
x-device-name: iPhone

GET
H3 200 carbon.png
quickwin765412.com/cdn-static/images/quickwin/pattern/ 408 B
750 B 80ms
80ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/pattern/carbon.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f784c882e926082511adb84468522f5b4ddb936e151b984fefeb30fea62166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
cf-cache-status: HIT
age: 80
cf-polished: origSize=647, status=webp_bigger
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 408
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-287"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1701298717820
accept-ranges: bytes
cf-ray: 82de7557d80c65ae-FRA
expires: Wed, 13 Dec 2023 01:43:51 GMT

GET
DATA 200
OK truncated
/ 501 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f242e7f1afd4035ff39b92603ed40a8d7d3fc878bf86c3ec61896a9e0532e28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 MediumItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 20ms
20ms Font
application/font-woff 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/MediumItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf3d3c393d6648a70ff135348b8f09a763b675d6b106e38bd9b5a73c2d6577ae

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 12:34:52 GMT
server: cloudflare
age: 1249549
etag: W/"654cd1ec-9c2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de7557d80e65ae-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H3 200 Bold.woff
quickwin765412.com/assets/fonts/ 36 KB
36 KB 17ms
17ms Font
application/font-woff 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/Bold.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6d77b0c54018fe4e0a717e47a8ba92bc3598a5ef0a1f977be6045537cb158a

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 12:34:52 GMT
server: cloudflare
age: 1249549
etag: W/"654cd1ec-9048"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de7557d80f65ae-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/collection/ 8 KB
1 KB 82ms
82ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/collection/list

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

084449e5e941ca6a49830058854bda374cf8972d0b43615e9dc199b4a19c455e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-7254127d-bb46-4930-986b-dda35c7e55cd
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717520
cf-ray: 82de7557e81365ae-FRA
cache-created: 2023-11-29T22:50:17.745Z
x-device-name: iPhone

GET
H2 200 altenarWSDK.js Show response
sb2widgetsstatic-altenar2.biahosted.com/ 791 KB
181 KB 92ms
34ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1083fe05f985565d2a2e3f023ec6fd847cbf117ea6bdf66b92765a58bd310bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701172293
age: 0
x-guploader-uploadid: ABPtcPqpAnQNkO6vrADyfZziFdJhb6dlXz0_n6_gML5a968iCxnovYMu8CyXgg_HbYf-rnoCwoHI5FJFMulsJwrXGOV8Mg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184503
last-modified: Tue, 28 Nov 2023 11:51:49 GMT
server: UploadServer
etag: "622352f10d89a41031ee2bb249b771fb"
vary: Accept-Encoding
x-goog-generation: 1701172309119853
x-goog-hash: crc32c=FWQbKQ==, md5=YiNS8Q2JpBAx7iuySbdx+w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 184503
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 22:58:57 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/icon/ 2 KB
805 B 87ms
87ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/icon/list?count=10

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

036582f2a848015ce1307dda67910e24b6f6b3a2c853031bd1d0558ce448c459

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-cd5eae1f-ef47-44be-ad02-00d98eb28294
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717862
cf-ray: 82de7557e81a65ae-FRA
cache-created: 0
x-device-name: iPhone

GET
H3 404 list Show response
quickwin765412.com/en/api/v2/game/ 15 B
342 B 50ms
50ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=top&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-1903b7dd-c1ea-496e-94da-f0e810e0854b
alt-svc: h3=":443"; ma=86400
content-length: 15
x-xss-protection: 1; mode=block
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298667559
cf-ray: 82de7557e82165ae-FRA
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 36 KB
5 KB 57ms
57ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=new&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

222d744950d26148a98ff7f5224d6035868bea8a60fbbe622f8e5358d60f510c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-e6227ad9-28d5-46fa-ad45-fd809c4bcddb
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717583
cf-ray: 82de7557f82565ae-FRA
cache-created: 0
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 45 KB
7 KB 59ms
59ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=top-rated&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e2ea8bf34f58551309e1f6a1618c93e0bf6e08985bb2c1dc5a15473cd5c491d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 79
request-id: feapi-24e02879-f7ef-4982-8a0a-202482769eae
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:38 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:38 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298718139
cf-ray: 82de7557f82865ae-FRA
cache-created: 0
x-device-name: iPhone

GET
H3 200 latest Show response
quickwin765412.com/en/api/v2/jackpot/ 47 B
413 B 49ms
49ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/jackpot/latest?currencyIsoCode=EUR

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84d38e5d224f29fafbb0ecc3475cb94cd7df7a17fe9133139a7677cec420c499

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-2af99d82-3649-4636-97be-d39823d4178e
alt-svc: h3=":443"; ma=86400
content-length: 47
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298667584
accept-ranges: bytes
cf-ray: 82de7557f82c65ae-FRA
cache-created: 0
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 22 KB
5 KB 58ms
57ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=jackpots&count=16

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

15b6dd93f41aa23141815c66f5884969a55aacc22971180a54176c97a811898e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-6b7795f7-d206-4c20-81ad-857ae7a2de68
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717537
cf-ray: 82de7557f82e65ae-FRA
cache-created: 2023-11-29T22:57:35.278Z
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 36 KB
7 KB 58ms
58ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=all-games&count=28

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0397d90e388d4e8fad9aea3a4c7bbce344d2267f409b9b4ccc0832a250c12049

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: desktop
age: 1459
request-id: feapi-7751a2a4-309f-4c16-9839-adb94ae5cdf5
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:34:38 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:34:38 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701297338926
cf-ray: 82de7557f83065ae-FRA
cache-created: 0
x-device-name: Other

GET
H3 200 item Show response
quickwin765412.com/en/api/v2/article/ 9 KB
3 KB 58ms
58ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/article/item?name=home

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c413164a9b4ed42792a4fe35e0d5787dc48aa26ffc99159ec329b47b665b8269

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 79
request-id: feapi-c75df16c-db68-4122-9c73-162c337db14b
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:38 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:38 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298718053
cf-ray: 82de7557f83265ae-FRA
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/promo/ 101 KB
17 KB 61ms
61ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/promo/list?count=100

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dabe48421297f9cf91a0f0d065822b1dbba2c49f19243d0225310af1ba67f32

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 10
request-id: feapi-2bd3fc12-9478-4a83-80c7-22679a47d5d1
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:58:47 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:58:47 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298737762
cf-ray: 82de7557f83365ae-FRA
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 675 B
684 B 62ms
62ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=ferrari_coming_soon&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9ab13cffc9c241f1be1c1ca9be0a1dd02704f88b1cfff10250de5e48d10d44

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-a471c594-1c8d-4169-8dad-a5b8b0475b1e
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717532
cf-ray: 82de7558083665ae-FRA
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 682 B
679 B 70ms
70ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=cars_collection&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-ab7befb2-d4e4-4e1a-a8a2-3815a77d7576
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717558
cf-ray: 82de7558083865ae-FRA
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 603 B
692 B 61ms
61ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=entrance_sporttour&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7025aae009c4562e6049990255420de5f854ee5b25e2e627c7d47a1cc51d13f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-6608bd97-0f55-410f-b168-2df0d6fcbf3b
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717547
cf-ray: 82de7558083965ae-FRA
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 47 KB
10 KB 68ms
68ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=popular&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d452bc11b190c1ec74e5c212a6799ad4b8b5854ff6fb8553d408f82b920246

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-601798df-ffdf-4ed8-891d-0c88cf5e385e
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717566
cf-ray: 82de7558083a65ae-FRA
cache-created: 0
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 682 B
679 B 65ms
65ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=cars_collection&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-ab7befb2-d4e4-4e1a-a8a2-3815a77d7576
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:37 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298717558
cf-ray: 82de7558083c65ae-FRA
x-device-name: iPhone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/icon/ 614 B
614 B 65ms
64ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/icon/list?category=footer_pay&count=3

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b61f379164930f075993f6b3bb7eb9766adec8be31f7fcedc5d138833f7d3bb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 22
request-id: feapi-24f5c0e5-2f50-4450-834c-34dbf8d77253
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:58:35 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:58:35 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298775392
cf-ray: 82de7558184565ae-FRA
cache-created: 2023-11-29T22:52:16.486Z
x-device-name: iPhone

GET
H3 200 ferrari-logo.svg
quickwin765412.com/assets/images/ferrari-campaign/ 6 KB
3 KB 21ms
21ms Image
image/svg+xml 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/ferrari-campaign/ferrari-logo.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

979b86364648e67957ed75c12ec72a584055ec6a8352ad6ceaefe35800e371f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 56874
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Nov 2023 14:01:11 GMT
server: cloudflare
etag: W/"6565f2a7-1626"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de7558184865ae-FRA
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
H3 200 logo.svg
quickwin765412.com/cdn-static/images/quickwin/general/ 6 KB
3 KB 60ms
60ms Image
image/svg+xml 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/logo.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d053ad19ac0f9a306b470ab5a507d03f53860e7b64157f43ceef9d9f7a1088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:50 GMT
server: cloudflare
age: 1448
etag: W/"645e0e52-19bf"
x-cache-status: MISS
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1701297349482
cf-ray: 82de7558184965ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:34:49 GMT+0000 (Coordinated Universal Time)
expires: Wed, 13 Dec 2023 02:01:38 GMT

GET
H3 200 ferrari-text.svg
quickwin765412.com/assets/images/ferrari-campaign/ 4 KB
2 KB 20ms
20ms Image
image/svg+xml 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/ferrari-campaign/ferrari-text.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8afca9512d3621d70ef92f344d7038b85116758f29d7f8880bca9f4d77f1de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 118576
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Nov 2023 14:01:11 GMT
server: cloudflare
etag: W/"6565f2a7-f78"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de7558184b65ae-FRA
expires: Sat, 23 Dec 2023 22:58:57 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e297ed4f454d334c906e98fbff8f880b9f9d9bec25755d4cd994c9e104d6fedb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ticker-bg.png
quickwin765412.com/cdn-static/images/quickwin/general/ 62 KB
62 KB 54ms
54ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/ticker-bg.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936d9f31827f42dab25eb52fd38e687df4d2b8fab254bd05e36806a026cfc2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:57 GMT
cf-cache-status: HIT
age: 79
cf-polished: status=not_needed
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 63445
cf-revalidated: Wed Nov 29 2023 22:57:38 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-f7d5"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1701298718087
accept-ranges: bytes
cf-ray: 82de7558185465ae-FRA
expires: Wed, 13 Dec 2023 02:07:52 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 692B 60 KB
34 KB 37ms
36ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=voijpcx4s2yy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

425a6d0fce3864a8d8f1f959c48706dda680b4038245769a56efba46373fee95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7Vj-pE9MItJZjvtOx9Uiow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7Vj-pE9MItJZjvtOx9Uiow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 22:58:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

paymsystem_visa.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg

4 KB
2 KB

51ms
51ms

Image
image/svg+xml

45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819139ba1036d6cea3e0d6ae29c27254a81b04cfde04b56cd7b9b7edb980e7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:56 GMT
server: cloudflare
age: 257
etag: W/"645e0e58-e94"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1701298541937
cf-ray: 82de7559aa2665ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:54:41 GMT+0000 (Coordinated Universal Time)
expires: Wed, 06 Dec 2023 20:38:28 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
date: Wed, 29 Nov 2023 22:58:58 GMT
server: cloudflare
cf-ray: 82de75590d93bbc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3

200

paymsystem_mastercard.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg

5 KB
2 KB

50ms
50ms

Image
image/svg+xml

45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c76aaa9d4eb842dbf166f25fde1ab73cb3035c7347775bebb3b9611e7edee93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 257
etag: W/"645e0e31-1490"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1701298541935
cf-ray: 82de7559aa2565ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:54:41 GMT+0000 (Coordinated Universal Time)
expires: Mon, 11 Dec 2023 22:41:30 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
date: Wed, 29 Nov 2023 22:58:58 GMT
server: cloudflare
cf-ray: 82de75590d9dbbc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3

200

paymsystem_banktransfer.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg

12 KB
5 KB

50ms
50ms

Image
image/svg+xml

45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025cf6abb05fc2309b52b049d6761b66fd2f0ad005380ccdf4613612202ad037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:56 GMT
server: cloudflare
age: 256
etag: W/"645e0e58-2eec"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1701298542393
cf-ray: 82de7559aa2465ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:54:42 GMT+0000 (Coordinated Universal Time)
expires: Sat, 09 Dec 2023 18:57:03 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
date: Wed, 29 Nov 2023 22:58:58 GMT
server: cloudflare
cf-ray: 82de75590d8bbbc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3 200 sprite.svg
quickwin765412.com/assets/ 126 KB
40 KB 20ms
20ms Other
image/svg+xml 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/assets/sprite.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.9c48009c4175e88eff14.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc97ec41ce596bcb499370c188d8c8a68975d2380edf6afba5c0afb15a968146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 76347
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Nov 2023 13:22:36 GMT
server: cloudflare
etag: W/"655caf1c-1f9b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de7558e91365ae-FRA
expires: Sat, 23 Dec 2023 22:58:58 GMT

GET
H3 200 card-bg-square.png
quickwin765412.com/cdn-static/images/quickwin/gamehall/ 164 B
569 B 58ms
58ms Image
image/webp 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/gamehall/card-bg-square.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf582dd3f06c3e5980570e1f97c5467c4ea9077a4d1a526fd109b34e67acfb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 697500
cf-polished: origFmt=png, origSize=246
x-cache-status: MISS
content-disposition: inline; filename="card-bg-square.webp"
alt-svc: h3=":443"; ma=86400
content-length: 164
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-f6"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1701298798137
accept-ranges: bytes
cf-ray: 82de7559193365ae-FRA
expires: Tue, 05 Dec 2023 14:18:38 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 441c4f94bd62d62ac5a317442cee2f7805f2b743c3492d5490cad7355ad95f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 glare-star.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 1 KB
2 KB 59ms
59ms Image
image/webp 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/glare-star.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf3f64e557664715822118f634f01674945e63c8cec05f7e87831137e630a1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 39718
cf-polished: origFmt=png, origSize=1582
x-cache-status: MISS
content-disposition: inline; filename="glare-star.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1328
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-62e"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1701298798139
accept-ranges: bytes
cf-ray: 82de7559193665ae-FRA
expires: Wed, 13 Dec 2023 01:44:48 GMT

GET
H3 200 center-glow-default.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 3 KB
4 KB 70ms
70ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/center-glow-default.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0dbbfa46f6e2ef2d26d258ba555db6677788f35198005b9a9cc66ef98a71b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 81
cf-polished: origSize=3875, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3433
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-f23"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1701298717825
accept-ranges: bytes
cf-ray: 82de7559193b65ae-FRA
expires: Sun, 10 Dec 2023 15:54:10 GMT

GET
H3 200 glare-side.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 1005 B
1 KB 48ms
48ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/glare-side.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904bf79f059c1e22b4b20cb1e86895a89c017c85e48dad545928a6e103d2d8cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 81
cf-polished: origSize=1347, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1005
cf-revalidated: Wed Nov 29 2023 22:57:37 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-543"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1701298717813
accept-ranges: bytes
cf-ray: 82de7559193e65ae-FRA
expires: Sun, 10 Dec 2023 09:44:48 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7597f783523d4fdb4e0574234bbdd5ea3e19f7f10bc5e5f881e4bf48b2a2c1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5cb2cf05f6698df24cfd83ae39f05f17c2b46cc3d28faaf99b42393e7b33013

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 930 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c97995267e0c2da1ded20bd58c8063750e48c2b107b32411f12b2f10636212b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1699961244343_400x600cashofgodsexclusive.jpg
quickwin765412.com/dimg/game/ 13 KB
14 KB 17ms
16ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699961244343_400x600cashofgodsexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaacc720264e77de9d27705284a709816ed317c515eae856298675a45ad55f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1150510
content-disposition: inline; filename="1699961244343_400x600cashofgodsexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13545
last-modified: Thu, 16 Nov 2023 15:23:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da4665ae-FRA
x-conv-cache-status: HIT
expires: Thu, 16 Nov 2023 14:44:45 GMT

GET
H3 200 1700578300931_400x600bookofpiggybankblackfriday.jpg
quickwin765412.com/dimg/game/ 9 KB
9 KB 18ms
16ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1700578300931_400x600bookofpiggybankblackfriday.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca4f749f47c80bff1e6687dd929821c176015ea52b31a042ef3482e35dab2a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 562623
content-disposition: inline; filename="1700578300931_400x600bookofpiggybankblackfriday.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9028
last-modified: Thu, 23 Nov 2023 10:41:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da4965ae-FRA
x-conv-cache-status: MISS
expires: Thu, 23 Nov 2023 11:41:55 GMT

GET
H3 200 1699258477925_400x600gargantoonzexcl.jpg
quickwin765412.com/dimg/game/ 14 KB
15 KB 21ms
20ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699258477925_400x600gargantoonzexcl.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8038424337aab50cfce5f8385c98fdb475fefdad3725911cdfdf5ef771dde382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1699258477925_400x600gargantoonzexcl.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 14716
last-modified: Wed, 15 Nov 2023 09:17:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da4a65ae-FRA
x-conv-cache-status: HIT
expires: Thu, 09 Nov 2023 10:21:01 GMT

GET
H3 200 1700753297226_400x600crazypachinko.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 18ms
17ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1700753297226_400x600crazypachinko.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01563f74556ee7fef0b4077aa3cf670d09ce6fdc09ff0b921521480a1e3d1e33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 541942
content-disposition: inline; filename="1700753297226_400x600crazypachinko.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13237
last-modified: Thu, 23 Nov 2023 16:24:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da4b65ae-FRA
x-conv-cache-status: MISS
expires: Thu, 23 Nov 2023 17:24:25 GMT

GET
H3 200 1698054513173_400x600sugarspinsexclusive.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 20ms
18ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1698054513173_400x600sugarspinsexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0cd2b43dfffab38aadefdf84a86cff9c74dc945f428aaef6952ec2a30856b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 51298
content-disposition: inline; filename="1698054513173_400x600sugarspinsexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12384
last-modified: Wed, 29 Nov 2023 00:05:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da4c65ae-FRA
x-conv-cache-status: HIT
expires: Thu, 26 Oct 2023 15:19:02 GMT

GET
H3 200 1699371146081_400x600extreasureisland.jpg
quickwin765412.com/dimg/game/ 10 KB
11 KB 25ms
23ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699371146081_400x600extreasureisland.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c2c4208b2042b5d7f3173b4e3fda699d802183f94968e8ea7f7d822be201e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1699371146081_400x600extreasureisland.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10465
last-modified: Wed, 15 Nov 2023 07:17:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da4e65ae-FRA
x-conv-cache-status: HIT
expires: Wed, 08 Nov 2023 13:39:18 GMT

GET
H3 200 1695298123121_400x600luckydwarfsexclusive.jpg
quickwin765412.com/dimg/game/ 15 KB
16 KB 23ms
22ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1695298123121_400x600luckydwarfsexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a399b035f9774d3ee9bf4ae99dd261a1e5abe94b321c71c61b3edfd84b5b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1248942
content-disposition: inline; filename="1695298123121_400x600luckydwarfsexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15838
last-modified: Wed, 15 Nov 2023 11:53:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da4f65ae-FRA
x-conv-cache-status: HIT
expires: Thu, 28 Sep 2023 09:28:37 GMT

GET
H3 200 1672742093087_400x600heartofearthxmas.jpg
quickwin765412.com/dimg/game/ 9 KB
9 KB 20ms
19ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1672742093087_400x600heartofearthxmas.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff55feea2abc752e20a7ca167e2e631fb3f9006f86296bf26173cb53c59024de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 42519
content-disposition: inline; filename="1672742093087_400x600heartofearthxmas.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9324
last-modified: Wed, 29 Nov 2023 10:26:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5065ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:56:08 GMT

GET
H3 200 1701069900318_400x6009bells.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 19ms
17ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701069900318_400x6009bells.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819ddaec6121b41abd6901b31e44161609ee263e740c80459671dfbff2a6bea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 38055
content-disposition: inline; filename="1701069900318_400x6009bells.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11142
last-modified: Wed, 29 Nov 2023 12:23:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5165ae-FRA
x-conv-cache-status: HIT
expires: Wed, 29 Nov 2023 13:22:41 GMT

GET
H3 200 1701093603462_400x600santasinn.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 22ms
20ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701093603462_400x600santasinn.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605c6fe65317c45d05543b53e51500d0a5ece2a57e8f95c508eb32a1a05576f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 63097
content-disposition: inline; filename="1701093603462_400x600santasinn.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13847
last-modified: Wed, 29 Nov 2023 05:04:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5365ae-FRA
x-conv-cache-status: HIT
expires: Tue, 28 Nov 2023 12:37:42 GMT

GET
H3 200 1701069960770_400x600bombingkraken.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 28ms
27ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701069960770_400x600bombingkraken.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186c1d01b129984b1a1946585fd54808628711af61c2f79384af4fd25fef24da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 42519
content-disposition: inline; filename="1701069960770_400x600bombingkraken.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10040
last-modified: Wed, 29 Nov 2023 10:26:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5565ae-FRA
x-conv-cache-status: HIT
expires: Wed, 29 Nov 2023 10:42:19 GMT

GET
H3 200 1701160555235_400x600jasminestreasures.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 22ms
21ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701160555235_400x600jasminestreasures.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b61d9d52aa31cd8585e85b3ee0d196a02aa3b6359591dbd5b7522c501b625a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 42519
content-disposition: inline; filename="1701160555235_400x600jasminestreasures.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9849
last-modified: Wed, 29 Nov 2023 10:26:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5665ae-FRA
x-conv-cache-status: HIT
expires: Wed, 29 Nov 2023 10:42:18 GMT

GET
H3 200 1701160660708_400x600zeusthethundererdeluxe.jpg
quickwin765412.com/dimg/game/ 10 KB
11 KB 23ms
22ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701160660708_400x600zeusthethundererdeluxe.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934f803814b875864de3c0e37448c0ef45567554a6f1bbef14a8807357fc66a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 51298
content-disposition: inline; filename="1701160660708_400x600zeusthethundererdeluxe.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10718
last-modified: Wed, 29 Nov 2023 08:27:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5765ae-FRA
x-conv-cache-status: MISS
expires: Wed, 29 Nov 2023 09:27:26 GMT

GET
H3 200 1701101029512_400x600zeusrising.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 29ms
28ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701101029512_400x600zeusrising.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559a8ce4ea4db9ddc7005be4a20d73ea922d3262d240197317bb5ebb1d57f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 51298
content-disposition: inline; filename="1701101029512_400x600zeusrising.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10105
last-modified: Wed, 29 Nov 2023 08:27:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5865ae-FRA
x-conv-cache-status: MISS
expires: Wed, 29 Nov 2023 09:27:26 GMT

GET
H3 200 1700753297226_360x840crazypachinko.jpg
quickwin765412.com/dimg/game/ 16 KB
17 KB 24ms
23ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1700753297226_360x840crazypachinko.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e402b33cf5a490370ed5540ed239dad717dec6eaed1ac28f65bc1e69c394c8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 540081
content-disposition: inline; filename="1700753297226_360x840crazypachinko.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 16755
last-modified: Thu, 23 Nov 2023 16:24:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5a65ae-FRA
x-conv-cache-status: MISS
expires: Thu, 23 Nov 2023 17:24:25 GMT

GET
H3 200 1699371146081_360840extreasureisland.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 25ms
24ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699371146081_360840extreasureisland.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8af1a21aaebbabbbe5599ffc3021593ec26006c7691bc4bf4a4c3f5dffa9c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1699371146081_360840extreasureisland.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13926
last-modified: Wed, 15 Nov 2023 09:17:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5b65ae-FRA
x-conv-cache-status: HIT
expires: Wed, 08 Nov 2023 13:39:44 GMT

GET
H3 200 1634796608381_360x840pragmaticspeedroulette.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 30ms
29ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1634796608381_360x840pragmaticspeedroulette.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd99ae891271f08519932a03c375a607b662b7ddecf47d45b7d3b9771504b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 50102
content-disposition: inline; filename="1634796608381_360x840pragmaticspeedroulette.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 14016
last-modified: Wed, 29 Nov 2023 08:10:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5c65ae-FRA
x-conv-cache-status: HIT
expires: Wed, 29 Mar 2023 14:24:53 GMT

GET
H3 200 1700808265914_360840megafireblazeluckyballlive.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 30ms
29ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1700808265914_360840megafireblazeluckyballlive.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80bd69d706af5dde1cd67ad64673e0c901c2adf6b6d5e9f0f712e7eaf66f8a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 477738
content-disposition: inline; filename="1700808265914_360840megafireblazeluckyballlive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13158
last-modified: Fri, 24 Nov 2023 08:24:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5e65ae-FRA
x-conv-cache-status: MISS
expires: Fri, 24 Nov 2023 09:24:12 GMT

GET
H3 200 1699863783728_360840reddoorroulette.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 31ms
30ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699863783728_360840reddoorroulette.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1fe21b0bc502937ca6c447ceebdfc4671f21c6be720a112143a486efdacc093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1699863783728_360840reddoorroulette.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13204
last-modified: Wed, 15 Nov 2023 07:24:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da5f65ae-FRA
x-conv-cache-status: HIT
expires: Mon, 13 Nov 2023 11:19:00 GMT

GET
H3 200 1660141033873_360840megafireblazeroulettelive.jpg
quickwin765412.com/dimg/game/ 14 KB
15 KB 32ms
31ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1660141033873_360840megafireblazeroulettelive.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e9eaa138a48931f160746196b6c14044914c584a180324b2a296ae9fed972d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 50102
content-disposition: inline; filename="1660141033873_360840megafireblazeroulettelive.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 14836
last-modified: Wed, 29 Nov 2023 04:47:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da6165ae-FRA
x-conv-cache-status: HIT
expires: Tue, 25 Apr 2023 09:26:48 GMT

GET
H3 200 1683791508670_360840blackjack1.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 32ms
31ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1683791508670_360840blackjack1.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748a39a2a88ada529b17a9e92af1b36f2fd8cc8a5f921cf3af44beaf023f42d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1683791508670_360840blackjack1.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10106
last-modified: Wed, 15 Nov 2023 09:17:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de7559da6265ae-FRA
x-conv-cache-status: HIT
expires: Tue, 27 Jun 2023 16:47:56 GMT

GET
H3 200 banner-arrow.png
quickwin765412.com/cdn-static/images/quickwin/general/ 2 KB
2 KB 48ms
48ms Image
image/webp 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/banner-arrow.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d94f01fd8cd981adbedb5fc397328c3506733e5e0ad7c6c4a70d55eea04093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 160952
cf-polished: origFmt=png, origSize=2551
x-cache-status: MISS
content-disposition: inline; filename="banner-arrow.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2108
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-9f7"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1701298798287
accept-ranges: bytes
cf-ray: 82de755a1aa865ae-FRA
expires: Tue, 12 Dec 2023 00:40:30 GMT

GET
H3 200 posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.gif
quickwin765412.com/dimg/game/ 103 KB
103 KB 19ms
19ms Image
image/webp 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.gif?width=400&height=600
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a568ac0428f6d7e4801f330902d4a6e47cc31a58b9afccd687d90aede26aa17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 698590
cf-polished: origFmt=gif, origSize=126720
content-disposition: inline; filename="posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.webp"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 105352
cf-bgj: imgq:85,h2pri
last-modified: Sat, 18 Nov 2023 17:14:35 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755a3ade65ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 11:57:20 GMT

GET
H3 200 vip-slider-arrow.svg
quickwin765412.com/cdn-static/images/quickwin/vip-page/ 1 KB
957 B 56ms
56ms Image
image/svg+xml 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/vip-page/vip-slider-arrow.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983ccb9144855e909faaf3a4ae344c8f8075d023b109163ef50308ac540c0d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:50 GMT
server: cloudflare
age: 80
etag: W/"645e0e52-480"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1701298718044
cf-ray: 82de755a9b3d65ae-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:38 GMT+0000 (Coordinated Universal Time)
expires: Sun, 10 Dec 2023 07:09:11 GMT

GET
H3 200 1687859479709_400x600777strike.jpg
quickwin765412.com/dimg/game/ 6 KB
7 KB 35ms
35ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1687859479709_400x600777strike.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50a3b2024d2445d44f2740c4d6e20603b1ea2ad907ed87fff9d87aa66c24081a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1687859479709_400x600777strike.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 6649
last-modified: Wed, 15 Nov 2023 07:20:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5165ae-FRA
x-conv-cache-status: HIT
expires: Tue, 27 Jun 2023 12:14:53 GMT

GET
H3 200 1674548734869_400x600pineofplinkodreamdrop.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 18ms
16ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1674548734869_400x600pineofplinkodreamdrop.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90438c83bdc3d682d1a6d494328898e6ce1faf37ced4da7191fcc29d4fb22358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1674548734869_400x600pineofplinkodreamdrop.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7559
last-modified: Wed, 15 Nov 2023 09:17:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5365ae-FRA
x-conv-cache-status: HIT
expires: Tue, 07 Nov 2023 15:32:49 GMT

GET
H3 200 1657199429029_400x600volatilevikings2dreamdrop.jpg
quickwin765412.com/dimg/game/ 9 KB
9 KB 27ms
25ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1657199429029_400x600volatilevikings2dreamdrop.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f902c7cbd34a4e8577ede031c584c339c64f2beb72859e02f4c0d829c5bbae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1657199429029_400x600volatilevikings2dreamdrop.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8969
last-modified: Wed, 15 Nov 2023 09:17:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5465ae-FRA
x-conv-cache-status: HIT
expires: Wed, 02 Aug 2023 03:10:42 GMT

GET
H3 200 1632215547284_400x600dynamiterichesmegaways.jpg
quickwin765412.com/dimg/game/ 7 KB
7 KB 17ms
15ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1632215547284_400x600dynamiterichesmegaways.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2ce0301f0859a587ee52ab6e695a6db0f3863ecb980eba520c866949a834ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 134251
content-disposition: inline; filename="1632215547284_400x600dynamiterichesmegaways.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7080
last-modified: Tue, 28 Nov 2023 09:01:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5565ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:14 GMT

GET
H3 200 1631168035296_400x600starlightprincess.jpg
quickwin765412.com/dimg/game/ 17 KB
17 KB 19ms
18ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1631168035296_400x600starlightprincess.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81569f8b6ab95cfd030493954ccc55b629cf0d29f8627c6904fc3dffa8fa896c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 134250
content-disposition: inline; filename="1631168035296_400x600starlightprincess.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 16912
last-modified: Tue, 28 Nov 2023 09:41:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5765ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:18 GMT

GET
H3 200 1643123968929_400x600gigantoonz.jpg
quickwin765412.com/dimg/game/ 9 KB
10 KB 21ms
19ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1643123968929_400x600gigantoonz.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b658c9e042fd550658e26af78a29a677807fd11f642fe7d78d601402ce7a13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1643123968929_400x600gigantoonz.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9560
last-modified: Wed, 15 Nov 2023 09:17:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5865ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:15 GMT

GET
H3 200 1683099939783_400x600infernodiamonds100.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 21ms
20ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1683099939783_400x600infernodiamonds100.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d8591614eb328a49a0b95739f839cbed7a1c0f5f075914011f384c1cf567fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1683099939783_400x600infernodiamonds100.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 7465
last-modified: Wed, 15 Nov 2023 07:20:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5965ae-FRA
x-conv-cache-status: HIT
expires: Thu, 11 May 2023 08:43:08 GMT

GET
H3 200 1632215547284_400x600dynamiterichesmegaways.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 22ms
21ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1632215547284_400x600dynamiterichesmegaways.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086f1cceadf3a6d1b743e026baa82a170c1b5b3e19f1d2ce8ccc3de200bec30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 134250
content-disposition: inline; filename="1632215547284_400x600dynamiterichesmegaways.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11412
last-modified: Tue, 28 Nov 2023 09:41:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5a65ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:30:33 GMT

GET
H3 200 1682586892225_extra-chilli4.jpeg
quickwin765412.com/dimg/game/ 8 KB
9 KB 23ms
22ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1682586892225_extra-chilli4.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8474a6f4a9416306a41afb581ef666c6c23406210d45455590408e2567014d8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1682586892225_extra-chilli4.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8701
last-modified: Wed, 15 Nov 2023 09:17:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5c65ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:18 GMT

GET
H3 200 1686736321876_400x600itssharktime.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 35ms
34ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1686736321876_400x600itssharktime.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d2c4bb0611542bbdb825ee1cd73764186b7258726e6acf5531f59e476347b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 53021
content-disposition: inline; filename="1686736321876_400x600itssharktime.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11818
last-modified: Wed, 29 Nov 2023 08:03:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5d65ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:18 GMT

GET
H3 200 1695279958890_400x600clashofgods.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 37ms
36ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1695279958890_400x600clashofgods.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cd4cc982d4edfad6e2c99173c1ce32e2c3b381e4d5a1f126ee3a71566c2170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249604
content-disposition: inline; filename="1695279958890_400x600clashofgods.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7980
last-modified: Wed, 15 Nov 2023 09:17:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5e65ae-FRA
x-conv-cache-status: HIT
expires: Thu, 21 Sep 2023 08:59:06 GMT

GET
H3 200 400x600bookofsunchoce2.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 29ms
28ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/400x600bookofsunchoce2.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34952ec20476833833b0d39326c2a85bd26f1ab04b355187f53eacddbdb7c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 52777
content-disposition: inline; filename="400x600bookofsunchoce2.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8203
last-modified: Wed, 29 Nov 2023 08:19:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb5f65ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:30:40 GMT

GET
H3 200 1636101823411_400x600jewelseapirateriches.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 30ms
29ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1636101823411_400x600jewelseapirateriches.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d495de2f7d8af5a0bae5ca9c4891c40b1680046747d3fc927c85eae120d93ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1636101823411_400x600jewelseapirateriches.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10250
last-modified: Wed, 15 Nov 2023 07:20:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb6065ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:17 GMT

GET
H3 200 1663572906507_400x600moneytrain3.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 27ms
27ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1663572906507_400x600moneytrain3.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf364725e43f8e13a2ef4fd655ad9455a89921cee588624134f2b6dd660744ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 52777
content-disposition: inline; filename="1663572906507_400x600moneytrain3.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11619
last-modified: Wed, 29 Nov 2023 08:19:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb6165ae-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:32:27 GMT

GET
H3 200 1646131530692_400x600bigbamboo.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 30ms
30ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1646131530692_400x600bigbamboo.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5a53d99b4e015e652e675e9dfedc98345a7c2fc7d0c945aa0d8ddb2647efdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1646131530692_400x600bigbamboo.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 12306
last-modified: Wed, 15 Nov 2023 09:17:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb6265ae-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:06:29 GMT

GET
H3 200 1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 26ms
26ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb07c03575d9216bbc7f32e716129101e0dd878a19a0adbc249656f47cf1a3a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249604
content-disposition: inline; filename="1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11000
last-modified: Wed, 15 Nov 2023 09:17:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb6365ae-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:36:41 GMT

GET
H3 200 poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.jpg
quickwin765412.com/dimg/game/ 12 KB
13 KB 31ms
30ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e3efc7a45f53d0d553f3ca64dbad85f50eea562865265a2883f82f9d34b935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249604
content-disposition: inline; filename="poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12586
last-modified: Wed, 15 Nov 2023 09:17:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb6465ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:15 GMT

GET
H3 200 poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.jpg
quickwin765412.com/dimg/game/ 9 KB
9 KB 33ms
32ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 379fb57fa01d94da1f94ca7069a3cc71339b93efeb6061156fa07598132c5849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9111
last-modified: Wed, 15 Nov 2023 09:17:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755abb6565ae-FRA
x-conv-cache-status: HIT
expires: Tue, 04 Apr 2023 19:46:51 GMT

GET
H3 200 casino-dashboard-bg-desk.webp
quickwin765412.com/cdn-static/images/quickwin/entrance/dashboard/webp/ 110 KB
110 KB 43ms
43ms Image
image/webp 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/entrance/dashboard/webp/casino-dashboard-bg-desk.webp
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f48e1f13877f3a2b73bdf8f280632d8d42f4004f83b2417d8192649b501058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 560
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 112574
cf-revalidated: Wed Nov 29 2023 22:49:38 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:13 GMT
server: cloudflare
etag: "645e0e2d-1b7be"
vary: null, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 82de755abb6665ae-FRA
cf-ttl: 1701298238645

GET
H3 200 1700555766731_ferraricomingsoon.jpg
quickwin765412.com/dimg/banner/ 21 KB
21 KB 15ms
14ms Image
image/webp 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/banner/1700555766731_ferraricomingsoon.jpg?type=image/avif?extension=avif&width=2000&resize_type=fill&gravity=ce
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f8ae86aa6077529fb9e4898570925eadb01ded1cca624c0c4ba1f02d7c3efd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 118142
cf-polished: qual=85, origFmt=jpeg, origSize=38541
content-disposition: inline; filename="1700555766731_ferraricomingsoon.webp"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 21656
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Nov 2023 14:04:07 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755adb7665ae-FRA
x-conv-cache-status: HIT
expires: Mon, 27 Nov 2023 11:11:34 GMT

GET
H3 200 1678180276898_bgcarscollection.jpg
quickwin765412.com/dimg/banner/ 69 KB
69 KB 17ms
16ms Image
image/webp 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/banner/1678180276898_bgcarscollection.jpg?type=image/avif?extension=avif&width=2000&resize_type=fill&gravity=ce
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aefbc53a26bcf50b968ec231b9848483e043e5e47518a8fe0d93349f7ed15fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 118143
cf-polished: qual=85, origFmt=jpeg, origSize=87452
content-disposition: inline; filename="1678180276898_bgcarscollection.webp"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 70796
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Nov 2023 14:04:07 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755adb7765ae-FRA
x-conv-cache-status: HIT
expires: Mon, 20 Nov 2023 13:41:54 GMT

GET
H3 200 SemiboldItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 22ms
19ms Font
application/font-woff 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/SemiboldItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba129f3fab709dcad8916478c2d18c9cdb1b37ffd1fdc8fd998dc4f3753460c6

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 12:34:52 GMT
server: cloudflare
age: 1247366
etag: W/"654cd1ec-9bd4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 82de755aeb8565ae-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Dec 2023 22:58:58 GMT

GET
H2 200 web-widget-main-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FCFB 923 KB
265 KB 48ms
48ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=78bdcf45-56b4-43b3-a452-beb220803adc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
x-amz-version-id: 4cbhc1.6rLf_h9ym68WJ6KIAscXI23.M
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG7YA8N871VD5J1
age: 1696813
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZySt8kL6ROzjbORLYN+I+W/w/yJpdfSQoR8pczX7IS0KJ4757YvEDq2mRj/feQlz/RRnW6+iyR4=
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: W/"d21ab80a38e205ddac2cf2e5ff41ab5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lml%2BTwt7kTp6SdLaD5EEt7P6VFVl1MsID57oz8dhFdXfWRtcj1mPICF0BrRy6nV%2BLDtia7O0TbQOwPhy4XyX3AxRSqdUJNvnsFcmLzxBImU8gY7E2Wn%2BsX7uKnXrWkwzebMjQ8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82de755b2c7b9271-FRA
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
81 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EFZEET6PW6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78e3ed7c04d057711cab3a307f3cac79cb317dab3b37bc249cbee447f9b68a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 22:58:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 60ms
14ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 21:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4160
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 29 Nov 2023 23:49:38 GMT

GET
H2 200 hotjar-3550387.js Show response
static.hotjar.com/c/ 9 KB
4 KB 66ms
16ms Script
application/javascript 18.66.192.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3550387.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-39.muc50.r.cloudfront.net

Software

Resource Hash

7d643ed788ffa3bec8118971df3b044c037b1876f10eb470ed63d07c16df31fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 22:58:29 GMT
via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 44
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/983fc4488cbcaebf252a3f03bbfc04af
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: AfvP7NHvss2j3hGLLZKGv6Y0znai7aQ_R7O5FxZf9FvpvmyHFNxPug==

GET
H2 200 k_quickwin.js Show response
scripts.prdredir.com/scripts/ 2 KB
1 KB 176ms
126ms Script
text/javascript 2606:4700:20::681a:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_quickwin.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-runtime: 0.015658
date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"448d305ad6e8d6b57c5e4d37afbf26c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0LtqGRudDKOuZDgT%2B7MyHGwlgXbdSco9FKmEA0d7ny29VdLi58Hl1gpLbW3bnPQESYKYimD9VhZArW9VXMGP6fpvzu6ZLmDxl%2B6udUX1lw2HCXCgLtLQaUj%2BeNIUVWb4QK5WCdV6jWyfZFLR%2BIqfmc7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 82de755b9cd53a97-FRA
x-request-id: c5f00715-b054-45b4-8a44-65946dbde0df

GET
H2 200 quickwin.js Show response
adjs.media/resources/content/ 3 KB
2 KB 213ms
135ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/resources/content/quickwin.js

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bdcd0c8b8b3b686a3d9fd02dc3f5b716f810115bad6d5b284c34923b8b0797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 30ef0071-7936-4b97-8170-14775ad5334a
x-runtime: 0.001473
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a0bdcd0c8b8b3b686a3d9fd02dc3f5b7"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsMrSK%2Bjxb8lMKz%2BJpkrTauQvqD6oAsclj%2F%2FUFTnpHf3M%2FFE0db3dHThX0D7ySSlTJDjBHlw7so8MqVFsscNHHBxeWZLAinSrdJEc%2FuBwUi25fFLyGUSnMQckqVhTrYBqB0LF12vavSD"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, private
cf-ray: 82de755bcbe7f178-CDG

GET
H2 200 blue-tag.min.js Show response
event.getblue.io/js/ 9 KB
3 KB 621ms
204ms Script
application/javascript 177.71.157.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/js/blue-tag.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.71.157.175 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-177-71-157-175.sa-east-1.compute.amazonaws.com

Software

Resource Hash

a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Nov 2023 21:33:48 GMT
etag: W/"9113-1701293628644"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK js Show response
track.wolf22.xyz/pixel/ 412 B
737 B 302ms
88ms Script
text/javascript 88.214.195.93
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wolf22.xyz/pixel/js?auth=dg12ck&event=visit
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.93 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 1bb43e5e70bbd280f2cff81dd2fbdc1c87e3e4cb3cbbb2afd7f5e4a559dc8ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 22:58:58 GMT
Server: nginx/1.20.0
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 412
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 93ms
15ms Script
application/x-javascript 2600:9000:20c3:2e00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:2e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:16:42 GMT
content-encoding: br
via: 1.1 39ed76664123c3090231ff0882467152.cloudfront.net (CloudFront)
last-modified: Mon, 27 Nov 2023 08:39:15 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: MUC50-C1
age: 3257
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
x-amz-cf-id: glMjbvoEZG45ih4fQ75FwHRBbBbu3cFrg1rRQEdX2nIsuEPen9hL0g==
expires: Wed, 29 Nov 2023 23:04:41 GMT

GET
H/1.1 200
OK merchant.js Show response
pixel.adfyier.com/ 155 B
651 B 301ms
97ms Script
application/javascript 138.197.230.29
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adfyier.com/merchant.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.230.29 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: 0ea926298c8afe10cdd9a5716ec435ab55172ff19a7affca8e7c982d305a0197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
x-powered-by: Express
surrogate-control: no-store
transfer-encoding: chunked
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate,private
expires: 0

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 127ms
24ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000001bb82daec29e1fab-00646c8ee1-3295a825-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ 73 B
618 B 124ms
25ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 180
expires: -1

GET
H2 200 mt_quickwin.js Show response
scpt.getrmads.com/src/ 3 KB
2 KB 152ms
112ms Script
text/javascript 2606:4700:e4::ac40:a41a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scpt.getrmads.com/src/mt_quickwin.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d70f37d0643d718c68550e8f30873988b9f7df5a856bb9f79fc47e9184184ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPN%2FaUJJTa37fPIgPrOKOsHPYSFhHGYvyW%2BHByEaYsS7b%2FNuG4mzDkxqlW2i82IgXSLLszXBbcXj42xKwPWfZTUrEfok%2FBfqti%2FbVjeM4agw%2BOG9h7iWEOcyWROi3KisC6Ch0fjISQUc7AlNyOOZhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 82de755bf9b065ce-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 58ms
15ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=6dbc1654108520062cc5e1b2cbe1761d0aeee75ec04eecdef0bd17e37b76a87c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1d3ebdb0a13d47d07c440c8dbd6dcaa96a58ec8ac53446a140497c2013c2567

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H2 200 / Show response
winner-slots.online/ Frame 04D4 129 KB
34 KB 156ms
73ms Document
text/html 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed / PHP/8.2.12
Resource Hash: 99c219740a5f4d046b97ba28f4484bf2f26e549d277c06a30f8e8614bdf1af97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 22:58:58 GMT
link: <https://winner-slots.online/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.2.12

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=35276001&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

0
810 B

34ms
34ms

Script
application/javascript

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
an-x-request-uuid: 289c94f3-1079-4f5d-9fdc-3f00d73aae84
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
an-x-request-uuid: 2b8ff6a2-64b2-4374-85c8-2ca32b9df390
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=35276004&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

0
810 B

36ms
36ms

Script
application/javascript

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
an-x-request-uuid: 6446f570-113d-4a5c-8762-c9bf3828543c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
an-x-request-uuid: 295eaafc-c472-4bc3-b319-9b984cdb2e0f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 audience
track.aso1.net/ 0
623 B 100ms
48ms Image
image/gif 2606:4700:3038::6815:ea9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.aso1.net/audience?id=100579&_cb=0.3998611941919126
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGsgNo72uaDv6DD3zbN%2Fbfa6JAtRVD9md%2F4Rz9ny0iLjWrRoMoKxpKYuLpMAkBBowOQXGOoizs%2FG52cxQAOuvdRjG0afNISlinWXGkClT3xzIKSHcRJSPFSrc6ALPG3KCU%2Bg3%2FEnNNudt6Agtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-store, max-age=0
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-ray: 82de755c7b581c80-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 27 May 1979 00:00:00 GMT

GET
H3 200 1700648853659_400x600exfloatingdragonnewyearfestivalultramegawaysholdspin.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 18ms
17ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1700648853659_400x600exfloatingdragonnewyearfestivalultramegawaysholdspin.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e37103e1900e1c4cccd805bcd7603f32aeb0cc4c0c00f90c1649d3d19a303b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 201005
content-disposition: inline; filename="1700648853659_400x600exfloatingdragonnewyearfestivalultramegawaysholdspin.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13978
last-modified: Mon, 27 Nov 2023 12:42:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8bfd65ae-FRA
x-conv-cache-status: MISS
expires: Mon, 27 Nov 2023 13:42:09 GMT

GET
H3 200 1686658054539_400x600detectivefortuneexclusive.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 27ms
25ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1686658054539_400x600detectivefortuneexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0207b9fe11e80771d81e331709c7f673b61a90e2caaffb99baf6eadd02a3b9c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="1686658054539_400x600detectivefortuneexclusive.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9794
last-modified: Tue, 14 Nov 2023 23:39:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0165ae-FRA
x-conv-cache-status: HIT
expires: Wed, 14 Jun 2023 14:28:10 GMT

GET
H3 200 1656574852780_400x600diamondexplosion7s.jpg
quickwin765412.com/dimg/game/ 15 KB
15 KB 28ms
26ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1656574852780_400x600diamondexplosion7s.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75080f509c6770bdc4683cea9e6d62d1f04eb6cc0adb6adb1921dd278292da6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249604
content-disposition: inline; filename="1656574852780_400x600diamondexplosion7s.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15322
last-modified: Wed, 15 Nov 2023 09:17:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0265ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 12:45:57 GMT

GET
H3 200 600900goldenticket2.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 21ms
19ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/600900goldenticket2.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67cdfd20a3de849dd48f0a620543b1327ab81387f35d45caaedebd0cc8e701ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="600900goldenticket2.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11669
last-modified: Wed, 15 Nov 2023 09:17:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0365ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 10:24:34 GMT

GET
H3 200 1671717517341_400x600universelobbyexcl.jpeg
quickwin765412.com/dimg/game/ 8 KB
8 KB 18ms
16ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1671717517341_400x600universelobbyexcl.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdbbea2fda09ca1672c1555c8ce2343ff0b71179502fb3573ff5acad07436764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249604
content-disposition: inline; filename="1671717517341_400x600universelobbyexcl.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8047
last-modified: Wed, 15 Nov 2023 07:24:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0565ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:30:41 GMT

GET
H3 200 1681812114946_400x6003x3holdthespin.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 29ms
27ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1681812114946_400x6003x3holdthespin.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78b1789634c90ea9472b152b85cd2ce42535b642a18e4e708b996fcb2bc2dcdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1248174
content-disposition: inline; filename="1681812114946_400x6003x3holdthespin.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11267
last-modified: Wed, 15 Nov 2023 11:57:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0665ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 11:28:18 GMT

GET
H3 200 1679497459157_400x600exbandidoscash.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 30ms
28ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1679497459157_400x600exbandidoscash.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6f78c7bc296711ef2729169000fbdb45c5086498f30542eb0394893eebfb5ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 153926
content-disposition: inline; filename="1679497459157_400x600exbandidoscash.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12073
last-modified: Tue, 28 Nov 2023 04:13:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0765ae-FRA
x-conv-cache-status: HIT
expires: Tue, 04 Apr 2023 11:26:54 GMT

GET
H3 200 1665382463141_400x600greenchilli.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 33ms
32ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1665382463141_400x600greenchilli.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2478c41d2aa77c7181398ec3c1d72d6ec80f8c6df4852a4a6abb35faa68f2c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249604
content-disposition: inline; filename="1665382463141_400x600greenchilli.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 13300
last-modified: Wed, 15 Nov 2023 09:17:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0865ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:30:32 GMT

GET
H3 200 400x600bookofdeadicon.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 29ms
27ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/400x600bookofdeadicon.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3356249f7e2b9ecda8a7db96fd92e241af176be9a2a9cef5b480a23642b886bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249605
content-disposition: inline; filename="400x600bookofdeadicon.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11572
last-modified: Wed, 15 Nov 2023 09:17:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0965ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 12:32:19 GMT

GET
H3 200 1691474816943_400x600queenoftheforestnightwhispers.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 20ms
19ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1691474816943_400x600queenoftheforestnightwhispers.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14450c1b53b095fce89251190f5cb78552a0809d49424979ac39499040cb1b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1144210
content-disposition: inline; filename="1691474816943_400x600queenoftheforestnightwhispers.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12005
last-modified: Thu, 16 Nov 2023 17:08:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0a65ae-FRA
x-conv-cache-status: HIT
expires: Thu, 10 Aug 2023 08:35:59 GMT

GET
H3 200 1655448621311_400x600sugarrush.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 30ms
29ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1655448621311_400x600sugarrush.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a36cdf7b782e9fbaf7eb9f36cdb4cc83bd7bb1537d13598b0475fea21e1c13e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 1249604
content-disposition: inline; filename="1655448621311_400x600sugarrush.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11000
last-modified: Wed, 15 Nov 2023 09:17:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0b65ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:17:04 GMT

GET
H3 200 1680171010039_400x600wildhot40blow.jpg
quickwin765412.com/dimg/game/ 9 KB
9 KB 33ms
32ms Image
image/avif 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1680171010039_400x600wildhot40blow.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42dc583493813c688c2ccfc9635f1c4a5af91424b8fe0a57ccc7b68fa04b1400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
cf-cache-status: HIT
age: 549332
content-disposition: inline; filename="1680171010039_400x600wildhot40blow.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9240
last-modified: Thu, 23 Nov 2023 08:01:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 82de755b8c0c65ae-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:15 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 692B 55 KB
24 KB 50ms
15ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=voijpcx4s2yy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:43:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 692B 468 KB
188 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 12:38:15 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/cover/ Frame 04D4 18 KB
2 KB 36ms
35ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/cover/style.min.css?ver=6.4.1
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: fba567510c78e74f786a08758c04c5ea612bd27ee9c775c5fb4753e57c1df6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1470
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/image/ Frame 04D4 7 KB
1 KB 39ms
38ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/image/style.min.css?ver=6.4.1
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1441
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/navigation/ Frame 04D4 16 KB
2 KB 40ms
39ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/navigation/style.min.css?ver=6.4.1
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2061
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/social-links/ Frame 04D4 10 KB
1 KB 41ms
41ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/social-links/style.min.css?ver=6.4.1
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1402
expires: Wed, 06 Dec 2023 22:58:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 47ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EFZEET6PW6&gtm=45je3b81v9103640448z89103625674&_p=1701298737801&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=843749504.1701298739&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701298738&sct=1&seg=0&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&dt=New%20Online%20Casino%20for%20Online%20Betting%20and%20Gaming%20%7C%20Quickwin&en=page_view&_fv=1&_nsi=1&_ss=1&up.UserID=Not%20Login&tfd=1353
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFZEET6PW6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quickwin765412.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame FCFB 25 KB
6 KB 17ms
17ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
x-amz-version-id: I_EA8shgdUVnTYVtPsngXZhS4fZlnaal
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: XMH8WHSS3SHAKJMK
age: 77331
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 30QD48lw+Xk4Za/KTs3qUzuf+pyeSSso8S0TOdNcnw7ByTmU4mh5Pd0VGfA/Y4mrlADYzA+RWgM=
last-modified: Mon, 06 Nov 2023 00:49:02 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP627CXkX49SirH5C40%2FEM%2FemLUG5tnfGWuKvHy7Fnln0keHq3HfHWiuFWCHdON%2BwdDPqOQQIDvJ78NsHkOZFGzv4C9AezpMRS14MyaYWJIcw5F0pub1Ojx%2FpEuBv6BIsNXHPS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82de755ced329271-FRA
expires: Tue, 05 Nov 2024 00:49:01 GMT

GET
H2 200 config Show response
quickwin.zendesk.com/embeddable/ Frame FCFB 508 B
1 KB 67ms
22ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7533f175597319c9b2fb5e9f28d99d30080307a887b50a837707c88234310f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 60
x-zendesk-origin-server: embeddable-app-server-8694cc55d4-454vn
x-cached: STALE
x-request-id: 82de612aaf5262fb-HAM
x-runtime: 0.001854
last-modified: Wed, 29 Nov 2023 22:57:58 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpfnQC%2B98QUI9dsHarE1k1CTc2uE%2BZ5xnBsPhz0tXe6jyAnjqO66pNL6MGJBwEDukjn7v4hWScQLk0yXs8qEbBeSU0cJ0h07x93guQcrDwVLZyG0jdYtfpBEzwQ2SusH%2Bsy2y1M0"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 82de755d3f04047a-FRA

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 692B 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options: nosniff
age: 183270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:04:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 692B 15 KB
15 KB 54ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 417655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 692B 15 KB
16 KB 50ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:52:48 GMT
x-content-type-options: nosniff
age: 446770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:52:48 GMT

GET
H/1.1 200
OK ca.html Show response
20846458p.rfihub.com/ Frame 5A1B 5 KB
6 KB 178ms
21ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20846458p.rfihub.com/ca.html?ver=9&rb=48767&ca=20846458&_o=48767&_t=20846458&pe=https%3A%2F%2Fquickwin765412.com%2Fen%2F&pf=&ra=7391646772872995
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: d676d55fe122e2842ec0a95808d5d9d224dfee35d006a49a142234b049bfdc27

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4921
Content-Type: text/html;charset=utf-8
Date: Wed, 29 Nov 2023 22:58:58 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
BLOB 200
OK 2beefcfd-af11-4a8d-a362-d49aa69f3ea7
https://winner-slots.online/ Frame 04D4 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://winner-slots.online/2beefcfd-af11-4a8d-a362-d49aa69f3ea7
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 style.css
winner-slots.online/wp-content/themes/bizboost/ Frame 04D4 209 KB
29 KB 36ms
36ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/style.css?ver=1696847757
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 3f75e2446874c812c9f47612105104fa5d3d8833dbf077c4daaeeffc3b767403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29239
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 04D4 274 KB
91 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NFB7D7V

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae7c16ecb8e3d6f4fa8815a304c49b31057e0a060400bf3ebc7684250fb59d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 22:58:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 04D4 194 KB
71 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11417590120

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3990e368f90ae8967526642b26f53ba57c46076ab6c161da45909aa3a08ea979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72311
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 22:58:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 04D4 274 KB
91 KB 30ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-635V5K5BSV

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64c094ca32a215e99fe2759098fd52e48512d9fbacb0ec6d2ee951956d8d11fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92896
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 22:58:58 GMT

GET
H2 200 video-featured.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 04D4 30 KB
30 KB 36ms
36ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/video-featured.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: d83979120aea89605f3fef94e0acbdc5724473cbd9084b27bea5ffd899839f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31159
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H2 200 hero-content.png
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 04D4 49 KB
49 KB 70ms
70ms Image
image/png 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/hero-content.png
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: c009807b93d04cb58be1e2cdac7934a512c8b3913eefd0d3f9a72563228a02dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 50151
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H2 200 featured-content-1.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 04D4 25 KB
25 KB 36ms
36ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-1.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 33e9ca0a9a965ad4da451eca1f42935be45141b420134584831739400c688058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26063
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H2 200 featured-content-2.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 04D4 29 KB
29 KB 37ms
37ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-2.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 486c3ad09607caa76fd99d9e460e0f7c2943bf4e889efbe296cf7430e12ba2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:32 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30043
expires: Wed, 06 Dec 2023 21:01:32 GMT

GET
H2 200 featured-content-3.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 04D4 15 KB
15 KB 36ms
36ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-3.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 8af864b837e8fb646957e684235bccb6b097dbc41953112cea38d43c4785de99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15783
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H2 200 promotional-contact.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame 04D4 5 KB
5 KB 38ms
35ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/promotional-contact.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: df2b4dfc7e9d7d2f321750c35c586c1a5606f0b65cd7c7a43304249ad8dde209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4692
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H2 200 custom.js Show response
winner-slots.online/wp-content/themes/bizboost/assets/js/ Frame 04D4 5 KB
1 KB 37ms
36ms Script
application/javascript 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/js/custom.js?ver=1696847757
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: cb91e5a485f9cb8d412446bed3cd1b84c7df47f308d30be5b6399722d6717c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1195
expires: Wed, 06 Dec 2023 22:58:58 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 692B 102 B
135 B 22ms
22ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=voijpcx4s2yy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 22:58:58 GMT

GET
H2 200 modules.28e3191d8757c557b4b7.js Show response
script.hotjar.com/ 227 KB
57 KB 61ms
17ms Script
application/javascript 18.173.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3550387.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-87.muc50.r.cloudfront.net

Software

Resource Hash

77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 550672
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57395
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "1ab24a53e715dcb189ab626bacc0e88b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: BAxapfhLtCaY-R1UYKUxLDZGQarfbGJ9p3WYIpnvOAdDKsq5gG7YAQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 20ms
20ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=89964621&t=pageview&_s=1&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&ul=en-us&de=UTF-8&dt=New%20Online%20Casino%20for%20Online%20Betting%20and%20Gaming%20%7C%20Quickwin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1765415761&gjid=1043676836&cid=843749504.1701298739&tid=UA-258885462-1&_gid=1078406235.1701298739&_r=1&_slc=1&gtm=45He3b81n81PV2Q5X5v9103625674&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1220517678

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quickwin765412.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 730 B
992 B 75ms
25ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?pm=2796857&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=509972382509&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d433d17de4e6361e02ae7d1c4fc02416a05abab905c9cda5c296f6ffa3af8496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 477
expires: -1

GET
H2 200 sync
rtg.prdredir.com/ 43 B
656 B 133ms
123ms Image
image/gif 2606:4700:20::681a:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fquickwin765412.com%2Fen%2F&sh=1200&sw=1600&date=1701298738826&fp=uid-5375629881.9279228330

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:772 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="pixel.gif"
x-xss-protection: 1; mode=block
x-request-id: 82c7c43b-4226-4530-b526-a2b4f5126ef7
x-runtime: 0.002279
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6xgWJJi%2B26uph1Rn%2B9JUpAWkDbOOYGI9UnMQD7OzB9U%2BcG2tEpqGyd4eMpqERLxw5a7ZrNoFGEIkRLruPO5d6vMMR8mJDPa%2BPFIKPiC4M5J5ae92X2voi9rGZQGFRds7bCsxVyiRP57bHgpNv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 82de755dbe883a97-FRA

GET
H2 200 quickwin.gif Show response
adjs.media/hit/ 0
330 B 133ms
132ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/hit/quickwin.gif?date=1701298738854&page=https%3A%2F%2Fquickwin765412.com%2Fen%2F&ref=&tid=tid-2bd1708e8.4126c73b4

Requested by

Host: adjs.media
URL: https://adjs.media/resources/content/quickwin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 69fc38ab-a0c7-48a0-9703-dd0b07c113da
x-runtime: 0.002931
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJjvC0gXGmyoIRmHmCvYGnCMkXR3h9WPtHeRRIyhrdCmiXEZXw244JIUtx8DvcnHxp95GqTBRE9yF5Wuiq%2BFIqNYfcrp91nI4rmRXZlYOsr%2FlQI%2BjHtfi%2B0X1Ds88754rTmupDSd10%2Fg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 82de755ded61f178-CDG

GET
H2 200 web-widget-chat-sdk-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FCFB 202 KB
51 KB 19ms
19ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:58 GMT
x-amz-version-id: o7xvdt2jCIx0Amjxg6egfD1YDavsv5SR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGAHHY8W9D8PRQ9
age: 1811879
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Ad9v/8JLxvkhVxv6lGIgKq+X+Yu/pujiWIV9tvuMWaAhnzcHDXExlB1L5zBSuH5dZA74xm8wuLxUr39uMsMNYg==
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyUd3Ebmf4kxiaV36ZNjgbQmETvCFPu4y0%2BPcsfR8CrQWLI%2F8uA%2FtildVJEJml345V27OnU2ZjvHewlCXlqJSbIyFww8j4S%2BQ7mxhU6qITBJawR6DKe%2FRgbgD%2BS80Z2qTdABzvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82de755ded979271-FRA
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 04D4 4 KB
2 KB 171ms
128ms Script
application/javascript 23.38.98.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK8KFRRC77UACAV1FU60&lib=ttq
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.168 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c1267435ec936c4fd6bfbff2f4b2070885d3e86504845498bf1e8cfa1395cccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 15efbde0.f06e4ea
date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-232.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 106,23.38.99.232
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=6, inner; dur=3
content-length: 1278
pragma: no-cache
server: nginx
x-tt-logid: 202311292258592544CB431EA374858E03
x-cache-remote: TCP_MISS from a23-220-104-219.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.219
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c2d7dc47d69cc1285d74d5c88a29c3136eb16f46ebb14d0b507afd3f09754dbd55c4b7da818090c823e10a940f094dd9bf4b25bba9426350fb7a791eee5e9259c082825388c40be2028bb25dd7ef0d6e83ee1a8b46b14c7b522aef3e149c90ed5
expires: Wed, 29 Nov 2023 22:58:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 04D4 202 KB
54 KB 33ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 29 Nov 2023 22:58:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ZrHg672PLvOpwXvWECP/8jz7cYccn32P44N/A72Q00KD3Lsfbv+pDcFdzkr3BkdtOM4Vk8EFOyqJhJWY/uGL9w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 206 video-featured.mp4
winner-slots.online/wp-content/themes/bizboost/assets/video/ Frame 04D4 496 KB
0 35ms
34ms Media
video/mp4 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/video/video-featured.mp4
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://winner-slots.online/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-7262571/7262572
date: Wed, 29 Nov 2023 22:58:58 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
Content-Length: 7262572
content-type: video/mp4

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 04D4 194 KB
71 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11417590120&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NFB7D7V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

024a62c4aa4779c0b103289a98c0812389411b7c580b98dd0993efa632e56544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72342
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 22:58:59 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 116 B
719 B 29ms
28ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2796857&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=509972382509&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=3937115828136715500

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a4f6ca79d14dad289eb7035d0e81e04571532d249fa80845c38bd1d274a493e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 189
expires: -1

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame 5A1B
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329866183740&referrer=https%3A%2F%2Fquickwin765412.com%2Fen%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da46e1f68-45e9-4c49-9d9c-4e71bff...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329866183740&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da46e1f68-45e9-4c49-9d...
https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.1942632

0
42 B

19ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.1942632
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 29 Nov 2023 22:58:59 GMT
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: MUC50-C1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.1942632
content-length: 447
x-amz-cf-id: m7qMaQ7XYfHuxcrU26hWIpzqPx7ligK4-FVsqWf3Q_V7u0mjeQEIYw==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 5A1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyOTg2NjE4Mzc0MA==&forward=
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyOTg2NjE4Mzc0MA==&forward=&google_tc=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEL79mIO400G1Jo9sBNUCIZc&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329866183740&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da46e1f68-45e9-4c49-9d9c-4e71bff...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329866183740&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da46e1f68-45e9-4c49-9d...
https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.3848317

0
9 B

21ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.3848317
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 29 Nov 2023 22:58:59 GMT
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: MUC50-C1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.3848317
content-length: 447
x-amz-cf-id: HLj4__cFunGSKjYS98klYSYrey7BgRHle4ELltR8UGLcdLDx0vp8pQ==

GET
H2 200 setuid
ib.adnxs.com/ Frame 5A1B 43 B
830 B 15ms
14ms Image
image/gif 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5124322329866183740

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
an-x-request-uuid: 443f7806-5238-4b2f-810b-c1a506ccb801
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 5A1B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322329866183740&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322329866183740&redir=

42 B
715 B

35ms
33ms

Image
image/gif

54.194.27.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322329866183740&redir=

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

54.194.27.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-27-175.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0603339eb.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: wc8xB0eZTpk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-034c53ac2.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: gHo6nAmdRCQ=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322329866183740&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 5A1B 0
225 B 69ms
13ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5124322329866183740&r=
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 22:58:57 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 5A1B 43 B
264 B 74ms
19ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5124322329866183740&r=
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 5A1B
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5124322329866183740&bid=omt9pi0

0
344 B

54ms
8ms

Image
text/plain

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5124322329866183740&bid=omt9pi0
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 22:58:59 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5124322329866183740&bid=omt9pi0
Date: Wed, 29 Nov 2023 22:58:59 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 5A1B 53 B
616 B 81ms
51ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5124322329866183740

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 22:58:59 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 22:58:59 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 5A1B 43 B
109 B 413ms
152ms Image
image/gif 44.216.205.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5124322329866183740
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.205.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-205-237.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5A1B
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322329866183740&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322329866183740&forward=&C=1

43 B
343 B

40ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322329866183740&forward=&C=1
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jH%2FJ6O0O4JUJGMH%2B4ahybUETafAKTuOC9LzR0BNZZXWEGc%2FRBM4DCFryN5WOsT%2FdLzSHRv%2FJHz11K3RaKP0YZyo6U5y5O2uxRB1KPUJoe4pNnZg%2B9rmDVGG4gGr0ofug3uDw8TsEp7owXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82de755f7cf35c92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4iLU7tZvYYD8O0s3a2nshBGC2HmPUfF7AGlfC0TV2%2BfsU6HHX8bPlWuWUhQTiSH5seEYJuJGcAe7MD7%2BvQXN3VwmxI1tKglMWULpiu%2BJGGXet5%2FaQf%2Fh9nQuRm5wiKzamkjkWRW0j6yTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5124322329866183740&forward=&C=1
cache-control: no-cache
cf-ray: 82de755f4cd35c92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 5A1B 0
98 B 84ms
29ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322329866183740
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 5A1B 43 B
182 B 218ms
161ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5124322329866183740

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 29 Nov 2023 22:58:59 GMT
pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 5A1B 43 B
175 B 348ms
100ms Image
image/gif 2600:1f18:612b:4232:a914:a3b8:84d6:ea13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5124322329866183740&r=m1RCUKreJjMc
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:a914:a3b8:84d6:ea13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 29 Nov 2023 22:58:59 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 5A1B 43 B
377 B 135ms
33ms Image
image/gif 52.213.93.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5124322329866183740
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.93.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-93-159.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 5A1B 0
338 B 108ms
29ms Image
text/plain 34.247.45.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5124322329866183740
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.45.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-45-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: beacon-n013-dub-prod.krxd.net
date: Wed, 29 Nov 2023 22:58:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1701298739
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame 5A1B 43 B
146 B 75ms
9ms Image
image/gif 18.184.108.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322329866183740&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.108.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 5A1B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZWfCMwADVJj78gBU
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWfCMwADVJj78gBU&_test=ZWfCMwADVJj78gBU

42 B
1 KB

17ms
15ms

Image
image/gif

193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWfCMwADVJj78gBU&_test=ZWfCMwADVJj78gBU
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 29 Nov 2023 22:58:59 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701298740.512534,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWfCMwADVJj78gBU&_test=ZWfCMwADVJj78gBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 wp-emoji-release.min.js Show response
winner-slots.online/wp-includes/js/ Frame 04D4 18 KB
5 KB 115ms
115ms Script
application/javascript 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 04:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Wed, 06 Dec 2023 22:58:59 GMT

GET
H2 200 2039699393095584 Show response
connect.facebook.net/signals/config/ Frame 04D4 133 KB
35 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2039699393095584?v=2.9.138&r=stable&domain=winner-slots.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6bc617ac8e5122153b2daed71181bdf2a735d28a71ac27101f766125f36a8126

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 29 Nov 2023 22:58:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35377
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ynlxzz6YqiucTcZ+9YGpAGGBvVlUo6m922XWmPNMKTUk7R64eJbA4eli6ygAroQkSR+BsbmzhkAIeFeg0tqn2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pixel
track.wolf22.xyz/ 0
260 B 90ms
90ms Image
text/plain 88.214.195.93
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.wolf22.xyz/pixel?auth=dg12ck&event=visit&site=quickwin765412.com&ln=en-US
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.93 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 22:58:59 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Server: nginx/1.20.0
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mt_quickwin Show response
scpt.getrmads.com/t/ 0
317 B 128ms
128ms Script
text/plain 2606:4700:e4::ac40:a41a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scpt.getrmads.com/t/mt_quickwin?ts=1701298739147&sh=1200&sw=1600&ref=&lp=https%3A%2F%2Fquickwin765412.com%2Fen%2F&fp=348660cdf.2807d49ef.411555097
Requested by: Host: scpt.getrmads.com
URL: https://scpt.getrmads.com/src/mt_quickwin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3Vg8QnWUhggld09MqgCbIx5UC1iv%2F1LhkVkrs2%2Fm7TOmW8luW9PzuF%2Burgc1e2VDRTdQct8Fhw6SNda7iOFD5o8dhk0yzb2548WIZIQMqFWI9vadr6wTPVqE9vX2U9PPHPZfNkAHl%2BpR7sx2MLDtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 82de755fbc5d65ce-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
metrics.getrmads.com/tag/ 4 KB
2 KB 130ms
120ms Script
text/javascript 2606:4700:e4::ac40:a41a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Requested by: Host: scpt.getrmads.com
URL: https://scpt.getrmads.com/src/mt_quickwin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70f3083a31279768ce4485d94f7a71a1588232bfd7add408e71ae95a03d80c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBIGfmGLsIow6dEcX2yNKAPJZ503BuCv0ySooanJBeuhluMBO%2FoFBUHiJKIktB9Tl7mt7MZeJvVNxxw6%2FNiFALRyxFJjqOVSmahI70qQ%2BtmAl%2FX6mP2g3A5EOQQVMusEP%2F8duueTKS9TBtk24yBy%2FMIwig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 82de755fbc6a65ce-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11417590120/ Frame 04D4 3 KB
2 KB 70ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11417590120/?random=1701298739153&cv=11&fst=1701298739153&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&top=https%3A%2F%2Fquickwin765412.com&hn=www.googleadservices.com&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&did=dZTNiMT&gdid=dZTNiMT&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11417590120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac3382404be8a8d34920acbf877d3bd521b96d1b379af6a62201de4ff3d5974f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
event.getblue.io/p/ Frame 163A 1 KB
869 B 258ms
258ms Document
text/html 177.71.157.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&ulc=&v=29092023-1023&nocache=4982757235070.297
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.71.157.175 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-177-71-157-175.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: af2ae945bb9555183cf0cee9c4cbc656844d58eb5122b0d9c49ae7dc64cade61

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 29 Nov 2023 22:58:59 GMT
tagcontainer-version: 1201-09112023-2349
vary: Accept-Encoding

GET
H2 200 / Show response
widget.getblue.io/event/ 13 B
92 B 216ms
206ms Script
text/javascript 177.71.157.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getblue.io/event/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&ulc=&v=29092023-1023&if=0&nocache=4440829365649.018
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.71.157.175 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-177-71-157-175.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
content-length: 13
content-type: text/javascript;charset=UTF-8

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 04D4 397 KB
106 KB 11ms
11ms Script
application/javascript 23.38.98.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK8KFRRC77UACAV1FU60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.168 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: f06e5c3
date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110908160571F20DD725D6D5E85739
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-232.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0103315da6c27dd362da812a1eb79feae3359d2333effc5b339ea88edd4bfe2ea1dca9090801dc445a0a067b4c501b4eda66a973722b10539acf937d57e67cc264d1627bbf7b6e6d8343b6f695c217e6ce59454f3204a1e908842af8ff2f72fc16
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 108339

GET
H2 200 /
www.facebook.com/tr/ Frame 04D4 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2039699393095584&ev=PageView&dl=https%3A%2F%2Fwinner-slots.online%2F&rl=&if=true&ts=1701298739225&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=empty&it=1701298739140&coo=false&rqm=GET

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Nov 2023 22:58:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/11417590120/ Frame 04D4 42 B
64 B 25ms
25ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11417590120/?random=1701298739153&cv=11&fst=1701295200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN_qwMZp-r63B1z8X5IcKPzfplvYycoIWwzgt6KaO2eHwEh3cR&random=2785428008&rmt_tld=0&ipr=y

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11417590120/ Frame 04D4 42 B
455 B 59ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11417590120/?random=1701298739153&cv=11&fst=1701295200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN_qwMZp-r63B1z8X5IcKPzfplvYycoIWwzgt6KaO2eHwEh3cR&random=2785428008&rmt_tld=1&ipr=y

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 04D4 135 KB
36 KB 26ms
26ms Script
application/javascript 23.38.98.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.168 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: f06e609
date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110908160671F20DD725D6D5E85752
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-232.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0103315da6c27dd362da812a1eb79feae3359d2333effc5b339ea88edd4bfe2ea1dca9090801dc445a0a067b4c501b4eda9c0c2790865c760652654f263858873ab53ae67bf259a25ed006599a3415db4b1f602c39aef61563042b39e2f5868ee4
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 36232

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 04D4 0
791 B 138ms
138ms Ping
text/plain 23.38.98.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.168 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winner-slots.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 507a31df.f06e616
date: Wed, 29 Nov 2023 22:58:59 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-232.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 120,23.38.99.232
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=34, inner; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311292258591EA38B52985527ADA969
x-cache-remote: TCP_MISS from a23-220-104-211.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.220.104.211
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c2d7dc47d69cc1285d74d5c88a29c3136d42ad9e2d062c07a32822f1e25128cc5492f2315fd177bfbef6f76f8aa0c632f6d4d662e8fe532b401717297bb007b03487873ca97f539310e819ac0ad251b487aac775a6fd4a95ff35768eded267f5d
access-control-allow-headers: Authorization,*
expires: Wed, 29 Nov 2023 22:58:59 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame 163A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&google_ula=6572934421&ula=65729344...
https://cms.getblue.io/cm/?src=adx&child=europe&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&google_gi...

2 B
99 B

635ms
204ms

Image
application/json

177.71.130.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&google_gid=CAESEIqZ70MD5FsDzsP0ziZy5uE&google_cver=1&google_ula=6572934421,0
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&ulc=&v=29092023-1023&nocache=4982757235070.297
Protocol: H2
Server: 177.71.130.23 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-177-71-130-23.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:00 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&google_gid=CAESEIqZ70MD5FsDzsP0ziZy5uE&google_cver=1&google_ula=6572934421,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 493
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame 163A 43 B
882 B 14ms
13ms Image
image/gif 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=449&code=3A0E2903-C607-4D5A-B593C0B82BFBFE62

Requested by

Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&ulc=&v=29092023-1023&nocache=4982757235070.297

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
an-x-request-uuid: 13a2a487-6591-4eb3-8fd3-aa59a79af817
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame 163A
Redirect Chain

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&appn...
https://cms.getblue.io/cm/?src=appnexus&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&appnexusid=7295388309302484529

2 B
100 B

590ms
202ms

Image
application/json

177.71.130.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=appnexus&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&appnexusid=7295388309302484529
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&ulc=&v=29092023-1023&nocache=4982757235070.297
Protocol: H2
Server: 177.71.130.23 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-177-71-130-23.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:00 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
an-x-request-uuid: 4c264c3d-3c95-489f-9efd-e4c93e96a827
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cms.getblue.io/cm/?src=appnexus&ckid=3A0E2903-C607-4D5A-B593C0B82BFBFE62&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=d63e055a-d622-470d-ad9f-bbebf24f6c6a&appnexusid=7295388309302484529
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 audience-pixel.min.js Show response
event.getblue.io/r/ Frame 163A 5 KB
3 KB 208ms
208ms Script
application/javascript 177.71.157.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/r/audience-pixel.min.js?nocache=1090

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.71.157.175 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-177-71-157-175.sa-east-1.compute.amazonaws.com

Software

Resource Hash

53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Nov 2023 20:32:12 GMT
etag: W/"5608-1701289932813"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 web-widget-chat-incoming-message-notification-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FCFB 236 B
649 B 16ms
16ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
x-amz-version-id: rT8m_K3LhMtAQDCRs.j5_bAXeWIPQepL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: TNT99ZPW14DKR3S0
age: 1613848
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: PAYiUNENTTH0majCpr8vd63fchQ57pePYwSKQtjrr4rGQG0eCIXiyQNC5eYdhXA0Tze9Fl7TM6DqkmCVhM1TVA==
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yLBMQSK%2BmVjj0Ga7GuP2%2BOb9Ug2lwG6osZgslWE6kQ7RYfXI%2F8MTQ2SfrP6X2X2idXRRH5XRCOEzdsTa7v5I96jjSlSIce2njRASSMkV8V%2BpGcRM2b%2FIFsIij3QwZd24lHzEbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82de75622f9f9271-FRA
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H3 200 wmetrics Show response
metrics.getrmads.com/ 0
515 B 138ms
138ms Script
text/javascript 2606:4700:e4::ac40:a41a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.getrmads.com/wmetrics?rtid=REH-1691446272083886&lg=en-us&sr=1600x1200&fr=0&dr=&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: metrics.getrmads.com
URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 22:58:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGlhU%2FEwaZBqdAvnt2%2FFsf9BGLlN3GuaaLWFmhgE0m5s4Ngoj3fkCXI%2BSZA3ZnU6zxP5YCCGaFtO6%2Fw7qdF4Jz0YYzTrkz1Jj3VVLXDF01jpfn9mgmEtnyjv7cmMLhyivqBtJK1CRB9lnaFm2tkmK6PvPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 82de75628b2322a6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame FCFB 19 KB
20 KB 16ms
16ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
x-amz-version-id: 7mQmj5CjPPHXphZWB9MwFHsB8G6GZRZR
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HT3YBWDSMX7GGWKJ
age: 1461041
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: u4rjVl6bznOFELXxWcdEy4cxf3HS8QD5+1jVYrU8pTGZTnnUMyhwdvSjilQjVnwTrzYblOccmBE=
last-modified: Tue, 26 Sep 2023 06:59:46 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoy%2Fe141M8HCd1pdrQc2I5PAHpsGTXWvsP%2BSbdIyFppDHlh5XNvKEJwTDktYzDubvzbfmsBxqbspNW0zMlpLJDcAgxwOHV2jBp%2FJhAvKYIWQLNqhPbuS1m%2BmM7ZlQ7srB1ol%2Fp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82de7562afe09271-FRA
expires: Wed, 25 Sep 2024 06:59:45 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 16ms
16ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=6dbc1654108520062cc5e1b2cbe1761d0aeee75ec04eecdef0bd17e37b76a87c&ttl=&rurl=https%3A%2F%2Fquickwin765412.com%2Fen%2F

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:58:59 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame 6BE4 26 B
1015 B 16ms
16ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=48767&ca=20846458&ri=de77532d30d359daba4004a311ed3f46&stats=%7B%2213488%22%3A%22810%2C2%22%2C%2217243%22%3A%2247%2C1%22%2C%2242261%22%3A%22121%2C1%22%2C%2250495%22%3A%22505%2C1%22%2C%2252220%22%3A%22127%2C1%22%2C%2253935%22%3A%22197%2C1%22%2C%2254497%22%3A%22258%2C1%22%2C%2254855%22%3A%22120%2C2%22%2C%2254863%22%3A%22505%2C1%22%2C%2255073%22%3A%22127%2C2%22%2C%2256659%22%3A%22196%2C1%22%2C%2256885%22%3A%22196%2C2%22%2C%2257347%22%3A%22246%2C2%22%2C%2257363%22%3A%22534%2C1%22%2C%2258143%22%3A%22121%2C1%22%2C%2258553%22%3A%22531%2C2%22%2C%2258561%22%3A%22505%2C1%22%7D&ra=3108716317016986
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Wed, 29 Nov 2023 22:58:59 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 StaticTranslations Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 30 KB
9 KB 357ms
301ms Fetch
application/json 2606:4700:10::ac43:1ce8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ce8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b58b55da1ceff3f810fac13d608902734ced3cbc9c6683d032555f713f1598

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:01 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
age: 1645
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=600
cf-ray: 82de756f6a99bbda-FRA
content-length: 9255

GET
H2 200 GetCountryCode Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 20 B
180 B 359ms
293ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetCountryCode?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:01 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 GetWidgetsConfiguration Show response
sb2integration-altenar2.biahosted.com/api/Widget/ 33 B
246 B 357ms
297ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB&theme=light

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed42758ec205bb2c5b8e93faffc5ddb12146174545eee04bd5a5e1979c90917

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:01 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 82de756f69573736-FRA

GET
H3 200 launch Show response
quickwin765412.com/en/api/v2/sport/ 159 B
559 B 43ms
43ms XHR
application/json 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/sport/launch?code=sport

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae82102158a00126d6386338f5729f70962283d5faf3f0d109c5974a0b67629

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:01 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 80
request-id: feapi-9a4bf434-196f-4674-bae0-b42ad7ce6c6d
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Nov 29 2023 22:57:41 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 22:57:41 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1701298721283
cf-ray: 82de756f1eb765ae-FRA
x-device-name: iPhone

OPTIONS
H2 204 GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0
0 336ms
24ms Preflight 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://quickwin765412.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Nov 2023 22:59:01 GMT
server: nginx
strict-transport-security: max-age=15552000
via: 1.1 google

POST
H3 200 GetMultipleBonuses Show response
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ 1 KB
1 KB 28ms
27ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1062

GET
H2 200 GetRules Show response
sb2frontend-altenar2.biahosted.com/api/BetMentor/ 12 B
225 B 305ms
300ms Fetch
application/json 2606:4700:10::ac43:1ce8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/BetMentor/GetRules?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ce8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da506c8a9c8a9f31aa00eaeef23d49764b9ace97158a1a0a7aa628e6d446b0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:01 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 82de756f6a9bbbda-FRA

GET
H2 200 GetSystemParams Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 488 B
552 B 309ms
294ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

48c3602b4c2458bca1cd1e1f5cdccbb056d3d7aa28f666a223326eb8719fd0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:01 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488

OPTIONS
H2 204 GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0
0 24ms
23ms Preflight 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://quickwin765412.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Nov 2023 22:59:01 GMT
server: nginx
strict-transport-security: max-age=15552000
via: 1.1 google

POST
H3 200 GetMultipleBonuses Show response
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ 1 KB
1 KB 29ms
29ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1062

GET
H2 200 GetSystemParams Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 488 B
548 B 27ms
27ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

48c3602b4c2458bca1cd1e1f5cdccbb056d3d7aa28f666a223326eb8719fd0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:01 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488

GET
H2 200 81851.f8d2ff4e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 2 KB
1 KB 14ms
13ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/81851.f8d2ff4e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bf08d53d64bd0d01bce2588cb207bb8a4e4676a50fca383612c0f4e977dbf6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:27:39 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 1882
x-guploader-uploadid: ABPtcPpAA1fRN_27YV8jP_db-eQMlxxh15WekFiTAGPvD3oe1vpt2FnGIL2-FTa2mwPFszwmUK-6oH19sI3hL8ms6q6a
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1046
last-modified: Tue, 28 Nov 2023 11:52:33 GMT
server: UploadServer
etag: "e91a609069145a78fbfb89e1c7d3faac"
vary: Accept-Encoding
x-goog-generation: 1701172353036312
x-goog-hash: crc32c=5RhPwg==, md5=6RpgkGkUWnj7+4nhx9P6rA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1046
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:27:39 GMT

GET
BLOB 200
OK 12bcf60d-bc58-4983-bd9c-6711182055e8
https://quickwin765412.com/ 105 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://quickwin765412.com/12bcf60d-bc58-4983-bd9c-6711182055e8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67b1a413416ff03197a240083c5e9aca4d8c9e7979b8796590f70dd645048abb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 105
Content-Type: text/javascript

GET
H2 200 5582.c12827ce.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 190 KB
20 KB 13ms
13ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/5582.c12827ce.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b27826240abf60c5364587e275127f0d56f215f7ee009a83b8f78c3e6256c120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:12:46 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2775
x-guploader-uploadid: ABPtcPrZ8I0pf0Ldnur_pPcGIUg1GpQAtuW9gQbKsiTghf3CkqrC21TXM3V3qgrJsh3ixz1eoKczODzgxPdr1SOHi75RLg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20220
last-modified: Tue, 28 Nov 2023 11:52:25 GMT
server: UploadServer
etag: "43afd4356c909bab53b2d109d39bb45a"
vary: Accept-Encoding
x-goog-generation: 1701172345059697
x-goog-hash: crc32c=CaSkAQ==, md5=Q6/UNWyQm6tTstEJ05u0Wg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 20220
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:12:46 GMT

GET
H2 400 css2
fonts.googleapis.com/ 0
0 107ms
33ms Stylesheet
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=%22Gilroy%22:wght@400;500&family=Roboto:wght@300;400;500;700&family=Libre+Barcode+39:wght@400&display=swap
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 1604.c67894d0.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 52 KB
12 KB 15ms
15ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/1604.c67894d0.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93ce75e5eb31481969ea384e9b1464cdf304eec087ccc4149cd593715921507f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:31:24 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 1658
x-guploader-uploadid: ABPtcPqbv2L_BmKRJx09-6quzfZDqdaVBT8xINfckoA0MbQwOHP27S0AlWmoE6MDQB4FcVQFmzONeEktna8x10n0KCWeGhG3t3Fh
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12612
last-modified: Tue, 28 Nov 2023 11:52:12 GMT
server: UploadServer
etag: "3c0d55c18d9e68c6d358225bce1b5d73"
vary: Accept-Encoding
x-goog-generation: 1701172332388766
x-goog-hash: crc32c=xFq7IA==, md5=PA1VwY2eaMbTWCJbzhtdcw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 12612
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:31:24 GMT

GET
H3 200 58463.b5001600.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 17 KB
7 KB 27ms
26ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/58463.b5001600.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8f346a395088c8d739911230460e80c86948604af2506195be66bc770c21cfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:12:46 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2776
x-guploader-uploadid: ABPtcPpSjKwm626mDFVteu2a0D6nBCjxAm5MogfA5JvA1y87B_qPVlRf9p6k9l3uqxz9oJuOg-8jynOZ9IJVGo6xbxamkw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6822
last-modified: Tue, 28 Nov 2023 11:52:25 GMT
server: UploadServer
etag: "7860822a3dffbf854f7211d88b3115b7"
vary: Accept-Encoding
x-goog-generation: 1701172345717603
x-goog-hash: crc32c=u4L+Cg==, md5=eGCCKj3/v4VPchHYizEVtw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 6822
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:12:46 GMT

GET
H3 200 57333.2fcb7446.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 13 KB
5 KB 25ms
25ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/57333.2fcb7446.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ae63da45700241400f827429003ec1048254997563a16d4c174de6a32720706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:17:05 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2517
x-guploader-uploadid: ABPtcPo4dH-_7yyTpazsZrRKw0eNGZEZFtblJCFuOLth8xDrtzo345NawPmo0ku87R-G02xgjGNoh9fvgPe4GtvHh8q943SH_-4z
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5082
last-modified: Tue, 28 Nov 2023 11:52:25 GMT
server: UploadServer
etag: "60612746b5049a46da4bebea5f36e55a"
vary: Accept-Encoding
x-goog-generation: 1701172345485611
x-goog-hash: crc32c=8XjXWg==, md5=YGEnRrUEmkbaS+vqXzblWg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5082
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:17:05 GMT

GET
H3 200 41335.e0d4ee39.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
5 KB 27ms
27ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/41335.e0d4ee39.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 89f95f5e6eb76319aeac8f44337b4a21ba82d266b60a495658f48ac6b9759b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:53:00 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 362
x-guploader-uploadid: ABPtcPqvfDgUTZIbl4xjoDmZv7SUu_wB8C_Gur2k2MAAbufRryYy4WfO08jUF9Jvhig1uOe5TPHzCGrxo4k_CJ7hvjgHNQL6u55g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5544
last-modified: Tue, 28 Nov 2023 11:52:20 GMT
server: UploadServer
etag: "1af237ed889d1a8c0347322ff34db54d"
vary: Accept-Encoding
x-goog-generation: 1701172340604294
x-goog-hash: crc32c=7IcaLA==, md5=GvI37YidGowDRzIv8021TQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5544
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:53:00 GMT

GET
H3 200 191.2503dd8b.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 100 KB
33 KB 19ms
18ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/191.2503dd8b.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2233754fdfaada7798be8f96854289b010c426db98f7a7d01e008b4828afa545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:41:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 1032
x-guploader-uploadid: ABPtcPrY0r5ZPbdYFXRANSznGmjoQtjsh8ET_82XJGj1Cy_aMzdJbjmyDIST96Hxm6uuLGKvnr-m3ryEqZdy4bQTKrYmQ-SmNQOC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33625
last-modified: Tue, 28 Nov 2023 11:52:13 GMT
server: UploadServer
etag: "2a3e59f33a1aee9550307d0739d222d1"
vary: Accept-Encoding
x-goog-generation: 1701172333594070
x-goog-hash: crc32c=1pUNDg==, md5=Kj5Z8zoa7pVQMH0HOdIi0Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 33625
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:41:50 GMT

GET
H3 200 51844.f8ec3d8d.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 5 KB
2 KB 17ms
17ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/51844.f8ec3d8d.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c138f5424629d2a5ca8504b783784078b326a7a8426ce38386e4f4a419047b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:02:15 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3407
x-guploader-uploadid: ABPtcPpX5oFg0INJjB5mSx4K3U5N-KjrwfC-HoE4_iQ_gp6ctRdjjauFR6OGIczwHuJjD8CJ4RZ7ipbFvLwdyJbfWgUFSg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2080
last-modified: Tue, 28 Nov 2023 11:52:23 GMT
server: UploadServer
etag: "d3b1c2ad347f45c92ab858b58c9a6e34"
vary: Accept-Encoding
x-goog-generation: 1701172343857060
x-goog-hash: crc32c=qpXIuw==, md5=07HCrTR/RckquFi1jJpuNA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2080
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:02:15 GMT

GET
H3 200 74355.b20ddefb.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 11 KB
4 KB 27ms
27ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/74355.b20ddefb.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 552517d6f4383714c112d28ed65ee573b4e4281571bd9a2301bfba45e10caeba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:17:05 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2517
x-guploader-uploadid: ABPtcPoJNTGIhq5iaTvYew0T3nbMHx6eTgXAXGCDc_J0PkjNWkiEjscywvWpue6-M4EU4JEMyVBdiQIUE2d0zRBZ6C1GhkuinWfd
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3589
last-modified: Tue, 28 Nov 2023 11:52:31 GMT
server: UploadServer
etag: "15469c5b6811226a20b62d7e86720857"
vary: Accept-Encoding
x-goog-generation: 1701172351053498
x-goog-hash: crc32c=icRwZA==, md5=FUacW2gRImogti1+hnIIVw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3589
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:17:05 GMT

GET
H3 200 69182.791f09e3.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
5 KB 29ms
29ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/69182.791f09e3.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 024224f2732bc3f42cf379a7de572178415b6db1bd5df283cdda964ed284a3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:09:49 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2953
x-guploader-uploadid: ABPtcPpUMgxk3e0-PkV5MGqP3kP2U_FJPHsJNzxhwtj-LuhVM9rOY4ulpgEmevSB--0ykp_jSfct-4rF9FECWH6c4jf7ity72SYW
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4996
last-modified: Tue, 28 Nov 2023 11:52:29 GMT
server: UploadServer
etag: "b1b8944bc99f1bba4f4aa303a8925fa4"
vary: Accept-Encoding
x-goog-generation: 1701172349238247
x-goog-hash: crc32c=NdusKQ==, md5=sbiUS8mfG7pPSqMDqJJfpA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4996
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:09:49 GMT

GET
H3 200 8125.6aa1f591.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 5 KB
2 KB 30ms
30ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/8125.6aa1f591.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dfbca6040f3d8352da55124ac60a7f6b2535173a3b47bec0c9323b71a5b775a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:11:31 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2851
x-guploader-uploadid: ABPtcPooTCmHOQPEZ6xyX7xigCfRQUzt0VhJnTmhm94cFDZIAWqeGdEt8wMfkEzHSbHR63wCqzgIOfmxRlNzRwPlirvuxQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1584
last-modified: Tue, 28 Nov 2023 11:52:32 GMT
server: UploadServer
etag: "03336675c789f9fd3c202adad7f10bf3"
vary: Accept-Encoding
x-goog-generation: 1701172352795047
x-goog-hash: crc32c=Gs6QcQ==, md5=AzNmdceJ+f08ICra1/EL8w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1584
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:11:31 GMT

GET
H3 200 70234.cd8f8734.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 10 KB
3 KB 30ms
30ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/70234.cd8f8734.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 411a4f974706fe975137608f037d908cb25bdae2da12df8ebd2a98834223875c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:02:49 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3373
x-guploader-uploadid: ABPtcPqXK7oDpax8ZzrHBfxN96OG0pBLluJ2uIdbEa_GaP1ifSk5O0xBerpXRZb_NDwOFJgfnuHfncaNwDmYN9CRvHeF4A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2581
last-modified: Tue, 28 Nov 2023 11:52:29 GMT
server: UploadServer
etag: "181e8187ceaf224b0e91051608efbd81"
vary: Accept-Encoding
x-goog-generation: 1701172349649071
x-goog-hash: crc32c=t2fHBA==, md5=GB6Bh86vIksOkQUWCO+9gQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2581
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:02:49 GMT

GET
H3 200 2826.643b1907.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 12 KB
3 KB 31ms
31ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/2826.643b1907.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d14e7127ffdc9044718daab6c2a828a11011ed600b2a339db043b542ef33af99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:52:31 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 391
x-guploader-uploadid: ABPtcPq8mz07Wv6QejNHhYZQEZLX08ztUAySaYZ-bnc8dqUMQEv0_JbResZ6EaYRFdfwQI8SNzpmVjCNKzYlq0yx5L27VA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3077
last-modified: Tue, 28 Nov 2023 11:52:16 GMT
server: UploadServer
etag: "87de58201e9b483d717226d04da86068"
vary: Accept-Encoding
x-goog-generation: 1701172336338990
x-goog-hash: crc32c=xPToOw==, md5=h95YIB6bSD1xcibQTahgaA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3077
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:52:31 GMT

GET
H3 200 85548.10ba5f0d.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
3 KB 33ms
32ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/85548.10ba5f0d.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b424e0abf0547407ffeb1e6cacc3121d61cb929c85d1df701543df826e21c834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:01 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 1
x-guploader-uploadid: ABPtcPowF9ZKf3LRwzA3uYJXPG7GnO6v57y0U9JHx5KLG7CUb6PtBicng29BkH-AnJVdDyqUDELvQ968vmvbdO9jSIq8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3157
last-modified: Tue, 28 Nov 2023 11:52:34 GMT
server: UploadServer
etag: "3ff8cf46fb2d1d1450cc6c288dccb30f"
vary: Accept-Encoding
x-goog-generation: 1701172354404704
x-goog-hash: crc32c=Q4l5gg==, md5=P/jPRvstHRRQzGwojcyzDw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3157
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:59:01 GMT

GET
H3 200 17060.f5b37e99.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
4 KB 34ms
33ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/17060.f5b37e99.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 152ef085bb4e4c213bbd420112d72d1e06d816a1be121041b493656172c899b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:02:31 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3391
x-guploader-uploadid: ABPtcPpopLLeEgOfI0g7PkxzjnDormraL4fXZpOnLgU7p7xufqRHd3mzic-wDP8Q0qYWz-rER7S4gxvfLQy9Seoq5BXUSA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4001
last-modified: Tue, 28 Nov 2023 11:52:12 GMT
server: UploadServer
etag: "f666141def7830782ebec7043306e7a4"
vary: Accept-Encoding
x-goog-generation: 1701172332889828
x-goog-hash: crc32c=dn2UBg==, md5=9mYUHe94MHguvscEMwbnpA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4001
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:02:31 GMT

GET
H3 200 66169.445b0505.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 36 KB
7 KB 35ms
35ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/66169.445b0505.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8b627643e7a04afa0636780ae49084c35905e2429400e28a2ff5f074ad500866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:11:01 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2881
x-guploader-uploadid: ABPtcPq13G85kuEIEq8PziRJxMiytcV359fpnM7m1fNXdSEa5R3VIGG4iyKcpcWOiCDYAfiTpbhjbChkE91wI378sS86IA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7344
last-modified: Tue, 28 Nov 2023 11:52:28 GMT
server: UploadServer
etag: "568df6cb111dd06893c380fa5565c422"
vary: Accept-Encoding
x-goog-generation: 1701172348335904
x-goog-hash: crc32c=oMi/lA==, md5=Vo32yxEd0GiTw4D6VWXEIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 7344
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:11:01 GMT

GET
H3 200 3648.35457755.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 19 KB
4 KB 36ms
36ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/3648.35457755.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3c58efa85f98772edb4f5891f53655b1c95c5face05c8ef6d627394c8a442ca7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:02:41 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3381
x-guploader-uploadid: ABPtcPo26kp_98Pub1aYN8KXoVfI0mP34dBx-_oN6VgEDZs7FUckix9GCrOcz21HMdVlWR8z-yx9OBdBeMVWOL_QSkA4-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4534
last-modified: Tue, 28 Nov 2023 11:52:19 GMT
server: UploadServer
etag: "5f663449d8589cde159b2c196b9eb781"
vary: Accept-Encoding
x-goog-generation: 1701172338965126
x-goog-hash: crc32c=LGII7g==, md5=X2Y0SdhYnN4VmywZa563gQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4534
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:02:41 GMT

GET
H3 200 39246.c6ec90a4.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 10 KB
3 KB 37ms
37ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/39246.c6ec90a4.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c2cd0b29da2ed0b9e15eb8bd86e578db122ba927b80c972ee234ff15919bedab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:51:40 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 442
x-guploader-uploadid: ABPtcPqMc79VseswfzP0Fb-mYR7DLsVkfZQL_V1078uyuoeTpQsIlTvMaxWUjCmhPI14pyYPXeL30bhMgGIktXew-940k7xG67jo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3361
last-modified: Tue, 28 Nov 2023 11:52:19 GMT
server: UploadServer
etag: "e8ea917eb59628577282b11d7a96bafa"
vary: Accept-Encoding
x-goog-generation: 1701172339886706
x-goog-hash: crc32c=X1qbYg==, md5=6OqRfrWWKFdygrEdepa6+g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3361
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:51:40 GMT

GET
H3 200 85650.55dab31a.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 13 KB
4 KB 38ms
37ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/85650.55dab31a.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 856a91fe9a83d70c017ad8a7fadd0e5813ef2ca731c8f7644b0b4bf2dbe0e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:02:31 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3391
x-guploader-uploadid: ABPtcPoV0r2rzREqYCewRZOmSzROA1wxTQDHfHpqHf27wLMleGrXqhrVovmIUQPIHM_M1MbRUek5sFUanQaPH38moQQpyA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4529
last-modified: Tue, 28 Nov 2023 11:52:34 GMT
server: UploadServer
etag: "5b968de3da582a3fe3432062e69738c0"
vary: Accept-Encoding
x-goog-generation: 1701172354501582
x-goog-hash: crc32c=+79SWQ==, md5=W5aN49pYKj/jQyBi5pc4wA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4529
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:02:31 GMT

GET
H3 200 86437.302ee0e0.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 19 KB
5 KB 39ms
38ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/86437.302ee0e0.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2230d4892c31b557d2a83dbaadaf73b17080b33044230db47740d78be71b3854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:06:16 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3166
x-guploader-uploadid: ABPtcPrtR9n4Ic10eanfsnH1it5krVy8aMDpC2OKtpupnNja_NNAERYcFTc6alG-Xvc1eMU-2JFmUI8efhmO7lLDHK-xMA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4778
last-modified: Tue, 28 Nov 2023 11:52:34 GMT
server: UploadServer
etag: "85e2e3dfa778bc27ea239b75ed2d5556"
vary: Accept-Encoding
x-goog-generation: 1701172354757280
x-goog-hash: crc32c=kNuI+w==, md5=heLj36d4vCfqI5t17S1VVg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4778
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:06:16 GMT

GET
H3 200 62183.45efd718.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 9 KB
3 KB 39ms
39ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/62183.45efd718.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3a0cddbb8bb77064c3550dd1b67a6471f4156d359ebeaa13069e13f7c5eaf7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:06:16 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3166
x-guploader-uploadid: ABPtcPpYbDkSAZ0jbGSt-1MbaGMkBKrksFfPizIWWJL9qKIcicFSEPGQXW6N_bSjnt7_EqrpTFXVaVmfFdDo370532ikRg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3362
last-modified: Tue, 28 Nov 2023 11:52:27 GMT
server: UploadServer
etag: "8809f6e2f835f6e7f56b805687e512a4"
vary: Accept-Encoding
x-goog-generation: 1701172347184761
x-goog-hash: crc32c=1pWeXQ==, md5=iAn24vg19uf1a4BWh+USpA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3362
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:06:16 GMT

GET
H3 200 40582.919078d1.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 24 KB
5 KB 40ms
39ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/40582.919078d1.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a8e2be07bb69903af70693cf71d0c906dab2da73d63179563030127daa74ae7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:27:41 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 1881
x-guploader-uploadid: ABPtcPpuhDx2wsCbAaU3AunsdnACw1k3C_PnxYNcHp2uUjoQKio5ftz_fBEo2FIDoCFI5wPR54k6aFsc6QQAeuMypcw_QA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4859
last-modified: Tue, 28 Nov 2023 11:52:20 GMT
server: UploadServer
etag: "22e01d7de7f7a066ac4879f25fcf2025"
vary: Accept-Encoding
x-goog-generation: 1701172340307495
x-goog-hash: crc32c=CmSbKg==, md5=IuAdfef3oGasSHnyX88gJQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4859
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:27:41 GMT

GET
H3 200 93209.7fd76310.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 18 KB
4 KB 40ms
39ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/93209.7fd76310.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5661e2e68ff66307d67152534802eceaaea1f28a2890555fcbac52f3f9e69669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:35:20 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 1422
x-guploader-uploadid: ABPtcPokxhM_mqFZov2ab1aympk2TMkPqNWUxUv5CrA8_WBldlIEApUuKGjSrIdp8nh5PwcYbtzZeOV8qUPtb56AVX9bAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4055
last-modified: Tue, 28 Nov 2023 11:52:36 GMT
server: UploadServer
etag: "74e6b5c42e99cf682c9d5d0f8ace264d"
vary: Accept-Encoding
x-goog-generation: 1701172356812391
x-goog-hash: crc32c=NQDMNA==, md5=dOa1xC6Zz2gsnV0Pis4mTQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4055
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:35:20 GMT

GET
H3 200 85973.fce7a82d.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 19 KB
6 KB 41ms
40ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/85973.fce7a82d.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c4e89b033043cc5831fc630e61deed58bace2a47f02cae35327ee2f5b0f121c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:02:41 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3381
x-guploader-uploadid: ABPtcPoEwG43eJtPKmVRrFF8s9bBXc3Gj05kFd3lY6jISE90-HgPmXcDwNfXz9U9dHlxwkVDSe4GIY4pI-iKOiNLd-5zlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5766
last-modified: Tue, 28 Nov 2023 11:52:34 GMT
server: UploadServer
etag: "842b3d8e7e01d229736a07979751a325"
vary: Accept-Encoding
x-goog-generation: 1701172354527631
x-goog-hash: crc32c=FIaeIw==, md5=hCs9jn4B0ilzageXl1GjJQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5766
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:02:41 GMT

GET
H3 200 65081.94dc9a78.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 8 KB
3 KB 42ms
41ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/65081.94dc9a78.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 02250e02fc882383d379cf5a3762e9acbcbc396a3c0d99b710c2794a22c61c24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:56:56 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 126
x-guploader-uploadid: ABPtcPrYRbcoMBbtOUwsNj4UsT6ZnxHYzq9egYXr4CxxvqXdJYxmkN5-_isqD4L0dGhuY3Pwd2DCyeT0HOT9DZeix8t0Sw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3281
last-modified: Tue, 28 Nov 2023 11:52:27 GMT
server: UploadServer
etag: "0766b8bc12a4758a6355aa070c94999d"
vary: Accept-Encoding
x-goog-generation: 1701172347907158
x-goog-hash: crc32c=DUckrQ==, md5=B2a4vBKkdYpjVaoHDJSZnQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3281
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:56:56 GMT

GET
H3 200 20743.6e2a0235.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
4 KB 43ms
42ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/20743.6e2a0235.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 593927db3000fd82449a020ee15801adfc6686ec3408b593ec61b9461550153d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:06:16 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 3166
x-guploader-uploadid: ABPtcPrccIhj--GlyH1D2pfzOa6IDeutEl507cBvDtRrTUcQldiETa9-L1gOVza7FJ3PVW4LJioq_mdGaMkNaYzYBGV82g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4116
last-modified: Tue, 28 Nov 2023 11:52:14 GMT
server: UploadServer
etag: "82d52859482c27b83f561f070e62a381"
vary: Accept-Encoding
x-goog-generation: 1701172333997476
x-goog-hash: crc32c=6Xwiww==, md5=gtUoWUgsJ7g/Vh8HDmKjgQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4116
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:06:16 GMT

GET
H3 200 83350.2624841e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 57 KB
12 KB 44ms
43ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/83350.2624841e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f2e990c80078ee4290e44417106dbed505582483d6e42fdf70f1ccb7c82615ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:13:30 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2732
x-guploader-uploadid: ABPtcPoZkuVD9NHv_A8Hc4f9eU20HwjM4ssK78xloWEqEbzuqnheyJjchQpCnmZctAi7nQPFC7de6lLLolKTuLtor5MfqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12018
last-modified: Tue, 28 Nov 2023 11:52:33 GMT
server: UploadServer
etag: "0bc988f91661d601471f1786951fc570"
vary: Accept-Encoding
x-goog-generation: 1701172353632013
x-goog-hash: crc32c=6YFGEw==, md5=C8mI+RZh1gFHHxeGlR/FcA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 12018
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:13:30 GMT

GET
H3 200 92089.fa2ec385.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 64 KB
14 KB 45ms
44ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/92089.fa2ec385.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e22e57942c76636bd88c6fd78331aea76ed444ddcd921d5ea0c33771e0962a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:09:13 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2989
x-guploader-uploadid: ABPtcPp7JWCvXvy15jQTCcLec-W4Vs9d1EFl1y2hhvZX1V5vT13n-y_ftf1RRyk8ShprypTuHIccgAkmQ6UDm0DKKG93UxZyrqpH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14425
last-modified: Tue, 28 Nov 2023 11:52:36 GMT
server: UploadServer
etag: "eb91c8267b11352cf67aac89306f7b86"
vary: Accept-Encoding
x-goog-generation: 1701172356594909
x-goog-hash: crc32c=xSDGZQ==, md5=65HIJnsRNSz2eqyJMG97hg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 14425
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:09:13 GMT

GET
H3 200 18588.907b13ab.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 34 KB
8 KB 47ms
46ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/18588.907b13ab.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3517f0ec12a251d24b761a30a9c59305152a2717f51790e1239ef1f35c7d93f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:56:26 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 156
x-guploader-uploadid: ABPtcPq5z-PGcDLbfgfsTUdbycA0kuqTon9AN9kKGEUTRQAOj4mAGoZXBG-lf1a7s49RU17is0tKdFdKdi_9NnDwVdvm3uuCkTbh
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7863
last-modified: Tue, 28 Nov 2023 11:52:13 GMT
server: UploadServer
etag: "d53c7cc332ad29616c5efb4230a3eea1"
vary: Accept-Encoding
x-goog-generation: 1701172333407019
x-goog-hash: crc32c=/Q74LQ==, md5=1Tx8wzKtKWFsXvtCMKPuoQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 7863
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:56:26 GMT

GET
H3 200 90782.0ad7bcb4.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 10 KB
3 KB 48ms
47ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/90782.0ad7bcb4.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7724216a93502c187b6605b58ee89080baf34c115f54a2f6fa20a76b63651dd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:12:55 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1701171428
age: 2767
x-guploader-uploadid: ABPtcPqzPRVE1Um-BGafR6sRI7vQ7lMjMNagI01wIRnK60c39JxgRaxrG428QXqdt_AezThLtf7pU3uQrvH0otXFPucJBbZ7b_dc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3514
last-modified: Tue, 28 Nov 2023 11:52:36 GMT
server: UploadServer
etag: "7849d207f216319e1efdc2019902a1ee"
vary: Accept-Encoding
x-goog-generation: 1701172356057544
x-goog-hash: crc32c=pZzXpA==, md5=eEnSB/IWMZ4e/cIBmQKh7g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3514
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 29 Nov 2023 23:12:55 GMT

GET
BLOB 200
OK 12bcf60d-bc58-4983-bd9c-6711182055e8
https://quickwin765412.com/ 105 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://quickwin765412.com/12bcf60d-bc58-4983-bd9c-6711182055e8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67b1a413416ff03197a240083c5e9aca4d8c9e7979b8796590f70dd645048abb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 105
Content-Type: text/javascript

GET
H2 200 GetTopEvents Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 5 KB
1 KB 33ms
33ms Fetch
application/json 2606:4700:10::ac43:1ce8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/widget/GetTopEvents?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB&countryCode=DE&eventCount=0&sportId=0&timePeriod=0

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ce8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cb49e915a388976a73466dd91aa7aa4fb6eae041fc52501e9bc750dac7f6835

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3
cf-ray: 82de75725ceebbda-FRA

GET
H2 200 GetTopEvents Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 93 B
185 B 26ms
26ms Fetch
application/json 2606:4700:10::ac43:1ce8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ce8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80346d8295c2e6aac4183c0bee0b3c356493eaa61da8b7ace46c78b7f2c34ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
age: 2
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3
cf-ray: 82de75725cefbbda-FRA
content-length: 86

GET
H3 200 43741.png
quickwin765412.com/dimg/altenar_logo/ 36 KB
37 KB 17ms
16ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43741.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

087fcdc196cde517dd7e8a8e798f88ba505957e33d681ec9259dd22af13f4c60

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1748E78B5448A3B5
age: 833292
cf-polished: origSize=45737, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 37344
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:36 GMT
server: cloudflare
etag: "250f08bbdb0a051c61e240d9f059f54a"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572aa6d65ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43704.png
quickwin765412.com/dimg/altenar_logo/ 63 KB
63 KB 23ms
22ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43704.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b70e46dfae9a666aff3eb4a1f49cf85838c4e31769f5e511bd870be4ce9dc8e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1777341BA3198BE6
age: 638839
cf-polished: origSize=77815, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 64204
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:41 GMT
server: cloudflare
etag: "aad40af7b2947d39cc6a9266d1af3f0d"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba6e65ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43691.png
quickwin765412.com/dimg/altenar_logo/ 59 KB
59 KB 19ms
17ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43691.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1d2dacd71dc7670eb3c2cdb7fd937015a512f58a17ef5d959f7cb28f2b5125

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 177730B47E837DCD
age: 52837
cf-polished: origSize=71724, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 60538
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Mar 2023 12:20:19 GMT
server: cloudflare
etag: "e87fdc87fd68ca6b7c517d3e39b890d5"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba6f65ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43702.png
quickwin765412.com/dimg/altenar_logo/ 33 KB
34 KB 17ms
16ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43702.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

694f207016a4014c0d9cce92d2f15a1f884d1fb4a908f8460dc9cd50d6773ff2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1777E3AE81EE8272
age: 226942
cf-polished: origSize=40408, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 34087
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:38 GMT
server: cloudflare
etag: "c0fc243d07c37455a398199651be12eb"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7065ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43605.png
quickwin765412.com/dimg/altenar_logo/ 55 KB
56 KB 24ms
23ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43605.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

72a1671fb8cc53255a245f5edc193f02744fd449f0a00ba0b640d2ffc3bf1910

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 17774B52B6D1BE94
age: 226520
cf-polished: origSize=69347, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 56540
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:40 GMT
server: cloudflare
etag: "0a6f5b3a74553633547a5eb66e554a74"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7165ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43613.png
quickwin765412.com/dimg/altenar_logo/ 61 KB
61 KB 25ms
24ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43613.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

89374764b1c47772b9b7c85af3761063f6f37e3d3c20f4c7a123afae915d1e31

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1777ACFEB51BCE9B
age: 761267
cf-polished: origSize=70944, status=vary_header_present
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 62118
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:40 GMT
server: cloudflare
etag: "858fe9470f273008e319594f762ef1c3"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7365ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43643.png
quickwin765412.com/dimg/altenar_logo/ 54 KB
55 KB 19ms
18ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43643.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8393f31af837729ed9acef64e90be7be1293f0e9e771109734e70f0ab751c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 17775CA4792EE9BC
age: 757531
cf-polished: origSize=59109, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 55754
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:39 GMT
server: cloudflare
etag: "1eb0206d84bb5c2084b2a7589496260d"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7465ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43650.png
quickwin765412.com/dimg/altenar_logo/ 49 KB
49 KB 26ms
25ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43650.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c894e36ce8c2da73b9ef78b4326802029503afaa6160ff12c985e6e6f9beaa5c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 177736F7EB26CFD2
age: 833292
cf-polished: origSize=52677, status=vary_header_present
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 50236
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:39 GMT
server: cloudflare
etag: "ce40ddd67f738b7ee683f000ffc0c0ab"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7565ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43649.png
quickwin765412.com/dimg/altenar_logo/ 57 KB
57 KB 20ms
19ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43649.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d84d14dbcd61c67db98552b0d70146f860df3f4150a5ff3387ca6dfe17814f23

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 17389FABF15783A7
age: 757532
cf-polished: origSize=61644, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 58252
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:40 GMT
server: cloudflare
etag: "bd9f1d2b34ef9ab8c7894faa020a31ea"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7665ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43813.png
quickwin765412.com/dimg/altenar_logo/ 53 KB
54 KB 27ms
26ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43813.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

94b2b7f2a8893626b0131f4948a936e95f943ab4aeb1c02ee69bd760ae946662

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179175B3A303825E
age: 69197
cf-polished: origSize=66415, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 54721
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Apr 2023 07:52:25 GMT
server: cloudflare
etag: "b2afdafeecbc5c0dd98258bbd1203b4d"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7765ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43672.png
quickwin765412.com/dimg/altenar_logo/ 44 KB
45 KB 20ms
19ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43672.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1632c550026ba0d233f6f200d1a5f1d357841aab0ecb580f5f585999352196e4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1777A64C73E0EFCC
age: 226942
cf-polished: origSize=47952, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 45305
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:37 GMT
server: cloudflare
etag: "44813cde8f46f7206a10fa68c5c57e92"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7865ae-FRA
x-conv-cache-status: HIT

GET
H3 200 43758.png
quickwin765412.com/dimg/altenar_logo/ 26 KB
27 KB 28ms
27ms Image
image/png 45.8.107.102
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43758.png

Protocol

Security

QUIC, , AES_128_GCM

Server

45.8.107.102 , Curacao, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b54624bce5ac132e69fdab26fe728b9b6354f143d6ef63c79b083a9e06dc56df

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:59:02 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1778BE4575AD3BBA
age: 69762
cf-polished: origSize=31564, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 27064
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 07 Feb 2022 07:42:20 GMT
server: cloudflare
etag: "c1352cad256e1ba5aeac60fb83680417"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 82de7572ba7965ae-FRA
x-conv-cache-status: HIT

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
quickwin765412.com/cdn-static/images/quickwin/entrance/dashboard/webp	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/cdn-static/vector/payments/monochrome-light	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/cdn-static/images/quickwin/gamehall	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/cdn-static/images/quickwin/vip-page	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/cdn-static/images/quickwin/buttons	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/cdn-static/images/quickwin/general	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/en/api/v2/sport	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/	1970-01-20 20:54:10	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"}}
.adnxs.com/	1970-01-20 18:44:34	Name: uuid2 Value: 7295388309302484529
.aso1.net/	1970-01-21 01:20:34	Name: aso_uid Value: e599294d7a97261bd7504a1ecf87afb08881cae4
.adform.net/	1970-01-20 17:18:10	Name: C Value: 1
.rfihub.com/	1970-01-21 01:56:34	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2srQwMzO0MDY3MRDiM9QNy8pKDi3O9DFw8k0GAJ8flqElAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2srQwMzO0MDY3MRDiM9QNy8pKDi3O9DFw8k0GAJ8flqElAAAA
.quickwin765412.com/	1970-01-20 16:35:00	Name: _hjFirstSeen Value: 1
.quickwin765412.com/	1970-01-20 16:34:58	Name: _hjAbsoluteSessionInProgress Value: 0
.adform.net/	1970-01-20 18:01:22	Name: uid Value: 8130194498421774184
widget-mediator.zopim.com/	1970-01-20 16:45:03	Name: AWSALBCORS Value: 74+gKK+1w7E6Qz16ya0sI3lOHNxefxLuztkvFs9AUCCSDufK5ZKdbWCcI0RIB/qty4mJO80c9hINgFRcJIhH/iJiZyrfFxtBFQZQ+gfTwhNhLiac7f2W3PS2TyCa
.casalemedia.com/	1970-01-21 01:20:34	Name: CMID Value: ZWfCM511b9lQdKVdFyr-ewAA
.casalemedia.com/	1970-01-20 18:44:34	Name: CMPS Value: 3265
.casalemedia.com/	1970-01-20 18:44:34	Name: CMPRO Value: 3265
.media.net/	1970-01-21 01:20:34	Name: visitor-id Value: 3443003391492005000V10
.media.net/	1970-01-21 01:19:08	Name: data-rk Value: 5124322329866183740~~3
.tiktok.com/	1970-01-21 01:56:34	Name: _ttp Value: 2YrzyQcCH7HZvuQitfXaz3hv27K
.demdex.net/	1970-01-20 20:54:10	Name: demdex Value: 12178128310610363010579697602252850336
.eyeota.net/	1970-01-20 16:34:59	Name: SERVERID Value: 23186~DM
.doubleclick.net/	1970-01-21 01:56:34	Name: IDE Value: AHWqTUlBg5Dw2hmHAWPy4mk1BGwbyJcnqfrQYUSODHTA53dGK2ReQ1GYPJHX3_UF
.dpm.demdex.net/	1970-01-20 20:54:10	Name: dpm Value: 12178128310610363010579697602252850336
.krxd.net/	1970-01-20 20:54:10	Name: _kuid_ Value: P8hiOTKD
.rezync.com/	1970-01-20 20:54:10	Name: zync-uuid Value: a46e1f68-45e9-4c49-9d9c-4e71bffc4cff:1701298739.1920981
live.rezync.com/	1970-01-20 20:54:10	Name: sd-session-id Value: .eJwNzEEOgyAQQNG7zFoaBkZguIyxOCSklTaiG413l-VPXv4F01-2da5Sd4j7dsgA6Vt6NYgXtHKu8oEIIxqyxljDwTkM1pOGe4AmrZVfncrSzUxOMLugaBRWlIgVL5wUicd3zolSzhG9xj7xll_IRnNAuB_AOSZK.ZWfCMw.VXH-cE9DISz44Slu-rn5cJGgpys
.everesttech.net/	1970-01-21 01:20:34	Name: everest_g_v2 Value: g_surferid~ZWfCMwADVJj78gBU
.getblue.io/	1970-01-21 01:20:34	Name: ckid Value: 3A0E2903-C607-4D5A-B593C0B82BFBFE62
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129TG3zPX0NzEwcDf0yrcsdvILdfaMSl7FKBAVnubsW-7oEuaVZW6R7hTaxGKeaGKWaphmZqFrYppqqWuSbGKpa5limaxrkmpumJSWlmySnJZmZWhuYGhkaWFubKlnaGlkYGlhCADUEgfMawAAAA
.adnxs.com/	1970-01-20 18:44:34	Name: anj Value: dTM7k!M4.gF7/.XF']wIg2ImKE+F0g!A#Fs.TOKQ9YfZ8=E'gDfQheTfSsWcdXc9RdZ!^c8`a_Zw:/Xw%x$m?>%ghmBky)L$0PJb$3.:#Ei:H20<+3Yapb/ler.he*1Q(>>5`7L:TLy.%p[s>%q)3Re8-J9
my.rtmark.net/	1970-01-21 01:20:34	Name: ID Value: e172854008314c4e8faaf5765990e1d7
.rfihub.com/	1970-01-21 01:56:34	Name: eud Value: H4sIAAAAAAAA_13RvWoCQRAHcBJyRpSAcG1e4WTndu92J51eJCh-gKIBO93cCkJIkSJ9HsHS8sorr7zS0tLS0tJHSJXSmyl__OcLpvEMSac36w01fvYnSog3GHzhd3c8T_pLO30CLSBEoyWGUby_u9lgCAVzyXxkvjL_Me_uqTPmnLlgLnn9A_W5YoRIZl5r-e6S0U_ndTHYarPpznOvUhJJWXh0xKmaGx1fmfMa9YH5xHxmvvD8kfq3Tl026X2HJs13vl6pOAUXm0BFKQbKKgzwA22gUg1r56yyzr3cmtqAoUADe78ySQqdMV989lyfbv4HMaiHlloCAAA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://quickwin765412.com/en/api/v2/game/list?page=1&category=top&count=31 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322329866183740 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.1942632 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a46e1f68-45e9-4c49-9d9c-4e71bffc4cff%3A1701298739.1920981&_=1701298739.3848317 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://fonts.googleapis.com/css2?family=%22Gilroy%22:wght@400;500&family=Roboto:wght@300;400;500;700&family=Libre+Barcode+39:wght@400&display=swap Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20846458p.rfihub.com
a.rfihub.com
a1.adform.net
aa.agkn.com
adjs.media
analytics.tiktok.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
cdn.cookie-script.com
cm.g.doubleclick.net
cms.getblue.io
connect.facebook.net
contextual.media.net
d3mi6d1ao3fzsg.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
ekr.zdassets.com
event.getblue.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
live.rezync.com
metrics.getrmads.com
my.rtmark.net
p.rfihub.com
partners.tremorhub.com
pixel.adfyier.com
ps.eyeota.net
quickwin.com
quickwin.zendesk.com
quickwin3.com
quickwin765412.com
region1.google-analytics.com
rtg.prdredir.com
s2.adform.net
sb2auth-altenar2.biahosted.com
sb2bonus-altenar2.biahosted.com
sb2frontend-altenar2.biahosted.com
sb2integration-altenar2.biahosted.com
sb2widgetsstatic-altenar2.biahosted.com
scpt.getrmads.com
script.hotjar.com
scripts.prdredir.com
secure.adnxs.com
static.hotjar.com
static.zdassets.com
sync-tm.everesttech.net
track.adform.net
track.aso1.net
track.wolf22.xyz
us-u.openx.net
widget.getblue.io
winner-slots.online
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
104.16.53.111
104.18.70.113
138.197.230.29
139.45.195.8
142.250.186.162
151.101.130.49
172.64.151.101
177.71.130.23
177.71.157.175
18.173.154.87
18.184.108.41
18.239.47.54
18.66.192.39
185.199.175.191
185.89.210.212
193.0.160.130
198.47.127.205
2001:4860:4802:34::36
23.38.98.168
2600:1f18:612b:4232:a914:a3b8:84d6:ea13
2600:9000:20c3:2e00:1:76cf:fe80:93a1
2606:4700:10::6816:85a
2606:4700:10::ac43:1ce8
2606:4700:20::681a:772
2606:4700:3038::6815:ea9b
2606:4700:e4::ac40:a41a
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
34.110.191.112
34.120.135.117
34.247.45.174
35.244.159.8
35.244.174.68
37.157.5.84
37.157.6.234
44.216.205.237
45.8.105.60
45.8.106.122
45.8.107.102
52.213.93.159
52.57.150.20
54.194.27.175
69.192.160.219
78.46.117.148
88.214.195.93
95.101.148.20
99.84.88.128
01563f74556ee7fef0b4077aa3cf670d09ce6fdc09ff0b921521480a1e3d1e33
01d452bc11b190c1ec74e5c212a6799ad4b8b5854ff6fb8553d408f82b920246
0207b9fe11e80771d81e331709c7f673b61a90e2caaffb99baf6eadd02a3b9c0
02250e02fc882383d379cf5a3762e9acbcbc396a3c0d99b710c2794a22c61c24
024224f2732bc3f42cf379a7de572178415b6db1bd5df283cdda964ed284a3a6
024a62c4aa4779c0b103289a98c0812389411b7c580b98dd0993efa632e56544
025cf6abb05fc2309b52b049d6761b66fd2f0ad005380ccdf4613612202ad037
02e9eaa138a48931f160746196b6c14044914c584a180324b2a296ae9fed972d
036582f2a848015ce1307dda67910e24b6f6b3a2c853031bd1d0558ce448c459
0397d90e388d4e8fad9aea3a4c7bbce344d2267f409b9b4ccc0832a250c12049
084449e5e941ca6a49830058854bda374cf8972d0b43615e9dc199b4a19c455e
086f1cceadf3a6d1b743e026baa82a170c1b5b3e19f1d2ce8ccc3de200bec30a
087fcdc196cde517dd7e8a8e798f88ba505957e33d681ec9259dd22af13f4c60
0962484096772c5f53425bce8ac45925062f481c129babd187c8261c5c5a34fc
0a36cdf7b782e9fbaf7eb9f36cdb4cc83bd7bb1537d13598b0475fea21e1c13e
0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76
0cb49e915a388976a73466dd91aa7aa4fb6eae041fc52501e9bc750dac7f6835
0ea926298c8afe10cdd9a5716ec435ab55172ff19a7affca8e7c982d305a0197
0f242e7f1afd4035ff39b92603ed40a8d7d3fc878bf86c3ec61896a9e0532e28
1083fe05f985565d2a2e3f023ec6fd847cbf117ea6bdf66b92765a58bd310bad
14450c1b53b095fce89251190f5cb78552a0809d49424979ac39499040cb1b12
152ef085bb4e4c213bbd420112d72d1e06d816a1be121041b493656172c899b7
15913a9b8a65863bbe7f1bbe0be299c06dfd356e5c3ff781a65fc616c5283261
15b6dd93f41aa23141815c66f5884969a55aacc22971180a54176c97a811898e
1632c550026ba0d233f6f200d1a5f1d357841aab0ecb580f5f585999352196e4
186c1d01b129984b1a1946585fd54808628711af61c2f79384af4fd25fef24da
18e3efc7a45f53d0d553f3ca64dbad85f50eea562865265a2883f82f9d34b935
193561f978c5db1176bd70243ced9ace558b0d6b544124c7624259b605c99fbb
1b61f379164930f075993f6b3bb7eb9766adec8be31f7fcedc5d138833f7d3bb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb43e5e70bbd280f2cff81dd2fbdc1c87e3e4cb3cbbb2afd7f5e4a559dc8ec4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1da13baaf4400d93f504ebb94e34fb97f801e0e40eadf4d6209f405842fdd9b8
1ed42758ec205bb2c5b8e93faffc5ddb12146174545eee04bd5a5e1979c90917
222d744950d26148a98ff7f5224d6035868bea8a60fbbe622f8e5358d60f510c
2230d4892c31b557d2a83dbaadaf73b17080b33044230db47740d78be71b3854
2233754fdfaada7798be8f96854289b010c426db98f7a7d01e008b4828afa545
22e37103e1900e1c4cccd805bcd7603f32aeb0cc4c0c00f90c1649d3d19a303b
23dc3ba99041076ad77f5aff727105b8d376c98c019e6a69f96d5198705c0694
2dabe48421297f9cf91a0f0d065822b1dbba2c49f19243d0225310af1ba67f32
2e2ea8bf34f58551309e1f6a1618c93e0bf6e08985bb2c1dc5a15473cd5c491d
30cd4cc982d4edfad6e2c99173c1ce32e2c3b381e4d5a1f126ee3a71566c2170
3356249f7e2b9ecda8a7db96fd92e241af176be9a2a9cef5b480a23642b886bc
33e9ca0a9a965ad4da451eca1f42935be45141b420134584831739400c688058
3517f0ec12a251d24b761a30a9c59305152a2717f51790e1239ef1f35c7d93f1
36b658c9e042fd550658e26af78a29a677807fd11f642fe7d78d601402ce7a13
379fb57fa01d94da1f94ca7069a3cc71339b93efeb6061156fa07598132c5849
384e5a56b7bb4a02faf44722bb96cc1c76207e809aa295855d16484ffd633108
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3990e368f90ae8967526642b26f53ba57c46076ab6c161da45909aa3a08ea979
39e39b29a1bd6299b74c9b7f183aaf9374b56905528409f1a3cb40ff7fb0cd7f
3a0cddbb8bb77064c3550dd1b67a6471f4156d359ebeaa13069e13f7c5eaf7ee
3a8393f31af837729ed9acef64e90be7be1293f0e9e771109734e70f0ab751c2
3ae63da45700241400f827429003ec1048254997563a16d4c174de6a32720706
3c58efa85f98772edb4f5891f53655b1c95c5face05c8ef6d627394c8a442ca7
3d70f37d0643d718c68550e8f30873988b9f7df5a856bb9f79fc47e9184184ce
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
3f75e2446874c812c9f47612105104fa5d3d8833dbf077c4daaeeffc3b767403
411a4f974706fe975137608f037d908cb25bdae2da12df8ebd2a98834223875c
425a6d0fce3864a8d8f1f959c48706dda680b4038245769a56efba46373fee95
42dc583493813c688c2ccfc9635f1c4a5af91424b8fe0a57ccc7b68fa04b1400
43f8ae86aa6077529fb9e4898570925eadb01ded1cca624c0c4ba1f02d7c3efd
441c4f94bd62d62ac5a317442cee2f7805f2b743c3492d5490cad7355ad95f3b
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46b212e0e20561dcee89f85761a09d0ac4a823791bcd3051883d81acf16f00d8
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
486c3ad09607caa76fd99d9e460e0f7c2943bf4e889efbe296cf7430e12ba2f3
487ee1424e1a73cef50aed36485e13de511139b6daac454c815dd4174e0c5156
48c3602b4c2458bca1cd1e1f5cdccbb056d3d7aa28f666a223326eb8719fd0e7
4af4ede967218ca52aa7c5d766e0af5992160ecc2382d0635db809e01a28ff18
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c01bed53e77e53b8740a42ee3e4d32573cb5027549cda7a4f8576bf5b92bd30
4cf582dd3f06c3e5980570e1f97c5467c4ea9077a4d1a526fd109b34e67acfb0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e75d36f1d44883e24a7ef4d7aa4a4a4d8a4f0b6ab24a1976a57a322bb4fbb1b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50a3b2024d2445d44f2740c4d6e20603b1ea2ad907ed87fff9d87aa66c24081a
51e66ae4df225c09ca8f88cfb59b2a6bfc34b186deda8f35d6548feb72abd28b
52e40ec67ede088f0823d7ade9ac98c58f07895824d88675cdb04b73723d9004
53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552517d6f4383714c112d28ed65ee573b4e4281571bd9a2301bfba45e10caeba
559a8ce4ea4db9ddc7005be4a20d73ea922d3262d240197317bb5ebb1d57f92e
5661e2e68ff66307d67152534802eceaaea1f28a2890555fcbac52f3f9e69669
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
57f902c7cbd34a4e8577ede031c584c339c64f2beb72859e02f4c0d829c5bbae
593927db3000fd82449a020ee15801adfc6686ec3408b593ec61b9461550153d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c6d77b0c54018fe4e0a717e47a8ba92bc3598a5ef0a1f977be6045537cb158a
5d0dbbfa46f6e2ef2d26d258ba555db6677788f35198005b9a9cc66ef98a71b7
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
605c6fe65317c45d05543b53e51500d0a5ece2a57e8f95c508eb32a1a05576f7
6105ede7824e32d160e51746e88a4b2a9a72410371faaeb4938f639be9c53a3e
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
632d1247982ff4ae19a72556b5d377b59ca2f69a7850db54c16378738c9d6e77
64c094ca32a215e99fe2759098fd52e48512d9fbacb0ec6d2ee951956d8d11fc
64d2c4bb0611542bbdb825ee1cd73764186b7258726e6acf5531f59e476347b3
66fbf319de6eec942f1b42488836f2862b0a3db4131f403fa692a51d930fb3f3
67b1a413416ff03197a240083c5e9aca4d8c9e7979b8796590f70dd645048abb
67cdfd20a3de849dd48f0a620543b1327ab81387f35d45caaedebd0cc8e701ca
694f207016a4014c0d9cce92d2f15a1f884d1fb4a908f8460dc9cd50d6773ff2
6b70e46dfae9a666aff3eb4a1f49cf85838c4e31769f5e511bd870be4ce9dc8e
6bc617ac8e5122153b2daed71181bdf2a735d28a71ac27101f766125f36a8126
6d495de2f7d8af5a0bae5ca9c4891c40b1680046747d3fc927c85eae120d93ec
6ff2f7e3209c52e8b554d14d3d1158236f43003972f0fffdf7d9f6a2f06f1039
7025aae009c4562e6049990255420de5f854ee5b25e2e627c7d47a1cc51d13f1
70f3083a31279768ce4485d94f7a71a1588232bfd7add408e71ae95a03d80c2a
720013e319e14da6c8f74bae6f9bb055f939edb6c70304a32078bf90666b27ce
72a1671fb8cc53255a245f5edc193f02744fd449f0a00ba0b640d2ffc3bf1910
748a39a2a88ada529b17a9e92af1b36f2fd8cc8a5f921cf3af44beaf023f42d6
7597f783523d4fdb4e0574234bbdd5ea3e19f7f10bc5e5f881e4bf48b2a2c1ef
7724216a93502c187b6605b58ee89080baf34c115f54a2f6fa20a76b63651dd6
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78b1789634c90ea9472b152b85cd2ce42535b642a18e4e708b996fcb2bc2dcdc
78e3ed7c04d057711cab3a307f3cac79cb317dab3b37bc249cbee447f9b68a60
7a60e2541dd1fafc192a4f94efd6b1513388bd52565bc46df74ce878ab9610bb
7c7d10ac153c182208e67d590b088f33fe328d8c55b3705c0e32a789a88201ae
7d643ed788ffa3bec8118971df3b044c037b1876f10eb470ed63d07c16df31fa
7d8591614eb328a49a0b95739f839cbed7a1c0f5f075914011f384c1cf567fd2
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f6882edf0e792487c920e26c5887e2aa20b1ad13ceeedc3ddf71128c8711646
80346d8295c2e6aac4183c0bee0b3c356493eaa61da8b7ace46c78b7f2c34ca9
8038424337aab50cfce5f8385c98fdb475fefdad3725911cdfdf5ef771dde382
80bd69d706af5dde1cd67ad64673e0c901c2adf6b6d5e9f0f712e7eaf66f8a5d
81569f8b6ab95cfd030493954ccc55b629cf0d29f8627c6904fc3dffa8fa896c
819139ba1036d6cea3e0d6ae29c27254a81b04cfde04b56cd7b9b7edb980e7b3
819ddaec6121b41abd6901b31e44161609ee263e740c80459671dfbff2a6bea3
8474a6f4a9416306a41afb581ef666c6c23406210d45455590408e2567014d8a
84d38e5d224f29fafbb0ecc3475cb94cd7df7a17fe9133139a7677cec420c499
84f127c53f82b4516768e930d903bf5e0522887074052578145e08d2ba409a28
856a91fe9a83d70c017ad8a7fadd0e5813ef2ca731c8f7644b0b4bf2dbe0e302
89374764b1c47772b9b7c85af3761063f6f37e3d3c20f4c7a123afae915d1e31
89c80d2e8672ebd49da0e7669159676c086e0b4d122d5df3b0563465d4808a2d
89f95f5e6eb76319aeac8f44337b4a21ba82d266b60a495658f48ac6b9759b1e
8a568ac0428f6d7e4801f330902d4a6e47cc31a58b9afccd687d90aede26aa17
8af864b837e8fb646957e684235bccb6b097dbc41953112cea38d43c4785de99
8b627643e7a04afa0636780ae49084c35905e2429400e28a2ff5f074ad500866
8c2c4208b2042b5d7f3173b4e3fda699d802183f94968e8ea7f7d822be201e17
8c76aaa9d4eb842dbf166f25fde1ab73cb3035c7347775bebb3b9611e7edee93
8c77732b2cc82e0ec8fceaa421a89360fb6017eb17aba1629e427c54e0cc5d08
8dd812109c87559552ac89eb7f352a08baae02f5343b43b28d62c871a9e78df8
8f346a395088c8d739911230460e80c86948604af2506195be66bc770c21cfc2
8fd99ae891271f08519932a03c375a607b662b7ddecf47d45b7d3b9771504b7c
90438c83bdc3d682d1a6d494328898e6ce1faf37ced4da7191fcc29d4fb22358
904bf79f059c1e22b4b20cb1e86895a89c017c85e48dad545928a6e103d2d8cf
934f803814b875864de3c0e37448c0ef45567554a6f1bbef14a8807357fc66a9
936d9f31827f42dab25eb52fd38e687df4d2b8fab254bd05e36806a026cfc2a1
93ce75e5eb31481969ea384e9b1464cdf304eec087ccc4149cd593715921507f
9491e42e80522eb4fe221982275a047109c974bbe57fa16efdf912b2b4a88812
94b2b7f2a8893626b0131f4948a936e95f943ab4aeb1c02ee69bd760ae946662
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
969fd990bcd980d6754827a283c9c9f447f98958adbf6bd4c0e134440e2fe7e6
9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded
977dd22b80e2065a8a71e5f313e1063e81dac24d9244da5269fb830fcc3db384
979b86364648e67957ed75c12ec72a584055ec6a8352ad6ceaefe35800e371f3
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
983ccb9144855e909faaf3a4ae344c8f8075d023b109163ef50308ac540c0d54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990f842be796cd1cd8e9ef44722f29273e8dc47753c9838606d7d4c23b5bbc66
99c219740a5f4d046b97ba28f4484bf2f26e549d277c06a30f8e8614bdf1af97
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99f48e1f13877f3a2b73bdf8f280632d8d42f4004f83b2417d8192649b501058
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e503fcfcd5e0554aa8441ca0b65811e2439fa9b4284bb5b531f39686aa1ca25
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bdcd0c8b8b3b686a3d9fd02dc3f5b716f810115bad6d5b284c34923b8b0797
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a4f6ca79d14dad289eb7035d0e81e04571532d249fa80845c38bd1d274a493e9
a8b206e531109b2625b13710358dbc560650a4b79f3203d18089da2c747c981d
a8e2be07bb69903af70693cf71d0c906dab2da73d63179563030127daa74ae7b
a9b58b55da1ceff3f810fac13d608902734ced3cbc9c6683d032555f713f1598
ac0eb9b299d05c43ce0bb3bccfe28d38c78ab3f8442854f1f28b1e5a64237505
ac3382404be8a8d34920acbf877d3bd521b96d1b379af6a62201de4ff3d5974f
aca4f749f47c80bff1e6687dd929821c176015ea52b31a042ef3482e35dab2a8
ae7c16ecb8e3d6f4fa8815a304c49b31057e0a060400bf3ebc7684250fb59d76
aefbc53a26bcf50b968ec231b9848483e043e5e47518a8fe0d93349f7ed15fa8
af2ae945bb9555183cf0cee9c4cbc656844d58eb5122b0d9c49ae7dc64cade61
afdce64337939b626486ba0cdbe7fae47de9318d87f96806115fd034a287475d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2478c41d2aa77c7181398ec3c1d72d6ec80f8c6df4852a4a6abb35faa68f2c8
b27826240abf60c5364587e275127f0d56f215f7ee009a83b8f78c3e6256c120
b3b24077b5d68982367d8c0653653db94c2e03d5ab5b0d8ba373610a661cbbc8
b424e0abf0547407ffeb1e6cacc3121d61cb929c85d1df701543df826e21c834
b4353fa34ccc28f20f9d27816842ac9a0be061418d9ea23bb2741290a5608a7b
b54624bce5ac132e69fdab26fe728b9b6354f143d6ef63c79b083a9e06dc56df
b55c8dc841d5dc93a53e6a5a23187afda320ae63e3d5db4de3662e2284b718a9
b61d9d52aa31cd8585e85b3ee0d196a02aa3b6359591dbd5b7522c501b625a01
b7c9dd475a3dd85b8ee4e4ca9baed4ef4d2020ea8f470b41125798056d590312
b8af1a21aaebbabbbe5599ffc3021593ec26006c7691bc4bf4a4c3f5dffa9c53
ba129f3fab709dcad8916478c2d18c9cdb1b37ffd1fdc8fd998dc4f3753460c6
ba4efb6dcf5a93b760b2118391fbf8d7514512cdd99314f768674c84dd11c70c
ba5a53d99b4e015e652e675e9dfedc98345a7c2fc7d0c945aa0d8ddb2647efdd
bc1d2dacd71dc7670eb3c2cdb7fd937015a512f58a17ef5d959f7cb28f2b5125
bc97ec41ce596bcb499370c188d8c8a68975d2380edf6afba5c0afb15a968146
bdbbea2fda09ca1672c1555c8ce2343ff0b71179502fb3573ff5acad07436764
beaacc720264e77de9d27705284a709816ed317c515eae856298675a45ad55f1
bf08d53d64bd0d01bce2588cb207bb8a4e4676a50fca383612c0f4e977dbf6c1
bf622c70cd52085f8d3672dd27abf0ccdf5600297221514aa41dbaf2a0f6b1d2
c009807b93d04cb58be1e2cdac7934a512c8b3913eefd0d3f9a72563228a02dc
c0cd2b43dfffab38aadefdf84a86cff9c74dc945f428aaef6952ec2a30856b3f
c1267435ec936c4fd6bfbff2f4b2070885d3e86504845498bf1e8cfa1395cccf
c138f5424629d2a5ca8504b783784078b326a7a8426ce38386e4f4a419047b93
c202fa47b1e870eda900429ac214c6cc09f83725e4102ddb52bcf54aa8021e08
c2cd0b29da2ed0b9e15eb8bd86e578db122ba927b80c972ee234ff15919bedab
c34952ec20476833833b0d39326c2a85bd26f1ab04b355187f53eacddbdb7c77
c413164a9b4ed42792a4fe35e0d5787dc48aa26ffc99159ec329b47b665b8269
c42688c6b7c3ede14a89c83ed21e2bee0a9ef6b36efd49e975841250c3ecd63b
c49ea94600a30e656eb35d04397b1c4904f86bd1f389cde1bd4b749a8fabd765
c4e89b033043cc5831fc630e61deed58bace2a47f02cae35327ee2f5b0f121c6
c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc
c5c309dc1bc82d4fe3d7053eb352bcf34e286d8181c16245a73620801c041711
c75080f509c6770bdc4683cea9e6d62d1f04eb6cc0adb6adb1921dd278292da6
c8880cd4a244227071917238cecf976d01c97ade91d9b3f81fca199f25a96d5b
c894e36ce8c2da73b9ef78b4326802029503afaa6160ff12c985e6e6f9beaa5c
c8afca9512d3621d70ef92f344d7038b85116758f29d7f8880bca9f4d77f1de2
c97995267e0c2da1ded20bd58c8063750e48c2b107b32411f12b2f10636212b2
cb07c03575d9216bbc7f32e716129101e0dd878a19a0adbc249656f47cf1a3a3
cb91e5a485f9cb8d412446bed3cd1b84c7df47f308d30be5b6399722d6717c53
cc3b5c34ad28ff9a2cf4f5240f4784c42b3eb912e7a0785e3f9a808471d1b3c1
cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23
cf364725e43f8e13a2ef4fd655ad9455a89921cee588624134f2b6dd660744ed
cf3d3c393d6648a70ff135348b8f09a763b675d6b106e38bd9b5a73c2d6577ae
cf3f64e557664715822118f634f01674945e63c8cec05f7e87831137e630a1fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf84ebaaa179f5416836ebbc971cd38da24e04640f673bd0302599faf3c39483
d14e7127ffdc9044718daab6c2a828a11011ed600b2a339db043b542ef33af99
d1d3ebdb0a13d47d07c440c8dbd6dcaa96a58ec8ac53446a140497c2013c2567
d2dccb7019dff8b98265aee043f800ba56e6dfc5fa26dcf7ea029dfff8825f36
d433d17de4e6361e02ae7d1c4fc02416a05abab905c9cda5c296f6ffa3af8496
d676d55fe122e2842ec0a95808d5d9d224dfee35d006a49a142234b049bfdc27
d6d6a9b90bdd341f52f1c5dd52286c116bd7fbb8af3a325a716ae29b71a376c5
d7533f175597319c9b2fb5e9f28d99d30080307a887b50a837707c88234310f1
d83979120aea89605f3fef94e0acbdc5724473cbd9084b27bea5ffd899839f79
d84d14dbcd61c67db98552b0d70146f860df3f4150a5ff3387ca6dfe17814f23
da506c8a9c8a9f31aa00eaeef23d49764b9ace97158a1a0a7aa628e6d446b0fb
dae82102158a00126d6386338f5729f70962283d5faf3f0d109c5974a0b67629
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9ab13cffc9c241f1be1c1ca9be0a1dd02704f88b1cfff10250de5e48d10d44
df2b4dfc7e9d7d2f321750c35c586c1a5606f0b65cd7c7a43304249ad8dde209
dfbca6040f3d8352da55124ac60a7f6b2535173a3b47bec0c9323b71a5b775a1
e22e57942c76636bd88c6fd78331aea76ed444ddcd921d5ea0c33771e0962a16
e297ed4f454d334c906e98fbff8f880b9f9d9bec25755d4cd994c9e104d6fedb
e2a399b035f9774d3ee9bf4ae99dd261a1e5abe94b321c71c61b3edfd84b5b4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e402b33cf5a490370ed5540ed239dad717dec6eaed1ac28f65bc1e69c394c8df
e4d053ad19ac0f9a306b470ab5a507d03f53860e7b64157f43ceef9d9f7a1088
e5d94f01fd8cd981adbedb5fc397328c3506733e5e0ad7c6c4a70d55eea04093
e6f78c7bc296711ef2729169000fbdb45c5086498f30542eb0394893eebfb5ba
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7b483c3b575577f683cf3849e3a79a5385b9844b630adcdc31149900606460
f1fe21b0bc502937ca6c447ceebdfc4671f21c6be720a112143a486efdacc093
f2e990c80078ee4290e44417106dbed505582483d6e42fdf70f1ccb7c82615ed
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f5cb2cf05f6698df24cfd83ae39f05f17c2b46cc3d28faaf99b42393e7b33013
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f7f784c882e926082511adb84468522f5b4ddb936e151b984fefeb30fea62166
f8224d6d05efe683610ac731f06c24e1b3caeec0ffac74e523764754126fe4a3
fba567510c78e74f786a08758c04c5ea612bd27ee9c775c5fb4753e57c1df6ab
fe2ce0301f0859a587ee52ab6e695a6db0f3863ecb980eba520c866949a834ae
ff55feea2abc752e20a7ca167e2e631fb3f9006f86296bf26173cb53c59024de
ffd2d05563ef81e794e229a9ce946f359eb8b506e37b58b3bcedca902b7fd264

quickwin765412.com Open in urlscan Pro 45.8.107.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

299 Requests

95 %HTTPS

34 %IPv6

47 Domains

65 Subdomains

52 IPs

9 Countries

5807 kBTransfer

15447 kBSize

36 Cookies

0 Outgoing links

Page URL History

Redirected requests

299 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

quickwin765412.com Open in urlscan Pro
45.8.107.102 Public Scan

Screenshot
Live screenshot

Full Image

299
Requests

95 %
HTTPS

34 %
IPv6

47
Domains

65
Subdomains

52
IPs

9
Countries

5807 kB
Transfer

15447 kB
Size

36
Cookies

299 HTTP transactions
7 data transactions