quickwin765412.com Open in urlscan Pro
94.242.229.244 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://quickwin765412.com/
Submission: On December 25 via api (December 25th 2023, 5:45:21 pm UTC) from US — Scanned from DE

Summary HTTP 371 Redirects Behaviour Indicators

Summary

This website contacted 79 IPs in 12 countries across 76 domains to perform 371 HTTP transactions. The main IP is 94.242.229.244, located in Luxembourg and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is quickwin765412.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2023. Valid for: a year.

This is the only time quickwin765412.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
166	94.242.229.244 94.242.229.244	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	18.66.242.68 18.66.242.68	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	78.47.189.205 78.47.189.205	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
34	34.120.135.117 34.120.135.117	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	94.242.230.31 94.242.230.31	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.139.19 52.222.139.19	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:672	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.228.178.86 18.228.178.86	16509 (AMAZON-02) (AMAZON-02)
2	88.214.195.93 88.214.195.93	46636 (NATCOWEB) (NATCOWEB)
1	2600:9000:224... 2600:9000:224a:3800:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	138.197.230.29 138.197.230.29	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
4 19	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
4	2606:4700:303... 2606:4700:3032::ac43:cb12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
15	185.199.175.191 185.199.175.191	43927 (HOSTERION) (HOSTERION)
5 10	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.162.159.92 178.162.159.92	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:303... 2606:4700:3038::6815:ea9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.233.14 18.173.233.14	16509 (AMAZON-02) (AMAZON-02)
4 7	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 4	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	2.23.7.34 2.23.7.34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	18.165.183.56 18.165.183.56	16509 (AMAZON-02) (AMAZON-02)
4	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7 7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 3	54.194.146.163 54.194.146.163	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.197.216.192 34.197.216.192	14618 (AMAZON-AES) (AMAZON-AES)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4216:f6cb:3f79:9ccd:b60d	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.216.96.95 54.216.96.95	16509 (AMAZON-02) (AMAZON-02)
2	54.247.15.19 54.247.15.19	16509 (AMAZON-02) (AMAZON-02)
2	18.196.198.248 18.196.198.248	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	34.120.139.69 34.120.139.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.201.99 35.186.201.99	15169 (GOOGLE) (GOOGLE)
1	99.81.117.7 99.81.117.7	16509 (AMAZON-02) (AMAZON-02)
1	23.32.185.192 23.32.185.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.28.225.34 52.28.225.34	16509 (AMAZON-02) (AMAZON-02)
1	91.134.110.136 91.134.110.136	16276 (OVH) (OVH)
1	2607:ae80:192... 2607:ae80:192:1::172	26558 (FREEWHEEL) (FREEWHEEL)
3 3	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 4	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	54.194.101.149 54.194.101.149	16509 (AMAZON-02) (AMAZON-02)
1 1	52.214.72.66 52.214.72.66	16509 (AMAZON-02) (AMAZON-02)
1	52.218.97.186 52.218.97.186	16509 (AMAZON-02) (AMAZON-02)
4 5	217.79.178.233 217.79.178.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.141.41 139.162.141.41	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	193.135.9.128 193.135.9.128	48314 (IP-PROJECTS) (IP-PROJECTS)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	18.66.248.68 18.66.248.68	16509 (AMAZON-02) (AMAZON-02)
2 3	54.217.36.38 54.217.36.38	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.164.72 52.57.164.72	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2.19.85.30 2.19.85.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:224... 2600:9000:224a:da00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	52.58.128.62 52.58.128.62	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	54.94.153.138 54.94.153.138	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6816:85a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	34.110.191.112 34.110.191.112	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:95a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
371	79

166 94.242.229.244 (Luxembourg)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

quickwin765412.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.242.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-68.dus51.r.cloudfront.net

d3mi6d1ao3fzsg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.47.189.205 (Mundelsheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.205.189.47.78.clients.your-server.de

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 34.120.135.117 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.135.120.34.bc.googleusercontent.com

sb2widgetsstatic-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.242.230.31 (Luxembourg) 3 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

quickwin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-19.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:672 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adjs.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.228.178.86 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-228-178-86.sa-east-1.compute.amazonaws.com

event.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.93 (United Kingdom)

ASN46636 (NATCOWEB, US)

track.wolf22.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:3800:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.230.29 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

pixel.adfyier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 37.157.6.243 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:cb12 (United States)

ASN13335 (CLOUDFLARENET, US)

scpt.getrmads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.getrmads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.199.175.191 (Floreşti, Romania)

ASN43927 (HOSTERION, RO)
PTR: eros.hosterion.net

winner-slots.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.141 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.159.92 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

reichelcormier.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea9b (United States)

ASN13335 (CLOUDFLARENET, US)

track.aso1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-14.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.131 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20846458p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.20 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.7.34 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-7-34.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

quickwin.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.165.183.56 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-56.zrh55.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.146.163 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-146-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.216.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-216-192.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:f6cb:3f79:9ccd:b60d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.96.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-96-95.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.15.19 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-15-19.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.198.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-198-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.117.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-117-7.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.225.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-225-34.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.134.110.136 (France)

ASN16276 (OVH, FR)
PTR: ip136.ip-91-134-110.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:192:1::172 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.51.122 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.51.121 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.101.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.72.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-72-66.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.97.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.79.178.233 (Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm48.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.41 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags1.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.128 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-68.dus51.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.217.36.38 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-36-38.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.164.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.85.30 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-30.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:da00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.128.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-128-62.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.94.153.138 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-153-138.sa-east-1.compute.amazonaws.com

cms.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:85a (United States)

ASN13335 (CLOUDFLARENET, US)

sb2frontend-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.110.191.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.191.110.34.bc.googleusercontent.com

sb2auth-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sb2bonus-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:95a (United States)

ASN13335 (CLOUDFLARENET, US)

sb2integration-altenar2.biahosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
166	quickwin765412.com quickwin765412.com	3 MB
46	biahosted.com sb2widgetsstatic-altenar2.biahosted.com — Cisco Umbrella Rank: 337081 sb2frontend-altenar2.biahosted.com — Cisco Umbrella Rank: 180198 sb2auth-altenar2.biahosted.com — Cisco Umbrella Rank: 204926 sb2integration-altenar2.biahosted.com — Cisco Umbrella Rank: 215806 sb2bonus-altenar2.biahosted.com — Cisco Umbrella Rank: 217825	400 KB
22	adform.net 5 redirects s2.adform.net — Cisco Umbrella Rank: 6115 track.adform.net — Cisco Umbrella Rank: 4289 a1.adform.net — Cisco Umbrella Rank: 10616 c1.adform.net — Cisco Umbrella Rank: 560 dmp.adform.net — Cisco Umbrella Rank: 2870	47 KB
15	winner-slots.online winner-slots.online	229 KB
10	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	8 KB
8	doubleclick.net 7 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234 se.semasio.net — Cisco Umbrella Rank: 21526	4 KB
7	rfihub.com 4 redirects 20846458p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 825 a.rfihub.com — Cisco Umbrella Rank: 2935	12 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2043 ekr.zdassets.com — Cisco Umbrella Rank: 2264	349 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	479 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 21125 tags.adsafety.net — Cisco Umbrella Rank: 77268	9 KB
6	getblue.io event.getblue.io — Cisco Umbrella Rank: 31225 widget.getblue.io — Cisco Umbrella Rank: 33320 cms.getblue.io — Cisco Umbrella Rank: 48957	7 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	511 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	148 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	34 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	158 B
4	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 1785	3 KB
4	getrmads.com scpt.getrmads.com — Cisco Umbrella Rank: 433236 metrics.getrmads.com — Cisco Umbrella Rank: 399781	4 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2112	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661 load77.exelator.com — Cisco Umbrella Rank: 3503	2 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
3	eskimi.com dsp-media.eskimi.com — Cisco Umbrella Rank: 40740 dsp-trk.eskimi.com — Cisco Umbrella Rank: 38884 dsp-ap.eskimi.com — Cisco Umbrella Rank: 17656	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	quickwin.com 3 redirects quickwin.com	387 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12816	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	1 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	647 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	928 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	617 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	675 B
2	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 499	866 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 981	688 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 491 eu-u.openx.net — Cisco Umbrella Rank: 2473	361 B
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 859 simage2.pubmatic.com — Cisco Umbrella Rank: 723	450 B
2	seadform.net server.seadform.net — Cisco Umbrella Rank: 32226	933 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12331	2 KB
2	wolf22.xyz track.wolf22.xyz	997 B
2	adjs.media adjs.media — Cisco Umbrella Rank: 219942	2 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 72639 rtg.prdredir.com — Cisco Umbrella Rank: 155727	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	995 B
2	cloudfront.net d3mi6d1ao3fzsg.cloudfront.net	31 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1855	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23748	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	238 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	921 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20737	444 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 30222	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 23648	407 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 799	265 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 526	639 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	163 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4608	38 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 461	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	235 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	199 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1153	175 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1554	182 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1491	109 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 665	619 B
1	zendesk.com quickwin.zendesk.com	1 KB
1	aso1.net track.aso1.net	332 B
1	reichelcormier.bid reichelcormier.bid — Cisco Umbrella Rank: 104997	354 B
1	adfyier.com pixel.adfyier.com — Cisco Umbrella Rank: 98062	1 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5475	6 KB
1	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 25793	76 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
371	76

	Domain	Requested by
166	quickwin765412.com	quickwin765412.com
34	sb2widgetsstatic-altenar2.biahosted.com	quickwin765412.com sb2widgetsstatic-altenar2.biahosted.com
15	winner-slots.online	quickwin765412.com winner-slots.online
9	c1.adform.net	2 redirects track.adform.net c1.adform.net
7	cm.g.doubleclick.net	7 redirects
6	secure.adnxs.com	3 redirects quickwin765412.com c1.adform.net
6	www.googletagmanager.com	quickwin765412.com www.googletagmanager.com winner-slots.online
6	static.zdassets.com	quickwin765412.com static.zdassets.com
5	cm.adsafety.net	4 redirects c1.adform.net
5	analytics.tiktok.com	winner-slots.online analytics.tiktok.com
5	track.adform.net	2 redirects www.googletagmanager.com quickwin765412.com
5	www.google.com	quickwin765412.com www.gstatic.com www.google.com winner-slots.online
4	sb2bonus-altenar2.biahosted.com	quickwin765412.com
4	sb2frontend-altenar2.biahosted.com	quickwin765412.com
4	se.semasio.net	3 redirects c1.adform.net
4	dsum-sec.casalemedia.com	2 redirects quickwin765412.com c1.adform.net
4	ib.adnxs.com	2 redirects quickwin765412.com event.getblue.io
4	idsync.rlcdn.com	quickwin765412.com c1.adform.net
4	p.rfihub.com	3 redirects quickwin765412.com
4	live.rezync.com	4 redirects
4	a1.adform.net	1 redirects s2.adform.net quickwin765412.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	sb2auth-altenar2.biahosted.com	quickwin765412.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	dpm.demdex.net	2 redirects quickwin765412.com
3	fonts.gstatic.com	www.google.com fonts.googleapis.com
3	event.getblue.io	www.googletagmanager.com event.getblue.io
3	quickwin.com	3 redirects
2	cms.getblue.io	event.getblue.io
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	metrics.getrmads.com	scpt.getrmads.com metrics.getrmads.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	quickwin765412.com c1.adform.net
2	beacon.krxd.net	quickwin765412.com c1.adform.net
2	aa.agkn.com	1 redirects quickwin765412.com
2	ps.eyeota.net	quickwin765412.com c1.adform.net
2	a.rfihub.com	1 redirects c1.rfihub.net
2	server.seadform.net	quickwin765412.com
2	connect.facebook.net	winner-slots.online connect.facebook.net
2	my.rtmark.net	www.googletagmanager.com quickwin765412.com
2	scpt.getrmads.com	www.googletagmanager.com scpt.getrmads.com
2	track.wolf22.xyz	www.googletagmanager.com quickwin765412.com
2	adjs.media	quickwin765412.com adjs.media
2	www.google-analytics.com	www.googletagmanager.com quickwin765412.com
2	fonts.googleapis.com	quickwin765412.com sb2widgetsstatic-altenar2.biahosted.com
2	d3mi6d1ao3fzsg.cloudfront.net	quickwin765412.com
1	sb2integration-altenar2.biahosted.com	quickwin765412.com
1	www.google.de	winner-slots.online
1	www.facebook.com	winner-slots.online
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	match.adsrvr.org	c1.adform.net
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	widget.getblue.io	event.getblue.io
1	dsp-ap.eskimi.com	dsp-media.eskimi.com
1	dsp-trk.eskimi.com	dsp-media.eskimi.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	partners.tremorhub.com	quickwin765412.com
1	x.dlx.addthis.com	quickwin765412.com
1	bpi.rtactivate.com	quickwin765412.com
1	contextual.media.net	quickwin765412.com
1	us-u.openx.net	quickwin765412.com
1	image2.pubmatic.com	quickwin765412.com
1	quickwin.zendesk.com	static.zdassets.com
1	rtg.prdredir.com	quickwin765412.com
1	dsp-media.eskimi.com	winner-slots.online
1	region1.google-analytics.com	www.googletagmanager.com
1	20846458p.rfihub.com	c1.rfihub.net
1	script.hotjar.com	static.hotjar.com
1	track.aso1.net	quickwin765412.com
1	reichelcormier.bid	www.googletagmanager.com
1	s2.adform.net	quickwin765412.com
1	pixel.adfyier.com	quickwin765412.com
1	c1.rfihub.net	quickwin765412.com
1	scripts.prdredir.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ekr.zdassets.com	quickwin765412.com
1	cdn.cookie-script.com	quickwin765412.com
0	global.ib-ibi.com Failed	c1.adform.net
371	103

This site contains no links.

Subject Issuer	Validity	Valid
quickwin765412.com Cloudflare Inc ECC CA-3	`2023-03-15` - `2024-03-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sb2widgetsstatic-altenar2.biahosted.com GTS CA 1D4	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
prdredir.com GTS CA 1P5	`2023-11-01` - `2024-01-30`	3 months	crt.sh
adjs.media E1	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.getblue.io Amazon RSA 2048 M02	`2023-10-30` - `2024-11-27`	a year	crt.sh
*.wolf22.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-03-31` - `2024-04-30`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
saleguard.shop Go Daddy Secure Certificate Authority - G2	`2023-06-11` - `2024-06-10`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
getrmads.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
winner-slots.online R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh
reichelcormier.bid R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
aso1.net GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2023-03-20` - `2024-04-12`	a year	crt.sh
quickwin.zendesk.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sb2frontend-altenar2.biahosted.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.biahosted.com Go Daddy Secure Certificate Authority - G2	`2023-08-31` - `2024-10-01`	a year	crt.sh
sb2integration-altenar2.biahosted.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://quickwin765412.com/
Frame ID: 8CDB4AD013AB434CFDFFB70E2C5A20CE
Requests: 263 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yb56d19dkezz
Frame ID: 375FDF1B789CDC48693919014098EFE9
Requests: 8 HTTP requests in this frame

Frame: https://winner-slots.online/
Frame ID: CA91AF1EE0E968C91EA34B49E4503CC3
Requests: 34 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: 8C3AD3005F10BB462F10DAE8C0C3CA59
Requests: 6 HTTP requests in this frame

Frame: https://20846458p.rfihub.com/ca.html?ver=9&rb=48767&ca=20846458&_o=48767&_t=20846458&pe=https%3A%2F%2Fquickwin765412.com%2Fen%2F&pf=&ra=433609111160584
Frame ID: 0DDEE9BB596A63C28F63B086DC517F75
Requests: 18 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Frame ID: 0ADE1AF3A0DE4F8390718183760A6F15
Requests: 41 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&ulc=&v=29092023-1023&nocache=3129290529248.516
Frame ID: 02EB562F7821C35F78897F6326137BBB
Requests: 5 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=48767&ca=20846458&ri=3164f5238a1ea42278c4c4091a9dc9ad&stats=%7B%2213488%22%3A%221003%2C2%22%2C%2217243%22%3A%22101%2C1%22%2C%2242261%22%3A%22433%2C1%22%2C%2250495%22%3A%22727%2C1%22%2C%2252220%22%3A%22514%2C1%22%2C%2253935%22%3A%22444%2C1%22%2C%2254497%22%3A%22534%2C1%22%2C%2254855%22%3A%22433%2C2%22%2C%2254863%22%3A%221013%2C1%22%2C%2255073%22%3A%22433%2C2%22%2C%2256659%22%3A%22444%2C1%22%2C%2256885%22%3A%22494%2C2%22%2C%2257347%22%3A%22540%2C2%22%2C%2257363%22%3A%22695%2C1%22%2C%2258143%22%3A%22436%2C1%22%2C%2258553%22%3A%22746%2C2%22%2C%2258561%22%3A%22494%2C1%22%7D&ra=6147430088633359
Frame ID: 1644D03AA74E2A6B1790C1DC94384DF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Online Casino for Online Betting and Gaming | Quickwin

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

371
Requests

92 %
HTTPS

26 %
IPv6

76
Domains

103
Subdomains

79
IPs

12
Countries

6062 kB
Transfer

15867 kB
Size

72
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg

Request Chain 86

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg

Request Chain 87

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg HTTP 307
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg

Request Chain 125

https://secure.adnxs.com/seg?add=35276001&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

Request Chain 126

https://secure.adnxs.com/seg?add=35276004&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

Request Chain 206

https://a1.adform.net/Serving/TrackPoint/?pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=417752202514&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=417752202514&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 207

https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=406063975414&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=406063975414&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 208

https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=551239907792&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=551239907792&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 229

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731643755681&referrer=https%3A%2F%2Fquickwin765412.com%2Fen%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dcb4f628c-2103-44f9-9d25-7e807ff01ad2%253A1703526316.1873386%26_%3D1703526316.188818&cb=1703526316.1888514 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731643755681&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dcb4f628c-2103-44f9-9d25-7e807ff01ad2%253A1703526316.1873386%26_%3D1703526316.188818 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.188818

Request Chain 230

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTY0Mzc1NTY4MQ==&forward= HTTP 302
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTY0Mzc1NTY4MQ==&forward=&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBkcGDgRD1YFlbR5awdje1I&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731643755681&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dcb4f628c-2103-44f9-9d25-7e807ff01ad2%253A1703526316.1873386%26_%3D1703526316.3954232&cb=1703526316.3954585 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731643755681&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dcb4f628c-2103-44f9-9d25-7e807ff01ad2%253A1703526316.1873386%26_%3D1703526316.3954232 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.3954232

Request Chain 232

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559731643755681&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731643755681&redir=

Request Chain 235

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559731643755681&bid=omt9pi0

Request Chain 238

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731643755681&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731643755681&forward=&C=1

Request Chain 245

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZYm-rAAJnXrvxQBU HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYm-rAAJnXrvxQBU&_test=ZYm-rAAJnXrvxQBU

Request Chain 266

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404315708731918970&expiration=1704735915 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404315708731918970&expiration=1704735915&C=1

Request Chain 267

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5404315708731918970&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5404315708731918970&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=5404315708731918970&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7316589815103223966&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=4223567696920478705&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MTFFNkMxNjMxMTg2OTBBNw&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEDevC4UIIpIxTVcTh9BjmPg&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEDevC4UIIpIxTVcTh9BjmPg&sInitiator=internal&google_cver=1&gdpr=

Request Chain 269

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5404315708731918970 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5404315708731918970&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 274

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 275

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5404315708731918970 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM1202312251745fb83a7938b25bf1b6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=2c81ba266a9d707eb2e21629d1459895 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzEyMjUxNzQ1ZmI4M2E3OTM4YjI1YmYxYjY&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEIeZMs25j075bC2HSwoX6Yo&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202312251745fb83a7938b25bf1b6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=2c81ba266a9d707eb2e21629d1459895&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202312251745fb83a7938b25bf1b6 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2864804386523492739

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTQwNDMxNTcwODczMTkxODk3MA HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP_54ivskY1ICPchDN1E92s&google_cver=1&google_ula=1641347,0

Request Chain 279

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=4223567696920478705&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=2864804386523492739

Request Chain 282

https://a.audrte.com/a?adform_uid=5404315708731918970 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWE3UFVsZ296WExSTmEzaVFPdEFqMFJqdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 283

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5404315708731918970&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=34847029226766502724360514930461732386&noredirect=1

Request Chain 284

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5404315708731918970 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219783204741002886496

Request Chain 285

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7316589815103223966

Request Chain 287

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=y9ohstzc1RhP0U5

Request Chain 291

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1883330046 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=DKB0Dz2boxGKnEP1wCifJO

Request Chain 306

https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&google_ula=6572934421&ula=6572934421&google_hm=RjRFMERCMzktQzI4OC00RkYxLTlEQzU1MTY4NDE3NzdBRkQ&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da HTTP 302
https://cms.getblue.io/cm/?src=adx&child=europe&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&google_gid=CAESEDJK2UqEJnfNoWMr6caL66o&google_cver=1&google_ula=6572934421,0

Request Chain 308

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&appnexusid=$UID HTTP 302
https://cms.getblue.io/cm/?src=appnexus&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&appnexusid=4223567696920478705

371 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
quickwin765412.com/ 12 KB
5 KB 140ms
83ms Document
text/html 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81925af97f3e8821604ebaa3cb625012d8eb2bf15edb7d5dc8dce3ac41f9449

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 15
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 83b2e585dda36ae2-FRA
cf-revalidated: Mon Dec 25 2023 17:44:58 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1703526358657
content-encoding: br
content-type: text/html
date: Mon, 25 Dec 2023 17:45:13 GMT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
server: cloudflare
vary: null, Accept-Encoding

GET
H2 200 runtime.89148cf49948a80c6a45.js Show response
quickwin765412.com/ 3 KB
2 KB 68ms
67ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbde216af37a4c3b99b0cf2955a5045ded2d17cfb5e96da4226e986a2e4cf3dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 311
etag: W/"6582f8cd-c1b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526063515
cf-ray: 83b2e5866e626ae2-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:40:03 GMT+0000 (Coordinated Universal Time)

GET
H2 200 polyfills.250fe061a3885860ec19.js Show response
quickwin765412.com/ 56 KB
19 KB 86ms
86ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2dccb7019dff8b98265aee043f800ba56e6dfc5fa26dcf7ea029dfff8825f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 311
etag: W/"6582f8cd-de0d"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526063511
cf-ray: 83b2e5866e636ae2-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:40:03 GMT+0000 (Coordinated Universal Time)

GET
H2 200 main.b8bc3f321d8e2be331ed.js Show response
quickwin765412.com/ 3 MB
782 KB 86ms
86ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b824c9b63a35a3775df3b6db43259eb786f2f6871e2950fb8afc3a83744e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 311
cf-polished: origSize=3265532
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:40:03 GMT+0000 (Coordinated Universal Time)
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6582f8cd-31d3fc"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526063548
cf-ray: 83b2e5866e656ae2-FRA

GET
H2 200 initial.css
quickwin765412.com/assets/ 2 KB
561 B 34ms
34ms Stylesheet
text/css 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/initial.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c80d2e8672ebd49da0e7669159676c086e0b4d122d5df3b0563465d4808a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1768303
cf-polished: origSize=2151
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: W/"65671356-867"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e5866e666ae2-FRA
expires: Thu, 18 Jan 2024 17:45:13 GMT

GET
H2 200 styles.9df026521b966c17f6cb.css
quickwin765412.com/ 218 KB
45 KB 86ms
86ms Stylesheet
text/css 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/styles.9df026521b966c17f6cb.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af270819ef7138e262d3b7b08dae6e93875f5b0f1328f1bd98d66f819686563

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 36
cf-polished: origSize=222896
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:44:38 GMT+0000 (Coordinated Universal Time)
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6582f8cd-366b0"
vary: null, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cf-ttl: 1703526338663
cf-ray: 83b2e5866e696ae2-FRA

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dots.png
quickwin765412.com/cdn-static/images/quickwin/pattern/ 244 B
455 B 77ms
77ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/pattern/dots.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193561f978c5db1176bd70243ced9ace558b0d6b544124c7624259b605c99fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 398306
cf-polished: origFmt=png, origSize=531
x-cache-status: MISS
content-disposition: inline; filename="dots.webp"
alt-svc: h3=":443"; ma=86400
content-length: 244
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-213"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1703526374041
accept-ranges: bytes
cf-ray: 83b2e5867e7d6ae2-FRA
expires: Thu, 04 Jan 2024 00:17:35 GMT

GET
H2 200 preloader.jpg
quickwin765412.com/assets/images/ 328 KB
328 KB 36ms
36ms Image
image/jpeg 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/preloader.jpg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

384e5a56b7bb4a02faf44722bb96cc1c76207e809aa295855d16484ffd633108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1586672
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
content-length: 335634
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: "65671356-51f12"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 83b2e5867e806ae2-FRA
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 locales.48fccbdb86ab5def3035.js Show response
quickwin765412.com/ 121 KB
13 KB 69ms
68ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/locales.48fccbdb86ab5def3035.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af4ede967218ca52aa7c5d766e0af5992160ecc2382d0635db809e01a28ff18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 128
etag: W/"6582f8cd-1e3cb"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526246494
cf-ray: 83b2e5884f5c65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:06 GMT+0000 (Coordinated Universal Time)

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 74ms
29ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10280f6a705b52ee8eb4ee70aadf8a352a112ff9caf9266eab9666609e061e81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Dec 2023 17:45:14 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://quickwin765412.com/
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 13:11:36 GMT

GET
H3 200 translation Show response
quickwin765412.com/en/api/v2/lang/ 93 KB
27 KB 63ms
63ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/lang/translation

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4fe2b0fff3949427fae83fa1824eacdd5f66b37d59a0831bad99b0ffa5723b8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 128
request-id: feapi-7607cf6c-fca8-4b97-b2fa-78641c2f9936
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:06 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:43:06 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703526246697
cf-ray: 83b2e588d83265aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 info Show response
quickwin765412.com/en/api/v2/system/ 183 B
383 B 100ms
99ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/system/info

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

998d16cfc3888850fcf8cd864f344e3f68056559007a60d352ea9587e3b9d202

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-device-type: desktop
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
request-id: feapi-f6ac3b60-2e57-44a6-a1d2-2360147d89c1
cf-ray: 83b2e588d83365aa-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-device-name: Other

GET
H/1.1 200
OK webpush.min.css
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/ 13 KB
14 KB 93ms
23ms Stylesheet
text/css 18.66.242.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.css
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-68.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 969fd990bcd980d6754827a283c9c9f447f98958adbf6bd4c0e134440e2fe7e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 01:27:20 GMT
Via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Jan 2023 08:19:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P1
Age: 58675
x-amz-server-side-encryption: AES256
ETag: "c62351d1242c5274a315d76fd86d80d9"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13528
X-Amz-Cf-Id: J4wNhQXLYsItuPLnqSHCMr2pbsyyqON8LgeWyDw_goyHjJvOZlxvOw==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
995 B 77ms
29ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbffca692cf40b9d0611e20983dadef6e2adf9ce02b398257d0273245c619bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 17:19:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 17:45:14 GMT

GET
H/1.1 200
OK webpush.min.js Show response
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/ 17 KB
17 KB 92ms
22ms Script
application/x-javascript 18.66.242.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-68.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef7b483c3b575577f683cf3849e3a79a5385b9844b630adcdc31149900606460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 01:51:01 GMT
Via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Jan 2023 08:19:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P1
Age: 57254
x-amz-server-side-encryption: AES256
ETag: "e3c1f04a04c330afe06f406c451de0a1"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17209
X-Amz-Cf-Id: Jq8IUbeyG50KE4cngMFkrATKyliJB1yuf1d_dd7Ec6UjS6gWxWil9g==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 108ms
50ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=78bdcf45-56b4-43b3-a452-beb220803adc

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUdORY9suIsvRLM67Wi%2F8Zc8wuur8LcQogL8CTzXF1t7IhVUHsdbLgv2eDikv4Per5nyrW3gbbdaoN8rT8gYpzB6%2B89oVTvyFZxE9LsL3rwprO7WxiiZGsAzTLnMor1y%2FKNabQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 83b2e5894f8365b9-FRA

GET
H2 200 36dbf80a223b706873552176b2d9cede.js Show response
cdn.cookie-script.com/s/ 409 KB
76 KB 91ms
23ms Script
application/javascript 78.47.189.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/36dbf80a223b706873552176b2d9cede.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.47.189.205 Mundelsheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.189.47.78.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ef73dba5bbbc5efe6842b89586d4293e25296937b842b8b942fe583c9f2bf3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 06:55:36 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"47e433f551608f9d05dbc65c74e5a61d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
78 KB 78ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7141116b6270388115588ceb69ba2b1c4a993156c81e1f0b4b6380c2ea3b87cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79068
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 17:45:14 GMT

GET
H3 200 3.b4483b41d1bd2a47229b.js Show response
quickwin765412.com/ 95 KB
19 KB 88ms
87ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/3.b4483b41d1bd2a47229b.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b23f1d09ebe1ca5d6fb367ae8fd86f37e74391589bbc5fd58336fc007a4e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 128
etag: W/"6582f8cd-17d5e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526246756
cf-ray: 83b2e588f85865aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:06 GMT+0000 (Coordinated Universal Time)

GET
H3 200 6.9422763aa6671b693d5c.js Show response
quickwin765412.com/ 16 KB
5 KB 60ms
59ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/6.9422763aa6671b693d5c.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b13bb2a102816f21ae2b3f10a40cfbab4d4c601ddaebf4752a9076c2ff3ceb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 128
etag: W/"6582f8cd-3f7d"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526246773
cf-ray: 83b2e588f85965aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:06 GMT+0000 (Coordinated Universal Time)

GET
H3 200 9.dca6e2e16f0366661e9e.js Show response
quickwin765412.com/ 51 KB
11 KB 78ms
78ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/9.dca6e2e16f0366661e9e.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71c14d66d40edec2cdf95f0d0354a3f7d915413d4503d34f00151ddbc0f4a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 128
etag: W/"6582f8cd-cc36"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526246771
cf-ray: 83b2e588f85b65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:06 GMT+0000 (Coordinated Universal Time)

GET
H3 200 common.2f5d41891b1bf0a8be93.js Show response
quickwin765412.com/ 9 KB
3 KB 61ms
60ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/common.2f5d41891b1bf0a8be93.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f92e3790df8c048d1425e5973b962d4f0861da99a355802bfdc941a3dccb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 128
etag: W/"6582f8cd-2202"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526246753
cf-ray: 83b2e588f85c65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:06 GMT+0000 (Coordinated Universal Time)

GET
H3 200 18.3f64b531d00305b95edc.js Show response
quickwin765412.com/ 115 KB
25 KB 79ms
79ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/18.3f64b531d00305b95edc.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace7e99e54c48ac1e0f32d73656ef409e69139bff003b7aeef76462ee0594dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 128
etag: W/"6582f8cd-1cd9b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526246759
cf-ray: 83b2e588f85f65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:06 GMT+0000 (Coordinated Universal Time)

GET
H3 200 Medium.woff
quickwin765412.com/assets/fonts/ 36 KB
36 KB 37ms
36ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/Medium.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf622c70cd52085f8d3672dd27abf0ccdf5600297221514aa41dbaf2a0f6b1d2

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1768092
etag: W/"65671356-90d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e588f86165aa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 sprite.svg
quickwin765412.com/assets/ 122 KB
38 KB 43ms
42ms Other
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/assets/sprite.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b30be91b5dc80b46e2ef45cf597b7f1d91763142580faf796cf9685e633d77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1768333
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: W/"65671356-1e6ae"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e589896865aa-FRA
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 en.svg
quickwin765412.com/cdn-static/vector/flags/ 1 KB
896 B 60ms
59ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/flags/en.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac0eb9b299d05c43ce0bb3bccfe28d38c78ab3f8442854f1f28b1e5a64237505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 1354
etag: W/"645e0e31-497"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703525020876
cf-ray: 83b2e589896965aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:22:40 GMT+0000 (Coordinated Universal Time)
expires: Thu, 21 Dec 2023 14:57:15 GMT

GET
H3 200 de.svg
quickwin765412.com/cdn-static/vector/flags/ 7 KB
3 KB 76ms
75ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/flags/de.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42688c6b7c3ede14a89c83ed21e2bee0a9ef6b36efd49e975841250c3ecd63b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 127
etag: W/"645e0e31-1a27"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703526247522
cf-ray: 83b2e589896b65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)
expires: Fri, 29 Dec 2023 17:53:03 GMT

GET
H3 200 BoldItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 35ms
35ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/BoldItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b24077b5d68982367d8c0653653db94c2e03d5ab5b0d8ba373610a661cbbc8

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1768152
etag: W/"65671356-9b98"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e589896c65aa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 BlackItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 36ms
36ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/BlackItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d6a9b90bdd341f52f1c5dd52286c116bd7fbb8af3a325a716ae29b71a376c5

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1768156
etag: W/"65671356-9b10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e589896e65aa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 item Show response
quickwin765412.com/en/api/v2/seo/ 775 B
722 B 135ms
135ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/seo/item?id=home

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fbf319de6eec942f1b42488836f2862b0a3db4131f403fa692a51d930fb3f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 647
request-id: feapi-6916e213-afd9-465c-b395-1c3f9e953c3f
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:34:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:34:27 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525727129
cf-ray: 83b2e589b9b465aa-FRA
cache-created: 0
x-device-name: Generic Smartphone

GET
H3 200 1.67277e2c2166025d3c73.js Show response
quickwin765412.com/ 35 KB
8 KB 73ms
73ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/1.67277e2c2166025d3c73.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08df647ac6ae9d6db2ed6c7a65250d04f14918a58f8ecab598d98b9e622e417d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 193
etag: W/"6582f8cd-8b6c"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526181652
cf-ray: 83b2e589b9b765aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:42:01 GMT+0000 (Coordinated Universal Time)

GET
H3 200 22.f8303621a9289efc08b8.js Show response
quickwin765412.com/ 22 KB
6 KB 77ms
76ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/22.f8303621a9289efc08b8.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1dd0ff97f0f46ac10e93ab0f1307f699895f944c90016a350735f4562fe994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 128
etag: W/"6582f8cd-560b"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526246982
cf-ray: 83b2e589b9b865aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:06 GMT+0000 (Coordinated Universal Time)

GET
H3 200 30.1bc01234624549a03f21.js Show response
quickwin765412.com/ 34 KB
8 KB 84ms
84ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/30.1bc01234624549a03f21.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b5cd13a5a87b250858d9e06163cd9291df802f9df9bab4e7a1fb7fcd0df5ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 193
etag: W/"6582f8cd-88a1"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526181599
cf-ray: 83b2e589b9b965aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:42:01 GMT+0000 (Coordinated Universal Time)

GET
H3 200 27.33ebc08ce2c074868b6b.js Show response
quickwin765412.com/ 8 KB
3 KB 89ms
89ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/27.33ebc08ce2c074868b6b.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a377f6c1d2fc313f46d5aae100fd800a40dabb4f5cdf9b2b33604455fedda7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-1fe9"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247016
cf-ray: 83b2e589b9bb65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 28.9ad0b625c1f66c726629.js Show response
quickwin765412.com/ 32 KB
7 KB 106ms
105ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/28.9ad0b625c1f66c726629.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bff57770500e5694938c47feeaddccb7ccd8d226f23f69d3551bfee94e2e672

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 193
etag: W/"6582f8cd-7e21"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526181834
cf-ray: 83b2e589b9bc65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:42:01 GMT+0000 (Coordinated Universal Time)

GET
H3 200 29.466887f8223291d22d3d.js Show response
quickwin765412.com/ 12 KB
4 KB 90ms
89ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/29.466887f8223291d22d3d.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eab38026906bdd534b057b203e53d186a30a6d1e439b87485bdc24d5b0e2d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-2f6e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247017
cf-ray: 83b2e589b9bd65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 5.7e88bb3d92e9c2e701f9.js Show response
quickwin765412.com/ 39 KB
9 KB 132ms
132ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/5.7e88bb3d92e9c2e701f9.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a805c5457dba39514e74a7ad2b5dbd4c0095c1095d6b7299a82e6afd01196e09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 193
etag: W/"6582f8cd-9b78"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526181642
cf-ray: 83b2e589b9bf65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:42:01 GMT+0000 (Coordinated Universal Time)

GET
H3 200 8.63d7e2dc0b84ce76f42a.js Show response
quickwin765412.com/ 22 KB
5 KB 143ms
143ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/8.63d7e2dc0b84ce76f42a.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bada8511476ba1eec49ed28d1cb9617792cbeb82e46c8c6741a1a237107e293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-58f9"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247018
cf-ray: 83b2e589b9c065aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 17.6c7576df3d5aea1019bc.js Show response
quickwin765412.com/ 33 KB
8 KB 111ms
110ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/17.6c7576df3d5aea1019bc.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941c4c5d10e5812e7bef2c8b115965eac81d5b6681c825aba74a2edd9c82a7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 193
etag: W/"6582f8cd-855e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526181701
cf-ray: 83b2e589b9c265aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:42:01 GMT+0000 (Coordinated Universal Time)

GET
H3 200 33.a7ae611ffd25df97fb90.js Show response
quickwin765412.com/ 31 KB
8 KB 120ms
120ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/33.a7ae611ffd25df97fb90.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4fa92f5ae0317e4ff1f819c2a9d327562b65b62909654f5a6310557e9470937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-7bc5"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247017
cf-ray: 83b2e589b9c365aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 7.3c26a44e231800dafcb8.js Show response
quickwin765412.com/ 110 KB
22 KB 129ms
128ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/7.3c26a44e231800dafcb8.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d886c930b20c15f30e80372395c572095464710452c302063f3e7bfb9bb233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-1b656"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247023
cf-ray: 83b2e589b9c465aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 20.f0f16656165772ddc12a.js Show response
quickwin765412.com/ 62 KB
16 KB 105ms
105ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/20.f0f16656165772ddc12a.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb831d7be3c3cf3ece0a36846a16187987a318b8ee6fb304ccf492466fd3dc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-f62a"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247027
cf-ray: 83b2e589b9c565aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 10.1914b7e5703827aa44d7.js Show response
quickwin765412.com/ 25 KB
7 KB 106ms
106ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/10.1914b7e5703827aa44d7.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a2a6d9c4ca38a7e4047e3f4a4af653a932bf432ae5d7c65e27843b98fda0151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-63d6"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247024
cf-ray: 83b2e589b9c765aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 4.e76cfcb5d8a26867822d.js Show response
quickwin765412.com/ 20 KB
6 KB 108ms
108ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/4.e76cfcb5d8a26867822d.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04bd9bbfbeb00e309f51d8d6cc6d990caa9c4cbfd9170f51efd232f6580dcb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-4faf"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247047
cf-ray: 83b2e589b9c865aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 32.7173caaff4c3a8d1c04f.js Show response
quickwin765412.com/ 24 KB
7 KB 120ms
120ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/32.7173caaff4c3a8d1c04f.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: eedbdcd7b8acfbd5ee57f6bbfc862dbd202cccec3884a3503b71b538064cb825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-61b0"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247048
cf-ray: 83b2e589b9c965aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 24.2f2f76e65ec97400bcd3.js Show response
quickwin765412.com/ 10 KB
3 KB 99ms
98ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/24.2f2f76e65ec97400bcd3.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05d4ced653380378d6d9033fef8bec46d38adaf31238d183c762366bdbbeb75c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-263e"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247047
cf-ray: 83b2e589b9ca65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 25.35ac421e6957a0f95063.js Show response
quickwin765412.com/ 9 KB
3 KB 117ms
116ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/25.35ac421e6957a0f95063.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92787ccfb81cc2be5343e18ff09c31e3a2bde375a7ba5a91b28cf862aaec7166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-25b8"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247052
cf-ray: 83b2e589b9cb65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 16.952c42f57e5b0a230c24.js Show response
quickwin765412.com/ 22 KB
7 KB 116ms
116ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/16.952c42f57e5b0a230c24.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfa1caff97f8f5ced70fc7aef1870d091bdf32616748b1b4ba5bdde5f336002f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-584f"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247045
cf-ray: 83b2e589b9cc65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 34.fe1eaf09072265aca475.js Show response
quickwin765412.com/ 4 KB
2 KB 111ms
111ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/34.fe1eaf09072265aca475.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c64c1bb9f01e55f12929d8d01690bc3f8736249530cb84fce3038559d29b6f27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-f77"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247045
cf-ray: 83b2e589b9ce65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 31.03320bc9e0a0e747989c.js Show response
quickwin765412.com/ 4 KB
2 KB 114ms
113ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/31.03320bc9e0a0e747989c.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93a7d15f544c8733a8dc610901f65db0a52a4e3c5c9555c274691e2a8262631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-f49"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247053
cf-ray: 83b2e589b9d065aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 23.7874d0f5f07b707848cf.js Show response
quickwin765412.com/ 75 KB
15 KB 105ms
105ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/23.7874d0f5f07b707848cf.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9eb98053bf9fc2a5147b4796de61dce179aeb0d0e9b6e49c2bcfc71b529533a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-12b38"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247050
cf-ray: 83b2e589b9d365aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 26.88890eabe720c888a178.js Show response
quickwin765412.com/ 5 KB
2 KB 128ms
127ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/26.88890eabe720c888a178.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbcbdacde7ac192393e1200a9b00c7958bb08dac022092e1424fa47989296c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-1522"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247113
cf-ray: 83b2e589b9d765aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 19.593e72717dea46715cc2.js Show response
quickwin765412.com/ 72 KB
13 KB 133ms
133ms Script
application/javascript 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/19.593e72717dea46715cc2.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/runtime.89148cf49948a80c6a45.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d90fd26e8cc7c0853639d15bfd9cd080c1080ab25f023419d4b29c8e2780b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 14:23:09 GMT
cf-bgj: minify
server: cloudflare
age: 127
etag: W/"6582f8cd-11f39"
vary: null, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ttl: 1703526247025
cf-ray: 83b2e589b9d965aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)

GET
H3 200 sprite.svg
quickwin765412.com/assets/ 122 KB
38 KB 35ms
34ms Other
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/assets/sprite.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b30be91b5dc80b46e2ef45cf597b7f1d91763142580faf796cf9685e633d77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1768333
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: W/"65671356-1e6ae"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e589c9ee65aa-FRA
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/holidays/ 27 B
387 B 122ms
122ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/holidays/list

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dd812109c87559552ac89eb7f352a08baae02f5343b43b28d62c871a9e78df8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
x-device-type: mobile
age: 1354
request-id: feapi-2abc547b-69c8-44fe-bddb-a16154dba589
alt-svc: h3=":443"; ma=86400
content-length: 27
x-xss-protection: 1; mode=block
cf-revalidated: Mon Dec 25 2023 17:22:40 GMT+0000 (Coordinated Universal Time)
last-modified: Mon, 25 Dec 2023 17:22:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
accept-ranges: bytes
cf-ray: 83b2e589d9f665aa-FRA
cf-ttl: 1703525020922
x-device-name: Generic Smartphone

GET
H3 200 carbon.png
quickwin765412.com/cdn-static/images/quickwin/pattern/ 408 B
751 B 115ms
115ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/pattern/carbon.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f784c882e926082511adb84468522f5b4ddb936e151b984fefeb30fea62166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 127
cf-polished: origSize=647, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 408
cf-revalidated: Mon Dec 25 2023 17:43:07 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-287"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1703526247190
accept-ranges: bytes
cf-ray: 83b2e589ea0265aa-FRA
expires: Sat, 30 Dec 2023 05:41:30 GMT

GET
DATA 200
OK truncated
/ 501 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f242e7f1afd4035ff39b92603ed40a8d7d3fc878bf86c3ec61896a9e0532e28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 MediumItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 30ms
30ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/MediumItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf3d3c393d6648a70ff135348b8f09a763b675d6b106e38bd9b5a73c2d6577ae

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1768156
etag: W/"65671356-9c2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e589ea0765aa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 Bold.woff
quickwin765412.com/assets/fonts/ 36 KB
36 KB 43ms
43ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/Bold.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6d77b0c54018fe4e0a717e47a8ba92bc3598a5ef0a1f977be6045537cb158a

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 1768156
etag: W/"65671356-9048"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e589ea0965aa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/collection/ 8 KB
1 KB 108ms
108ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/collection/list

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64dc65c651ac72ae6e2469ab7e5f8868ff34986b109652487cb8854bf25716d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 1344
request-id: feapi-ec38b88e-b94e-422e-bba6-eef7f43611f6
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:22:50 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:22:50 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525030961
cf-ray: 83b2e589ea1065aa-FRA
cache-created: 2023-12-25T17:22:07.021Z
x-device-name: Generic Smartphone

GET
H2 200 altenarWSDK.js Show response
sb2widgetsstatic-altenar2.biahosted.com/ 779 KB
181 KB 165ms
53ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/main.b8bc3f321d8e2be331ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e17efc9807190079c37d6cfa06df1a6748750cf956dedc4bfdc257475c72bfa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702644371
age: 0
x-guploader-uploadid: ABPtcPqxGJ8-KXMI1N8E6DOSiF1HF2HYPHpLVSdgHX_JeFd_YqGR8NrbUOshZIJJIJlktiY-7dMnPTgnSg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184527
last-modified: Fri, 15 Dec 2023 12:46:27 GMT
server: UploadServer
etag: "02bee576c96ef609f8ff268d557c8c58"
vary: Accept-Encoding
x-goog-generation: 1702644387303503
x-goog-hash: crc32c=VVHjtw==, md5=Ar7ldslu9gn4/yaNVXyMWA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 184527
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:45:14 GMT

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/icon/ 2 KB
832 B 118ms
118ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/icon/list?count=10

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

036582f2a848015ce1307dda67910e24b6f6b3a2c853031bd1d0558ce448c459

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 647
request-id: feapi-1623340b-76d4-4a00-968d-54a20ad478c1
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:34:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:34:27 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525727146
cf-ray: 83b2e589ea1665aa-FRA
cache-created: 2023-12-25T17:30:03.673Z
x-device-name: Generic Smartphone

GET
H3 200 tournament_promo_state Show response
quickwin765412.com/en/api/v2/tournament/ 290 B
533 B 113ms
113ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/tournament/tournament_promo_state

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65557ac587cbc6aa93a7b4040391d362c8d3a13b70365dc5381d9de03078df6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 224
request-id: feapi-7d69681e-973d-4d2a-801e-039e0a83cb63
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:41:30 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:41:30 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703526150043
cf-ray: 83b2e589ea1965aa-FRA
x-device-name: Samsung SM-S918B

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 43 KB
8 KB 119ms
119ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=top&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

136daf42e7913ec0cb00e0d0b42ee434c85097250151518e0a5ea22c2ee69ac9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 647
request-id: feapi-d61c5da2-e5f4-4cc3-8937-f06740233ec4
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:34:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:34:27 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525727206
cf-ray: 83b2e589fa2465aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 37 KB
5 KB 121ms
121ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=new&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c5ce2a67d045bccdea2726547c294bcc210db23725b8b358e83a5afd953440

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 647
request-id: feapi-596449ea-e5e5-4bde-b9c3-4881bcbdf529
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:34:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:34:27 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525727185
cf-ray: 83b2e589fa2b65aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 44 KB
6 KB 111ms
111ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=top-rated&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca9b9ca89baa958fb5b50e7c0aa2ac6e4c69415b7ca0ef45159db94f29e8729

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 224
request-id: feapi-f9488ebd-5c31-4c1a-82ed-1b0f369e3331
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:41:30 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:41:30 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703526150756
cf-ray: 83b2e589fa3165aa-FRA
cache-created: 0
x-device-name: Samsung SM-S918B

GET
H3 200 latest Show response
quickwin765412.com/en/api/v2/jackpot/ 47 B
309 B 217ms
217ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/jackpot/latest?currencyIsoCode=EUR

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

63e4b153c4a108c47f7676a472612a4ecf32630633c79a785663dbf14becf693

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: DYNAMIC
x-device-type: desktop
request-id: feapi-c8e293d2-3949-4439-a244-e19c18c2dfc0
alt-svc: h3=":443"; ma=86400
content-length: 47
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
cf-ray: 83b2e589fa3665aa-FRA
cache-created: 0
x-device-name: Other

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 22 KB
4 KB 109ms
109ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=jackpots&count=16

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a19fdbfca0d103d1fd437df3c9affbb48b6c20ac252c4aca856204aa7aa761d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 647
request-id: feapi-4369a421-6fd6-4797-9934-a87691c4e976
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:34:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:34:27 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525727184
cf-ray: 83b2e589fa3865aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 36 KB
7 KB 119ms
119ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=all-games&count=28

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

701e9aa3d4d5962ef46afc64a8377db84b94380470cd6717962e9811652d79e0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: desktop
age: 7504
request-id: feapi-31c122c6-b426-4d90-847e-fc53ef9e21b2
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 15:40:10 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 15:40:10 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703518870387
cf-ray: 83b2e589fa3965aa-FRA
x-device-name: Other

GET
H3 200 item Show response
quickwin765412.com/en/api/v2/article/ 9 KB
3 KB 117ms
116ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/article/item?name=home

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c413164a9b4ed42792a4fe35e0d5787dc48aa26ffc99159ec329b47b665b8269

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 1343
request-id: feapi-3c11365f-c759-4dae-88bb-e5d4dac8ff38
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:22:51 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:22:51 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525031002
cf-ray: 83b2e589fa3c65aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/promo/ 115 KB
19 KB 169ms
169ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/promo/list?count=100

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6275dbf3e6c09f7158e3b17cd4256d991c4e825dccd90e2eb11a1db4f2fe47

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-device-type: desktop
request-id: feapi-ddab9a7b-b894-4eec-8333-55c5010cf703
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
cf-ray: 83b2e589fa3f65aa-FRA
cache-created: 0
x-device-name: Other

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 682 B
687 B 110ms
110ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=cars_collection&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 1343
request-id: feapi-5dfc43e9-127f-4d66-a92f-5dced6dd984c
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:22:51 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:22:51 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525031020
cf-ray: 83b2e58a0a4365aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 603 B
699 B 90ms
90ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=entrance_sporttour&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7025aae009c4562e6049990255420de5f854ee5b25e2e627c7d47a1cc51d13f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 1343
request-id: feapi-403d4f8e-00f7-4e34-b2d5-0b56c94ce1aa
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:22:51 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:22:51 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525031010
cf-ray: 83b2e58a0a4865aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/game/ 45 KB
9 KB 118ms
117ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/game/list?page=1&category=popular&count=31

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc197118bc5867f8763f59fc8c45da24f7a50fec00064e412041cdcf0255f3a3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 647
request-id: feapi-66bfb222-76bc-4f33-9c01-e8509824432e
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:34:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:34:27 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525727297
cf-ray: 83b2e58a0a4d65aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 682 B
687 B 111ms
111ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=cars_collection&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 1343
request-id: feapi-5dfc43e9-127f-4d66-a92f-5dced6dd984c
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:22:51 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:22:51 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525031020
cf-ray: 83b2e58a0a4f65aa-FRA
x-device-name: Generic Smartphone

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/icon/ 614 B
623 B 82ms
81ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/icon/list?category=footer_pay&count=3

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b61f379164930f075993f6b3bb7eb9766adec8be31f7fcedc5d138833f7d3bb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 647
request-id: feapi-1cb73cb4-d327-4e52-b888-aa3f0789475a
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:34:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 17:34:27 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703525727139
cf-ray: 83b2e58a0a5a65aa-FRA
cache-created: 2023-12-25T17:30:05.935Z
x-device-name: Generic Smartphone

GET
H3 200 ferrari-logo.svg
quickwin765412.com/assets/images/ferrari-campaign/ 6 KB
3 KB 34ms
34ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/ferrari-campaign/ferrari-logo.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

979b86364648e67957ed75c12ec72a584055ec6a8352ad6ceaefe35800e371f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1768337
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: W/"65671356-1626"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e58a0a5d65aa-FRA
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 logo.svg
quickwin765412.com/cdn-static/images/quickwin/general/ 6 KB
3 KB 104ms
103ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/logo.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d053ad19ac0f9a306b470ab5a507d03f53860e7b64157f43ceef9d9f7a1088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:50 GMT
server: cloudflare
age: 164
etag: W/"645e0e52-19bf"
x-cache-status: MISS
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703526210764
cf-ray: 83b2e58a0a5f65aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:42:30 GMT+0000 (Coordinated Universal Time)
expires: Tue, 02 Jan 2024 06:35:31 GMT

GET
H3 200 ferrari-text.svg
quickwin765412.com/assets/images/ferrari-campaign/ 4 KB
2 KB 35ms
34ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/assets/images/ferrari-campaign/ferrari-text.svg

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8afca9512d3621d70ef92f344d7038b85116758f29d7f8880bca9f4d77f1de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1768337
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
etag: W/"65671356-f78"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e58a0a6365aa-FRA
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 en.svg
quickwin765412.com/cdn-static/vector/flags/ 1 KB
893 B 99ms
99ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/flags/en.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac0eb9b299d05c43ce0bb3bccfe28d38c78ab3f8442854f1f28b1e5a64237505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 0
etag: W/"645e0e31-497"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703526374544
cf-ray: 83b2e58a0a6765aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:45:14 GMT+0000 (Coordinated Universal Time)
expires: Thu, 21 Dec 2023 14:57:15 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e297ed4f454d334c906e98fbff8f880b9f9d9bec25755d4cd994c9e104d6fedb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ticker-bg.png
quickwin765412.com/cdn-static/images/quickwin/general/ 62 KB
62 KB 96ms
95ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/ticker-bg.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936d9f31827f42dab25eb52fd38e687df4d2b8fab254bd05e36806a026cfc2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 136
cf-polished: status=not_needed
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 63445
cf-revalidated: Mon Dec 25 2023 17:42:58 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-f7d5"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1703526238280
accept-ranges: bytes
cf-ray: 83b2e58a2a8465aa-FRA
expires: Sat, 30 Dec 2023 15:13:37 GMT

GET
H2 200 78bdcf45-56b4-43b3-a452-beb220803adc Show response
ekr.zdassets.com/compose/ 852 B
1 KB 249ms
192ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/78bdcf45-56b4-43b3-a452-beb220803adc

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69330104835be5c6ef333bc402f53092e60164e83f42001901fbb3100f16b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 83469f1848bc3830-SEA, 83469f1848bc3830-SEA
x-runtime: 0.003106
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c69330104835be5c6ef333bc402f5309"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lqmCdxUNs0jewx4kTQu%2FzGAAZQiJvQgl5wK67RW3tw3CzWPNmhMwx4fczZoDFZvAd2WHy7yPUNZOdAGkpXTDoRmyeQyXE1ZXOsuCizua9F5Ef74x%2FKb5bhYNaMUAWobwus%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 83b2e58aca0a5d4c-FRA

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 375F 41 KB
26 KB 40ms
39ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yb56d19dkezz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b2e942aec87ee348e868cf803ab0fc3d8a449f43327d502cfe30f1e1a08847e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c4qCrAi8tbpHaVRtf1AflA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-c4qCrAi8tbpHaVRtf1AflA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 17:45:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

paymsystem_visa.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg

4 KB
2 KB

63ms
63ms

Image
image/svg+xml

94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819139ba1036d6cea3e0d6ae29c27254a81b04cfde04b56cd7b9b7edb980e7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 126
etag: W/"645e0e31-e94"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703526248731
cf-ray: 83b2e58bdcc165aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:08 GMT+0000 (Coordinated Universal Time)
expires: Fri, 29 Dec 2023 17:56:03 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg
date: Mon, 25 Dec 2023 17:45:14 GMT
server: cloudflare
cf-ray: 83b2e58b3f4d2bf0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3

200

paymsystem_mastercard.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg

5 KB
2 KB

59ms
59ms

Image
image/svg+xml

94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c76aaa9d4eb842dbf166f25fde1ab73cb3035c7347775bebb3b9611e7edee93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 126
etag: W/"645e0e31-1490"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703526248783
cf-ray: 83b2e58bdcc665aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:08 GMT+0000 (Coordinated Universal Time)
expires: Fri, 29 Dec 2023 18:06:25 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_mastercard.svg
date: Mon, 25 Dec 2023 17:45:14 GMT
server: cloudflare
cf-ray: 83b2e58b3f532bf0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3

200

paymsystem_banktransfer.svg
quickwin765412.com/cdn-static/vector/payments/monochrome-light/
Redirect Chain

https://quickwin.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg

12 KB
5 KB

62ms
62ms

Image
image/svg+xml

94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025cf6abb05fc2309b52b049d6761b66fd2f0ad005380ccdf4613612202ad037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
age: 126
etag: W/"645e0e31-2eec"
x-cache-status: HIT
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703526248708
cf-ray: 83b2e58bdcc365aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:08 GMT+0000 (Coordinated Universal Time)
expires: Fri, 29 Dec 2023 22:56:35 GMT

Redirect headers

location: https://quickwin765412.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg
date: Mon, 25 Dec 2023 17:45:14 GMT
server: cloudflare
cf-ray: 83b2e58b3f482bf0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET
H3 200 list Show response
quickwin765412.com/en/api/v2/banner/ 649 B
570 B 95ms
94ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/banner/list?place=ferrari_stage_one&category=banner

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b997a2cf7bfceb289ff0acd6e4799b72af3ce3361b70411e3b53884a6499bc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-device-type: desktop
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cache-control: no-cache
request-id: feapi-81cdae85-6f19-4054-8a1e-1f5fd534a1a9
cf-ray: 83b2e58aeb7365aa-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-device-name: Other

GET
H3 200 card-bg-square.png
quickwin765412.com/cdn-static/images/quickwin/gamehall/ 164 B
487 B 70ms
70ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/gamehall/card-bg-square.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf582dd3f06c3e5980570e1f97c5467c4ea9077a4d1a526fd109b34e67acfb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 558684
cf-polished: origFmt=png, origSize=246
x-cache-status: MISS
content-disposition: inline; filename="card-bg-square.webp"
alt-svc: h3=":443"; ma=86400
content-length: 164
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-f6"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1703526374781
accept-ranges: bytes
cf-ray: 83b2e58b1bcd65aa-FRA
expires: Sat, 30 Dec 2023 23:52:56 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 441c4f94bd62d62ac5a317442cee2f7805f2b743c3492d5490cad7355ad95f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 glare-star.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 1 KB
2 KB 63ms
63ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/glare-star.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf3f64e557664715822118f634f01674945e63c8cec05f7e87831137e630a1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 415169
cf-polished: origFmt=png, origSize=1582
x-cache-status: MISS
content-disposition: inline; filename="glare-star.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1328
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-62e"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1703526374775
accept-ranges: bytes
cf-ray: 83b2e58b1bd065aa-FRA
expires: Wed, 03 Jan 2024 01:23:37 GMT

GET
H3 200 center-glow-default.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 3 KB
4 KB 60ms
59ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/center-glow-default.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0dbbfa46f6e2ef2d26d258ba555db6677788f35198005b9a9cc66ef98a71b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 129
cf-polished: origSize=3875, status=webp_bigger
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 3433
cf-revalidated: Mon Dec 25 2023 17:43:05 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-f23"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1703526245270
accept-ranges: bytes
cf-ray: 83b2e58b1bd165aa-FRA
expires: Sat, 30 Dec 2023 02:32:59 GMT

GET
H3 200 glare-side.png
quickwin765412.com/cdn-static/images/quickwin/buttons/ 1005 B
1 KB 62ms
62ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/buttons/glare-side.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904bf79f059c1e22b4b20cb1e86895a89c017c85e48dad545928a6e103d2d8cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 129
cf-polished: origSize=1347, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1005
cf-revalidated: Mon Dec 25 2023 17:43:05 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e52-543"
vary: null, Accept-Encoding
content-type: image/png
cf-ttl: 1703526245269
accept-ranges: bytes
cf-ray: 83b2e58b1bd265aa-FRA
expires: Mon, 01 Jan 2024 14:31:21 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7597f783523d4fdb4e0574234bbdd5ea3e19f7f10bc5e5f881e4bf48b2a2c1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 930 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c97995267e0c2da1ded20bd58c8063750e48c2b107b32411f12b2f10636212b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 banner-arrow.png
quickwin765412.com/cdn-static/images/quickwin/general/ 2 KB
2 KB 60ms
59ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/general/banner-arrow.png
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d94f01fd8cd981adbedb5fc397328c3506733e5e0ad7c6c4a70d55eea04093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 298384
cf-polished: origFmt=png, origSize=2551
x-cache-status: MISS
content-disposition: inline; filename="banner-arrow.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2108
last-modified: Fri, 12 May 2023 10:00:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2d-9f7"
vary: null, Accept-Encoding
content-type: image/webp
cf-ttl: 1703526374845
accept-ranges: bytes
cf-ray: 83b2e58b9c6e65aa-FRA
expires: Wed, 03 Jan 2024 19:51:09 GMT

GET
H3 200 posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.gif
quickwin765412.com/dimg/game/ 103 KB
103 KB 34ms
34ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.gif?width=400&height=600
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a568ac0428f6d7e4801f330902d4a6e47cc31a58b9afccd687d90aede26aa17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1768331
cf-polished: origFmt=gif, origSize=126720
content-disposition: inline; filename="posterthumbnail0181e37baf3a8e2ca06d4dbd302d62ad3.webp"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 105352
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Dec 2023 06:32:44 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bcca565aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 11:57:20 GMT

GET
H3 200 1660141033873_360840megafireblazeroulettelive.jpg
quickwin765412.com/dimg/game/ 14 KB
15 KB 35ms
34ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1660141033873_360840megafireblazeroulettelive.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e9eaa138a48931f160746196b6c14044914c584a180324b2a296ae9fed972d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1765728
content-disposition: inline; filename="1660141033873_360840megafireblazeroulettelive.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 14836
last-modified: Tue, 05 Dec 2023 06:35:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfcf565aa-FRA
x-conv-cache-status: HIT
expires: Tue, 25 Apr 2023 09:26:48 GMT

GET
H3 200 1699371146081_360840extreasureisland.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 32ms
30ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699371146081_360840extreasureisland.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8af1a21aaebbabbbe5599ffc3021593ec26006c7691bc4bf4a4c3f5dffa9c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1765728
content-disposition: inline; filename="1699371146081_360840extreasureisland.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 13926
last-modified: Tue, 05 Dec 2023 06:35:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfcfb65aa-FRA
x-conv-cache-status: HIT
expires: Wed, 08 Nov 2023 13:39:44 GMT

GET
H3 200 1702538678171_360x840luckyballroulette.jpg
quickwin765412.com/dimg/game/ 9 KB
10 KB 33ms
31ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702538678171_360x840luckyballroulette.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac48966b26e0ea4ce7309bd715593533840de4f72df6b60ba9b73ce0e9b4b641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 617459
content-disposition: inline; filename="1702538678171_360x840luckyballroulette.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9599
last-modified: Mon, 18 Dec 2023 14:12:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfcfe65aa-FRA
x-conv-cache-status: MISS
expires: Mon, 18 Dec 2023 15:12:00 GMT

GET
H3 200 1701961068473_3608403luckyrainbow.jpg
quickwin765412.com/dimg/game/ 12 KB
13 KB 33ms
30ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701961068473_3608403luckyrainbow.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7cf33a0c90169057203c9191c75cbd31306880fcf33203cf5158b96b0e662e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1498874
content-disposition: inline; filename="1701961068473_3608403luckyrainbow.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12516
last-modified: Fri, 08 Dec 2023 08:29:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd0065aa-FRA
x-conv-cache-status: MISS
expires: Fri, 08 Dec 2023 09:29:08 GMT

GET
H3 200 1634796608381_360x840pragmaticspeedroulette.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 35ms
33ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1634796608381_360x840pragmaticspeedroulette.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd99ae891271f08519932a03c375a607b662b7ddecf47d45b7d3b9771504b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1765728
content-disposition: inline; filename="1634796608381_360x840pragmaticspeedroulette.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 14016
last-modified: Tue, 05 Dec 2023 06:35:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd0265aa-FRA
x-conv-cache-status: HIT
expires: Wed, 29 Mar 2023 14:24:53 GMT

GET
H3 200 1688722143351_360x840roulette2.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 35ms
33ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1688722143351_360x840roulette2.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e633a579f1df557d2d9e90c93ad222dea5c8e8193c1a085fcbb1f05274ed0197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 938731
content-disposition: inline; filename="1688722143351_360x840roulette2.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11999
last-modified: Thu, 14 Dec 2023 20:59:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd0465aa-FRA
x-conv-cache-status: HIT
expires: Fri, 18 Aug 2023 14:04:43 GMT

GET
H3 200 1699863783728_360840reddoorroulette.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 36ms
34ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699863783728_360840reddoorroulette.jpg?extension=avif&height=430
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1fe21b0bc502937ca6c447ceebdfc4671f21c6be720a112143a486efdacc093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1765728
content-disposition: inline; filename="1699863783728_360840reddoorroulette.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13204
last-modified: Tue, 05 Dec 2023 06:35:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd0765aa-FRA
x-conv-cache-status: HIT
expires: Mon, 13 Nov 2023 11:19:00 GMT

GET
H3 200 1669827950366_400x600santasstackdreamdrop.jpg
quickwin765412.com/dimg/game/ 7 KB
7 KB 40ms
38ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1669827950366_400x600santasstackdreamdrop.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48965fdac12d5f498b3b99c515be39aa125cb31c6708271eab187df5df5edfc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1758987
content-disposition: inline; filename="1669827950366_400x600santasstackdreamdrop.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7102
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd0965aa-FRA
x-conv-cache-status: HIT
expires: Fri, 17 Mar 2023 15:50:33 GMT

GET
H3 200 1700813635245_400x600jinglebellsbonanza.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 36ms
34ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1700813635245_400x600jinglebellsbonanza.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e53d876c9ecb2883a9d7ebeb3715ab8ee8ba347b330e730a7859d2b9b37162c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1758987
content-disposition: inline; filename="1700813635245_400x600jinglebellsbonanza.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8199
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd0c65aa-FRA
x-conv-cache-status: HIT
expires: Fri, 01 Dec 2023 13:31:04 GMT

GET
H3 200 1674548734869_400x600pineofplinkodreamdrop.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 37ms
35ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1674548734869_400x600pineofplinkodreamdrop.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90438c83bdc3d682d1a6d494328898e6ce1faf37ced4da7191fcc29d4fb22358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="1674548734869_400x600pineofplinkodreamdrop.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7559
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd1065aa-FRA
x-conv-cache-status: HIT
expires: Tue, 07 Nov 2023 15:32:49 GMT

GET
H3 200 400x600winterwonder.jpg
quickwin765412.com/dimg/game/ 5 KB
6 KB 39ms
37ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/400x600winterwonder.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff94aac9e2aba6d9fefa11d478cb79b634b658a54f1f93865ce3b6826d2c2da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="400x600winterwonder.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 5565
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd1365aa-FRA
x-conv-cache-status: HIT
expires: Fri, 01 Dec 2023 13:31:04 GMT

GET
H3 200 jingle45.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 38ms
37ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/jingle45.jpg?extension=avif&height=200
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28278bd04e7e55be32df39e901249a0ef8dbacd10381b25b66a94688567c6115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="jingle45.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 7452
last-modified: Tue, 05 Dec 2023 07:40:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58bfd1565aa-FRA
x-conv-cache-status: HIT
expires: Fri, 01 Dec 2023 13:31:04 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5cb2cf05f6698df24cfd83ae39f05f17c2b46cc3d28faaf99b42393e7b33013

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EFZEET6PW6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd2d09424be5f5eb1d42c8257c50cc1fe27e8184a72eedee8383edcfc84e44a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83314
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 17:45:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 15:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7017
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Dec 2023 17:48:17 GMT

GET
H2 200 hotjar-3550387.js Show response
static.hotjar.com/c/ 9 KB
4 KB 106ms
38ms Script
application/javascript 52.222.139.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3550387.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-19.ams50.r.cloudfront.net

Software

Resource Hash

bee312a608434a924bf063b224effb547a32f61483741ca6c9817edc5054b2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 17:45:15 GMT
via: 1.1 ff34f581ad0f4009e4c404975952e7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 13
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/5753d3b31fe4dc6ce7c959416d381c59
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: nG0L_Wtp8uRmYmgy_vXqmC99eEsgVP_e4OcMx1pFOEVUa2rvU2pgxg==

GET
H2 200 k_quickwin.js Show response
scripts.prdredir.com/scripts/ 2 KB
1 KB 479ms
415ms Script
text/javascript 2606:4700:20::681a:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_quickwin.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime: 0.022899
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"448d305ad6e8d6b57c5e4d37afbf26c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPaY5QZlxW%2FsfFoEijsYszpqO7m7TjzY55DnOuBiLQQF1moWVLUHSrzWhMFYPETIvuJO4Cz0MCicP%2BxzeYbx3hZGBMoAQKmwhDe%2Brq8qmCdZ4JUNUrMjHk%2FUP6C7pVIK%2B41zGvRV%2F%2F4OqTH7gXIbbZ2E"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 83b2e58cc9a76957-FRA
x-request-id: d1bca4d4-1a1d-4041-909d-92db328227d8

GET
H2 200 quickwin.js Show response
adjs.media/resources/content/ 3 KB
2 KB 191ms
140ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/resources/content/quickwin.js

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bdcd0c8b8b3b686a3d9fd02dc3f5b716f810115bad6d5b284c34923b8b0797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 34de3d0e-55d2-476b-bccd-b798b3547d9b
x-runtime: 0.001345
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a0bdcd0c8b8b3b686a3d9fd02dc3f5b7"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUZrj9s7pFTdZe%2F6TAZG6ZtqIXlNyaNXdcRqzMGAW7t1m11gVHsc0jZKccn09mzgvwAOTIVrcjEZh0eHkBKy7lTgYETj6m1mXnSxAJaqu7JKF0jvtDUk4AjCjkUTmjGiTZ97nK1f7lvQ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, private
cf-ray: 83b2e58cbc312c04-FRA

GET
H2 200 blue-tag.min.js Show response
event.getblue.io/js/ 9 KB
3 KB 662ms
221ms Script
application/javascript 18.228.178.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/js/blue-tag.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.228.178.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-228-178-86.sa-east-1.compute.amazonaws.com

Software

Resource Hash

a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 16:23:36 GMT
etag: W/"9113-1703521416737"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK js Show response
track.wolf22.xyz/pixel/ 412 B
737 B 393ms
102ms Script
text/javascript 88.214.195.93
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wolf22.xyz/pixel/js?auth=dg12ck&event=visit
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.93 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 1bb43e5e70bbd280f2cff81dd2fbdc1c87e3e4cb3cbbb2afd7f5e4a559dc8ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 17:45:15 GMT
Server: nginx/1.20.0
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 412
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 113ms
23ms Script
application/x-javascript 2600:9000:224a:3800:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3800:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:50:39 GMT
content-encoding: gzip
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
last-modified: Mon, 25 Dec 2023 16:50:29 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: DUS51-P1
age: 3276
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: LIZ7tTkg_kpJ9dq0ecz9rZf7SyjigHe7wLFRWg8j7E-GRu3BY6NBOA==
expires: Mon, 25 Dec 2023 17:50:39 GMT

GET
H/1.1 200
OK merchant.js Show response
pixel.adfyier.com/ 853 B
1 KB 352ms
114ms Script
application/javascript 138.197.230.29
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adfyier.com/merchant.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.230.29 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: 60ff18a2a6e54394d6dc4e1bb368c47850848306d56e177b4a02270db7e80603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
x-powered-by: Express
surrogate-control: no-store
transfer-encoding: chunked
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate,private
expires: 0

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 109ms
33ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000ea239e22e83b616b-00646c8ee1-3295d06f-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ 73 B
618 B 146ms
38ms Script
text/javascript 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 180
expires: -1

GET
H2 200 mt_quickwin.js Show response
scpt.getrmads.com/src/ 3 KB
2 KB 190ms
117ms Script
text/javascript 2606:4700:3032::ac43:cb12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scpt.getrmads.com/src/mt_quickwin.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d70f37d0643d718c68550e8f30873988b9f7df5a856bb9f79fc47e9184184ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p76hC5N9e57KSwxNoUkbhMROgZMfQluzO4k9atQtZScCS%2FE3K%2FjZfgOKb7q%2FeQHiu86St8ylLsY6%2Fj07wuUREwkZuvpl1j8qTqHKFsmVoSkk1N6yh7SEQeBlGNMeEFgHKtSbdRlc7nHlFmVWZatq8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83b2e58d5f91085b-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 168ms
46ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=6dbc1654108520062cc5e1b2cbe1761d0aeee75ec04eecdef0bd17e37b76a87c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1d3ebdb0a13d47d07c440c8dbd6dcaa96a58ec8ac53446a140497c2013c2567

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H2 200 / Show response
winner-slots.online/ Frame CA91 130 KB
34 KB 186ms
80ms Document
text/html 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed / PHP/8.2.13
Resource Hash: 2024178346f942d57c649c7d981f280b3821c05d6b6d9ebfa38464d10550ad6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 17:45:15 GMT
link: <https://winner-slots.online/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.2.13

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=35276001&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

0
806 B

45ms
45ms

Script
application/javascript

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
an-x-request-uuid: a7e41e3c-25d8-459d-9081-8082e2ff96f3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.184; 84.19.175.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
an-x-request-uuid: 17e5d78e-b0c2-4d69-93c1-e552aa035413
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276001%26t%3D1
x-proxy-origin: 84.19.175.184; 84.19.175.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=35276004&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

0
806 B

29ms
28ms

Script
application/javascript

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
an-x-request-uuid: 663c2601-74c3-434a-8691-9ea6e48fb694
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.184; 84.19.175.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
an-x-request-uuid: 9076de87-9c8d-4dc1-9202-952ca6e7a271
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35276004%26t%3D1
x-proxy-origin: 84.19.175.184; 84.19.175.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content / Show response
reichelcormier.bid/point/ 0
354 B 97ms
29ms Script
text/plain 178.162.159.92
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://reichelcormier.bid/point/?method=s&id=101011&key=0ac6f97d792b9914d65b8fb292be9dd7&seg=101&btag=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2Q5X5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Dec 2023 17:45:15 GMT
Access-Control-Allow-Credentials: true
Server: openresty
Connection: close
Access-Control-Allow-Method: GET,POST

GET
H2 204 audience
track.aso1.net/ 0
332 B 576ms
328ms Image
image/gif 2606:4700:3038::6815:ea9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.aso1.net/audience?id=100579&_cb=0.8859562732610342
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, max-age=0
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-ray: 83b2e58f7ced0827-IAD
alt-svc: h3=":443"; ma=86400
expires: Sun, 27 May 1979 00:00:00 GMT

GET
H3 200 1678180276898_bgcarscollection.jpg
quickwin765412.com/dimg/banner/ 69 KB
69 KB 38ms
38ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/banner/1678180276898_bgcarscollection.jpg?type=image/avif?extension=avif&width=2000&resize_type=fill&gravity=ce
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aefbc53a26bcf50b968ec231b9848483e043e5e47518a8fe0d93349f7ed15fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
cf-cache-status: HIT
age: 1766357
cf-polished: qual=85, origFmt=jpeg, origSize=87452
content-disposition: inline; filename="1678180276898_bgcarscollection.webp"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 70796
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Dec 2023 06:32:56 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58cadfb65aa-FRA
x-conv-cache-status: HIT
expires: Mon, 20 Nov 2023 13:41:54 GMT

GET
H3 200 SemiboldItalic.woff
quickwin765412.com/assets/fonts/ 39 KB
39 KB 32ms
32ms Font
application/font-woff 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin765412.com/assets/fonts/SemiboldItalic.woff
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/assets/initial.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba129f3fab709dcad8916478c2d18c9cdb1b37ffd1fdc8fd998dc4f3753460c6

Request headers

Referer: https://quickwin765412.com/assets/initial.css
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 10:32:54 GMT
server: cloudflare
age: 943308
etag: W/"65671356-9bd4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2073600
cf-ray: 83b2e58cadfd65aa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jan 2024 17:45:14 GMT

GET
H3 200 1695298123121_400x600luckydwarfsexclusive.jpg
quickwin765412.com/dimg/game/ 15 KB
16 KB 33ms
33ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1695298123121_400x600luckydwarfsexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a399b035f9774d3ee9bf4ae99dd261a1e5abe94b321c71c61b3edfd84b5b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1765729
content-disposition: inline; filename="1695298123121_400x600luckydwarfsexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15838
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e8365aa-FRA
x-conv-cache-status: HIT
expires: Thu, 28 Sep 2023 09:28:37 GMT

GET
H3 200 1667489197478_400x600riseofolympus100.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 35ms
32ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1667489197478_400x600riseofolympus100.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8b5f4f08d1c133e211fa18f260d505a82d862c219c25e707d7232989385996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1765729
content-disposition: inline; filename="1667489197478_400x600riseofolympus100.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11031
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e8865aa-FRA
x-conv-cache-status: HIT
expires: Thu, 30 Mar 2023 14:49:41 GMT

GET
H3 200 1663078079116_400x600fruitparty.jpeg
quickwin765412.com/dimg/game/ 10 KB
10 KB 32ms
29ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1663078079116_400x600fruitparty.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bea9b4ffb09fc3c9c5f5dd38e96894ff1c5fa75afc4a9e5bedd640202e7763e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 774575
content-disposition: inline; filename="1663078079116_400x600fruitparty.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10124
last-modified: Sat, 16 Dec 2023 15:17:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e8a65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:18 GMT

GET
H3 200 1701682379753_400x600krakenbayexclusive.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 34ms
31ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701682379753_400x600krakenbayexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 900e0c399099619f153ab1457e02b2311a73f99908b2a3ba35566b1beecfc65e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1566922
content-disposition: inline; filename="1701682379753_400x600krakenbayexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11800
last-modified: Thu, 07 Dec 2023 14:22:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e8e65aa-FRA
x-conv-cache-status: HIT
expires: Thu, 07 Dec 2023 15:16:26 GMT

GET
H3 200 1643293046251_400x600-secrets-of-christmas.jpeg
quickwin765412.com/dimg/game/ 9 KB
9 KB 36ms
34ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1643293046251_400x600-secrets-of-christmas.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ebefe4601d5c0739e24e93436ff97f93e0f5bb3782e0f93cfb48811f18a05d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 887358
content-disposition: inline; filename="1643293046251_400x600-secrets-of-christmas.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9149
last-modified: Fri, 15 Dec 2023 11:15:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9065aa-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:41:41 GMT

GET
H3 200 1687859479709_400x600777strike.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 54ms
51ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1687859479709_400x600777strike.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e9d7d9259501d12483e279c6fd405e2bccdd35999d7990c58aa3603ce3f35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1765729
content-disposition: inline; filename="1687859479709_400x600777strike.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10255
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9265aa-FRA
x-conv-cache-status: HIT
expires: Tue, 27 Jun 2023 12:14:09 GMT

GET
H3 200 1631610764562_400x600ascensionrisetoriches.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 37ms
35ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1631610764562_400x600ascensionrisetoriches.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 705757ab484571b93cb8950a54c6f565e689a0223751f36d46df63c589bf6992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1725173
content-disposition: inline; filename="1631610764562_400x600ascensionrisetoriches.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11460
last-modified: Tue, 05 Dec 2023 12:29:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9365aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:14:08 GMT

GET
H3 200 1649323990103_400x600gladiatorlegends.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 54ms
52ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1649323990103_400x600gladiatorlegends.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8813ea274fb47c71a14bc23a8a2572753ec02c4bd5cf0ca1f191371fa8cc5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1759058
content-disposition: inline; filename="1649323990103_400x600gladiatorlegends.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11898
last-modified: Tue, 05 Dec 2023 07:40:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9565aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 11:28:36 GMT

GET
H3 200 1648716702955_400x600sakurafortune2.jpg
quickwin765412.com/dimg/game/ 15 KB
15 KB 38ms
36ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1648716702955_400x600sakurafortune2.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3926eb7b9eee88ede5b574303fda25cd5cb9389ec39ef70baf5a046c38fae87e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1130493
content-disposition: inline; filename="1648716702955_400x600sakurafortune2.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15401
last-modified: Tue, 12 Dec 2023 15:43:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9665aa-FRA
x-conv-cache-status: HIT
expires: Wed, 02 Aug 2023 21:13:02 GMT

GET
H3 200 posterthumbnail0026baf5f8df01f3acef6345a0d0e92ad.jpeg
quickwin765412.com/dimg/game/ 10 KB
11 KB 39ms
37ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/posterthumbnail0026baf5f8df01f3acef6345a0d0e92ad.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8522b134acc65a6c69fe47dca21cf7cd3ca815b80db6a900c1e1b4b0c091645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1765729
content-disposition: inline; filename="posterthumbnail0026baf5f8df01f3acef6345a0d0e92ad.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10712
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9865aa-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:57:36 GMT

GET
H3 200 1670236566601_400x600jokerscharmsxmas.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 44ms
42ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1670236566601_400x600jokerscharmsxmas.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c675e6cf81d73d4158f4284a764302c47687ac7f6fb6f4929dee2a8e76809e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 357078
content-disposition: inline; filename="1670236566601_400x600jokerscharmsxmas.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13359
last-modified: Thu, 21 Dec 2023 14:32:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9965aa-FRA
x-conv-cache-status: HIT
expires: Sun, 09 Apr 2023 20:08:42 GMT

GET
H3 200 1699961244343_400x600cashofgodsexclusive.jpg
quickwin765412.com/dimg/game/ 13 KB
14 KB 55ms
53ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699961244343_400x600cashofgodsexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaacc720264e77de9d27705284a709816ed317c515eae856298675a45ad55f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1765729
content-disposition: inline; filename="1699961244343_400x600cashofgodsexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13545
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9b65aa-FRA
x-conv-cache-status: HIT
expires: Thu, 16 Nov 2023 14:44:45 GMT

GET
H3 200 1669115459381_400x600wondersofchristmas.jpg
quickwin765412.com/dimg/game/ 15 KB
15 KB 56ms
54ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1669115459381_400x600wondersofchristmas.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a2185312272132d675b3fde9ecde32f0eac7ba575afee1a945fb33e3bbb3832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1765729
content-disposition: inline; filename="1669115459381_400x600wondersofchristmas.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 15240
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9c65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 06 Jun 2023 16:38:46 GMT

GET
H3 200 1647848543458_400x600sunofegypt3.jpg
quickwin765412.com/dimg/game/ 13 KB
14 KB 57ms
56ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1647848543458_400x600sunofegypt3.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1252aff629065ef907864c2a694343c8d49ba69483d6ee1d734bfb3aaf61a7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1765729
content-disposition: inline; filename="1647848543458_400x600sunofegypt3.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 13629
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9d65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 14:54:47 GMT

GET
H3 200 1702895008494_400x600holidaysjokerxmas.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 58ms
56ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702895008494_400x600holidaysjokerxmas.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8f0a5a2ac4d52d33bcdd4e13b96572b8114f5851bc763d6af46c2eb1144281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 379546
content-disposition: inline; filename="1702895008494_400x600holidaysjokerxmas.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10368
last-modified: Thu, 21 Dec 2023 08:14:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0e9f65aa-FRA
x-conv-cache-status: HIT
expires: Thu, 21 Dec 2023 09:12:00 GMT

GET
H3 200 1702538678171_400x600luckyballroulette.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 39ms
38ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702538678171_400x600luckyballroulette.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50873012c7b4c1f152711839d081d9b1a297c39fba83a21eb0b983da0867af8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 630952
content-disposition: inline; filename="1702538678171_400x600luckyballroulette.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7391
last-modified: Mon, 18 Dec 2023 10:23:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0ea165aa-FRA
x-conv-cache-status: MISS
expires: Mon, 18 Dec 2023 11:23:17 GMT

GET
H3 200 1701337012074_itssharktimebanner400x600.png
quickwin765412.com/dimg/game/ 13 KB
13 KB 41ms
39ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701337012074_itssharktimebanner400x600.png?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb5b7c3b7023f20cf02e5d9bade5c67664df2027d7c09929d3fb8a52d7d50cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1765729
content-disposition: inline; filename="1701337012074_itssharktimebanner400x600.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13033
last-modified: Tue, 05 Dec 2023 06:35:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0ea365aa-FRA
x-conv-cache-status: HIT
expires: Thu, 30 Nov 2023 11:24:14 GMT

GET
H3 200 1702655494565_400x600excash20luckyclover.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 40ms
38ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702655494565_400x600excash20luckyclover.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f262287849334dc8011d608935f66e34b77085857f493e6a4407bda0eba209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 617462
content-disposition: inline; filename="1702655494565_400x600excash20luckyclover.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9844
last-modified: Mon, 18 Dec 2023 14:11:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0ea665aa-FRA
x-conv-cache-status: HIT
expires: Mon, 18 Dec 2023 15:11:58 GMT

GET
H3 200 1702655362667_400x600exstickybanditsunchained.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 59ms
58ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702655362667_400x600exstickybanditsunchained.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d68afa6971b9e5ffae1297175d8681926ca9bad65d389732f31f559952c0155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 530020
content-disposition: inline; filename="1702655362667_400x600exstickybanditsunchained.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9781
last-modified: Tue, 19 Dec 2023 14:30:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0ea865aa-FRA
x-conv-cache-status: MISS
expires: Tue, 19 Dec 2023 15:30:56 GMT

GET
H3 200 1702894883026_400x600hottest666.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 60ms
58ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702894883026_400x600hottest666.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcb61bd7ccd26df74d46c0a2c75b9681ba90cf8c19f2dfb15fc0a47bb696561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 462803
content-disposition: inline; filename="1702894883026_400x600hottest666.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10070
last-modified: Wed, 20 Dec 2023 08:34:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0eab65aa-FRA
x-conv-cache-status: HIT
expires: Wed, 20 Dec 2023 09:27:19 GMT

GET
H3 200 1701937739967_400x60081jokerx.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 42ms
41ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1701937739967_400x60081jokerx.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeed7bffc4bcd87c8d0d0eba7efb375c73c4eeb034c2e887e348859b31e874e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 357061
content-disposition: inline; filename="1701937739967_400x60081jokerx.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11580
last-modified: Thu, 21 Dec 2023 14:32:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0eac65aa-FRA
x-conv-cache-status: HIT
expires: Thu, 07 Dec 2023 11:21:34 GMT

GET
H3 200 1699282022598_400x600dragonsmirror.jpg
quickwin765412.com/dimg/game/ 14 KB
14 KB 60ms
59ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699282022598_400x600dragonsmirror.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12b5482636f480bdd67bc854e25e176860b3ed7018a01bce897eb304a52a02a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1763225
content-disposition: inline; filename="1699282022598_400x600dragonsmirror.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 14462
last-modified: Tue, 05 Dec 2023 07:40:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0ead65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 07 Nov 2023 09:25:23 GMT

GET
H3 200 1699714666027_400x600bloodaxe.jpg
quickwin765412.com/dimg/game/ 12 KB
13 KB 41ms
40ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1699714666027_400x600bloodaxe.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd644f4d4edfa6684b7266e28e21a3f4c13fd3bb56109335727870efe69535cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1763225
content-disposition: inline; filename="1699714666027_400x600bloodaxe.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12593
last-modified: Tue, 05 Dec 2023 07:40:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0eaf65aa-FRA
x-conv-cache-status: HIT
expires: Thu, 16 Nov 2023 11:18:17 GMT

GET
H3 200 1692802756233_400x600vikingswildcashexclusive.jpg
quickwin765412.com/dimg/game/ 13 KB
14 KB 62ms
61ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1692802756233_400x600vikingswildcashexclusive.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f63b66b05fb2dbd61e2be4a961ae7a8b67e82b0fae5dc9de9f18597381666a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1760903
content-disposition: inline; filename="1692802756233_400x600vikingswildcashexclusive.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13652
last-modified: Tue, 05 Dec 2023 06:35:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0eb165aa-FRA
x-conv-cache-status: HIT
expires: Wed, 30 Aug 2023 09:00:13 GMT

GET
H3 200 1703141090219_400x6002023hitslotdice.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 63ms
62ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1703141090219_400x6002023hitslotdice.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92f383732552d6f8440c1202b484ae36567ff65a360f6f58a1ed1f1f2bf246f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 287422
content-disposition: inline; filename="1703141090219_400x6002023hitslotdice.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8026
last-modified: Fri, 22 Dec 2023 09:50:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0eb365aa-FRA
x-conv-cache-status: MISS
expires: Fri, 22 Dec 2023 10:50:32 GMT

GET
H3 200 1703019714224_400x600royalxmassdice.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 63ms
62ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1703019714224_400x600royalxmassdice.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c2a278772fd74d92cb7f5b5e486048490456e49ecd65c14e2df39e7a9d9530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 287422
content-disposition: inline; filename="1703019714224_400x600royalxmassdice.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10917
last-modified: Fri, 22 Dec 2023 09:50:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58d0eb465aa-FRA
x-conv-cache-status: MISS
expires: Fri, 22 Dec 2023 10:50:32 GMT

GET
H3 200 1631168035296_400x600starlightprincess.jpg
quickwin765412.com/dimg/game/ 17 KB
17 KB 32ms
31ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1631168035296_400x600starlightprincess.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81569f8b6ab95cfd030493954ccc55b629cf0d29f8627c6904fc3dffa8fa896c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758987
content-disposition: inline; filename="1631168035296_400x600starlightprincess.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 16912
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58ddfca65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:18 GMT

GET
H3 200 1643123968929_400x600gigantoonz.jpg
quickwin765412.com/dimg/game/ 9 KB
10 KB 54ms
50ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1643123968929_400x600gigantoonz.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b658c9e042fd550658e26af78a29a677807fd11f642fe7d78d601402ce7a13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758987
content-disposition: inline; filename="1643123968929_400x600gigantoonz.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9560
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defd565aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:15 GMT

GET
H3 200 1683099939783_400x600infernodiamonds100.jpg
quickwin765412.com/dimg/game/ 7 KB
8 KB 60ms
57ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1683099939783_400x600infernodiamonds100.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d8591614eb328a49a0b95739f839cbed7a1c0f5f075914011f384c1cf567fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758987
content-disposition: inline; filename="1683099939783_400x600infernodiamonds100.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7465
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defda65aa-FRA
x-conv-cache-status: HIT
expires: Thu, 11 May 2023 08:43:08 GMT

GET
H3 200 1632215547284_400x600dynamiterichesmegaways.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 59ms
56ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1632215547284_400x600dynamiterichesmegaways.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086f1cceadf3a6d1b743e026baa82a170c1b5b3e19f1d2ce8ccc3de200bec30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758987
content-disposition: inline; filename="1632215547284_400x600dynamiterichesmegaways.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11412
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defdc65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:30:33 GMT

GET
H3 200 1695279958890_400x600clashofgods.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 53ms
49ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1695279958890_400x600clashofgods.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cd4cc982d4edfad6e2c99173c1ce32e2c3b381e4d5a1f126ee3a71566c2170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="1695279958890_400x600clashofgods.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 7980
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defdf65aa-FRA
x-conv-cache-status: HIT
expires: Thu, 21 Sep 2023 08:59:06 GMT

GET
H3 200 400x600bookofsunchoce2.jpg
quickwin765412.com/dimg/game/ 8 KB
8 KB 65ms
62ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/400x600bookofsunchoce2.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34952ec20476833833b0d39326c2a85bd26f1ab04b355187f53eacddbdb7c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="400x600bookofsunchoce2.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8203
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defe165aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:30:40 GMT

GET
H3 200 1636101823411_400x600jewelseapirateriches.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 38ms
35ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1636101823411_400x600jewelseapirateriches.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d495de2f7d8af5a0bae5ca9c4891c40b1680046747d3fc927c85eae120d93ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="1636101823411_400x600jewelseapirateriches.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10250
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defe665aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:17 GMT

GET
H3 200 1663572906507_400x600moneytrain3.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 44ms
41ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1663572906507_400x600moneytrain3.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf364725e43f8e13a2ef4fd655ad9455a89921cee588624134f2b6dd660744ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="1663572906507_400x600moneytrain3.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11619
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defe865aa-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:32:27 GMT

GET
H3 200 1646131530692_400x600bigbamboo.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 36ms
33ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1646131530692_400x600bigbamboo.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5a53d99b4e015e652e675e9dfedc98345a7c2fc7d0c945aa0d8ddb2647efdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1759058
content-disposition: inline; filename="1646131530692_400x600bigbamboo.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12306
last-modified: Tue, 05 Dec 2023 06:59:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defe965aa-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:06:29 GMT

GET
H3 200 1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.jpg
quickwin765412.com/dimg/game/ 11 KB
11 KB 42ms
39ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb07c03575d9216bbc7f32e716129101e0dd878a19a0adbc249656f47cf1a3a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="1640950907336_posterthumbnail0059d1b97905b5932202b368012953c9b.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11000
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defec65aa-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 09:36:41 GMT

GET
H3 200 poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.jpg
quickwin765412.com/dimg/game/ 12 KB
13 KB 39ms
36ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e3efc7a45f53d0d553f3ca64dbad85f50eea562865265a2883f82f9d34b935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1453403
content-disposition: inline; filename="poster_thumbnail_07e220799a8ad602f53ef985ec50f3c90.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12586
last-modified: Fri, 08 Dec 2023 22:01:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58defee65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:15 GMT

GET
H3 200 poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.jpg
quickwin765412.com/dimg/game/ 9 KB
9 KB 49ms
46ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 379fb57fa01d94da1f94ca7069a3cc71339b93efeb6061156fa07598132c5849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="poster_thumbnail_072596cc09cb24c7cb309fd73233343cb.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9111
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58deff065aa-FRA
x-conv-cache-status: HIT
expires: Tue, 04 Apr 2023 19:46:51 GMT

GET
H3 200 poster_thumbnail_0a1d3d7481e5e0f059adec5a1964aca9e.jpg
quickwin765412.com/dimg/game/ 9 KB
10 KB 40ms
37ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_0a1d3d7481e5e0f059adec5a1964aca9e.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79d4c69afe3c355656c70086d3784c113f011309b24a93c0070ce8398cf6f807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758986
content-disposition: inline; filename="poster_thumbnail_0a1d3d7481e5e0f059adec5a1964aca9e.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9434
last-modified: Tue, 05 Dec 2023 07:23:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58deff265aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:55:16 GMT

GET
H3 200 1702480933780_400x600gatesofolympus1000.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 44ms
42ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702480933780_400x600gatesofolympus1000.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 253bf135859fd11113deb79262ffb8d9831dc7dbaf46c3470c1b54a7f4372606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 963813
content-disposition: inline; filename="1702480933780_400x600gatesofolympus1000.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 13498
last-modified: Thu, 14 Dec 2023 09:26:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58deff665aa-FRA
x-conv-cache-status: HIT
expires: Thu, 14 Dec 2023 09:57:53 GMT

GET
H3 200 1702541641367_400x600vikingrunecraft100.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 46ms
43ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1702541641367_400x600vikingrunecraft100.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3613c7c5b215ff02db94cdded93b6bdba644f59836e948f075a00ef36cf746e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 983321
content-disposition: inline; filename="1702541641367_400x600vikingrunecraft100.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12034
last-modified: Thu, 14 Dec 2023 08:33:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58deff765aa-FRA
x-conv-cache-status: MISS
expires: Thu, 14 Dec 2023 09:33:06 GMT

GET
H3 200 posterthumbnail0c5b318b13ec5320d9d61de223a5ab95e.jpg
quickwin765412.com/dimg/game/ 8 KB
9 KB 47ms
44ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/posterthumbnail0c5b318b13ec5320d9d61de223a5ab95e.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a685ebb1a291fc1b2ee17a2b9c67815c6ab5e239281e13d2b2caca4591473d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1759079
content-disposition: inline; filename="posterthumbnail0c5b318b13ec5320d9d61de223a5ab95e.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8634
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58deff865aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 11:28:36 GMT

GET
H3 200 1669717285072_400x600cashtruckxmasdelivery.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 55ms
53ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1669717285072_400x600cashtruckxmasdelivery.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3782d42c013742311733c9d666146bc5ee7b43e484cbb1cad18e403e5f8f7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758982
content-disposition: inline; filename="1669717285072_400x600cashtruckxmasdelivery.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9733
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58deffa65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 09:26:09 GMT

GET
H3 200 poster_thumbnail_05a375fa12dafc7ff18b65fd6fbd8fbfc.jpg
quickwin765412.com/dimg/game/ 9 KB
10 KB 40ms
38ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/poster_thumbnail_05a375fa12dafc7ff18b65fd6fbd8fbfc.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ed465b5e6c3c472c46e04e78143ca909bdd12094604dc79868ca192bd0f852c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1759079
content-disposition: inline; filename="poster_thumbnail_05a375fa12dafc7ff18b65fd6fbd8fbfc.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9485
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58deffb65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 14:13:52 GMT

GET
H3 200 400x600royalsevenxxl.jpg
quickwin765412.com/dimg/game/ 6 KB
6 KB 53ms
51ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/400x600royalsevenxxl.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20710d5060f2ecaaf5f99778d59b74e023491f5ffa96c952e2d56db4cede2ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758984
content-disposition: inline; filename="400x600royalsevenxxl.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 6166
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58deffd65aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 12:33:40 GMT

GET
H3 200 1640875252121_1639058925856400x600bookofthefallen.jpg
quickwin765412.com/dimg/game/ 13 KB
13 KB 61ms
59ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1640875252121_1639058925856400x600bookofthefallen.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 945f22255230aabc25d78408dcd96344d469b91149c5c18e1fad99cc39757ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758984
content-disposition: inline; filename="1640875252121_1639058925856400x600bookofthefallen.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13410
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58de80065aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:14:08 GMT

GET
H3 200 1698654077204_400x6009coinsgranddiamondedition.jpg
quickwin765412.com/dimg/game/ 11 KB
12 KB 54ms
52ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1698654077204_400x6009coinsgranddiamondedition.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9464ddcc583f654dfd738be0e287d5e9c3a581600578242140c734ba8023f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758984
content-disposition: inline; filename="1698654077204_400x6009coinsgranddiamondedition.avif"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11559
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58de80165aa-FRA
x-conv-cache-status: HIT
expires: Thu, 16 Nov 2023 18:48:20 GMT

GET
H3 200 1648134977582_400x600fortunefivedouble.jpg
quickwin765412.com/dimg/game/ 12 KB
12 KB 55ms
53ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1648134977582_400x600fortunefivedouble.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 875f3b18a64e0e96fe9b347eb06ea49f94a7cb2986209acc800d05fae9210dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1759079
content-disposition: inline; filename="1648134977582_400x600fortunefivedouble.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11847
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58de80265aa-FRA
x-conv-cache-status: HIT
expires: Mon, 03 Apr 2023 10:58:57 GMT

GET
H3 200 1674650121054_buffalo-power-hold-and-win-4.jpeg
quickwin765412.com/dimg/game/ 8 KB
9 KB 50ms
48ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1674650121054_buffalo-power-hold-and-win-4.jpeg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486d29980f9335e62a392e6e76591543173a8f2a026d3df4080bc09e2b5ee5f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758984
content-disposition: inline; filename="1674650121054_buffalo-power-hold-and-win-4.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8610
last-modified: Tue, 05 Dec 2023 07:40:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58de80465aa-FRA
x-conv-cache-status: HIT
expires: Mon, 24 Apr 2023 12:35:11 GMT

GET
H3 200 1657267730692_400x600veryhot5.jpg
quickwin765412.com/dimg/game/ 10 KB
10 KB 49ms
47ms Image
image/avif 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/game/1657267730692_400x600veryhot5.jpg?extension=avif&height=280
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb385d033a48d86d5141d6dcd3d54ebfeec39a62c5e25687b342edfb4a6e7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 1758984
content-disposition: inline; filename="1657267730692_400x600veryhot5.avif"
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9758
last-modified: Tue, 05 Dec 2023 06:39:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58de80665aa-FRA
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 10:51:50 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 375F 55 KB
24 KB 64ms
20ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yb56d19dkezz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 12:21:37 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 375F 505 KB
203 KB 74ms
30ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 13:11:36 GMT

GET
H3 200 vip-slider-arrow.svg
quickwin765412.com/cdn-static/images/quickwin/vip-page/ 1 KB
959 B 63ms
63ms Image
image/svg+xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/vip-page/vip-slider-arrow.svg
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983ccb9144855e909faaf3a4ae344c8f8075d023b109163ef50308ac540c0d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:50 GMT
server: cloudflare
age: 130
etag: W/"645e0e52-480"
x-cache-status: MISS
vary: null, Accept-Encoding
content-type: image/svg+xml
cf-ttl: 1703526245363
cf-ray: 83b2e58e082165aa-FRA
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 17:43:05 GMT+0000 (Coordinated Universal Time)
expires: Sat, 30 Dec 2023 13:49:24 GMT

GET
H3 200 1700555715192_ferrariactive.jpg
quickwin765412.com/dimg/banner/ 37 KB
38 KB 37ms
37ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/dimg/banner/1700555715192_ferrariactive.jpg?type=image/avif?extension=avif&width=2000&resize_type=fill&gravity=ce
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef86e3158c682926a1a0bdb1d74d83207c363d0fb125ce12dbd9e37966f56bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 409386
cf-polished: qual=85, origFmt=jpeg, origSize=59824
content-disposition: inline; filename="1700555715192_ferrariactive.webp"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 38068
cf-bgj: imgq:85,h2pri
last-modified: Thu, 21 Dec 2023 00:00:20 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 83b2e58e88e265aa-FRA
x-conv-cache-status: HIT
expires: Thu, 21 Dec 2023 01:00:14 GMT

GET
H3 200 casino-dashboard-bg-desk.webp
quickwin765412.com/cdn-static/images/quickwin/entrance/dashboard/webp/ 110 KB
110 KB 79ms
79ms Image
image/webp 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quickwin765412.com/cdn-static/images/quickwin/entrance/dashboard/webp/casino-dashboard-bg-desk.webp
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f48e1f13877f3a2b73bdf8f280632d8d42f4004f83b2417d8192649b501058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
cf-cache-status: HIT
age: 162
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 112574
cf-revalidated: Mon Dec 25 2023 17:42:33 GMT+0000 (Coordinated Universal Time)
last-modified: Fri, 12 May 2023 10:00:13 GMT
server: cloudflare
etag: "645e0e2d-1b7be"
vary: null, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 83b2e58ea92f65aa-FRA
cf-ttl: 1703526213563

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/cover/ Frame CA91 18 KB
2 KB 48ms
47ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/cover/style.min.css?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: fba567510c78e74f786a08758c04c5ea612bd27ee9c775c5fb4753e57c1df6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1470
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/image/ Frame CA91 7 KB
1 KB 48ms
48ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/image/style.min.css?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1441
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/navigation/ Frame CA91 16 KB
2 KB 49ms
49ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/navigation/style.min.css?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2061
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 style.min.css
winner-slots.online/wp-includes/blocks/social-links/ Frame CA91 10 KB
1 KB 50ms
50ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/blocks/social-links/style.min.css?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 22:35:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1402
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 style.css
winner-slots.online/wp-content/themes/bizboost/ Frame CA91 209 KB
29 KB 51ms
50ms Stylesheet
text/css 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/style.css?ver=1696847757
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 3f75e2446874c812c9f47612105104fa5d3d8833dbf077c4daaeeffc3b767403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29239
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CA91 274 KB
91 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NFB7D7V

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9871092083d601f0db7e16e24c537281b0fbcd7265a7f3fabc17b2f72fb1fafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93034
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 17:45:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CA91 228 KB
79 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11435815060

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6732da5309353d59f8b58c023992d258cbdb34bef0ef80d1a8d80f7f1eaf673d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80952
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 17:45:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CA91 274 KB
91 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2NM3GY57HJ

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8376dce9f8f52703122c1a1c1b4eef46ef2da39c4574685ff1bbca76b4fa335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 17:45:15 GMT

GET
H2 200 video-featured.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame CA91 30 KB
30 KB 93ms
93ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/video-featured.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: d83979120aea89605f3fef94e0acbdc5724473cbd9084b27bea5ffd899839f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31159
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 hero-content.png
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame CA91 49 KB
49 KB 94ms
94ms Image
image/png 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/hero-content.png
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: c009807b93d04cb58be1e2cdac7934a512c8b3913eefd0d3f9a72563228a02dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 50151
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 featured-content-1.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame CA91 25 KB
25 KB 47ms
47ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-1.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 33e9ca0a9a965ad4da451eca1f42935be45141b420134584831739400c688058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26063
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 featured-content-2.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame CA91 29 KB
29 KB 47ms
47ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-2.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 486c3ad09607caa76fd99d9e460e0f7c2943bf4e889efbe296cf7430e12ba2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30043
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 featured-content-3.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame CA91 15 KB
15 KB 47ms
47ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/featured-content-3.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 8af864b837e8fb646957e684235bccb6b097dbc41953112cea38d43c4785de99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15783
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 promotional-contact.jpg
winner-slots.online/wp-content/themes/bizboost/assets/images/ Frame CA91 5 KB
5 KB 48ms
46ms Image
image/jpeg 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/images/promotional-contact.jpg
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: df2b4dfc7e9d7d2f321750c35c586c1a5606f0b65cd7c7a43304249ad8dde209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4692
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 custom.js Show response
winner-slots.online/wp-content/themes/bizboost/assets/js/ Frame CA91 5 KB
1 KB 47ms
47ms Script
application/javascript 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/js/custom.js?ver=1696847757
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: cb91e5a485f9cb8d412446bed3cd1b84c7df47f308d30be5b6399722d6717c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1195
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 8C3A 923 KB
265 KB 51ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=78bdcf45-56b4-43b3-a452-beb220803adc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
x-amz-version-id: PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPBW7W4HNMQNRZQ
age: 1781780
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"6f8511a72c96db8b22e6373718b842ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjsWmeZJtYOQgTUmo16IJUMc0wOTVexGtCiKJKWAich77daEosGE0%2B65bLSfKk0SKNWHxsgBWqlxGTqgZlXuygLnmRByrnQoTqCf7yMkH8Lt2d4MAu4BsSuPta1L3FioA0ztnTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b2e58f695265b9-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 modules.618aa075c4d9b6424e07.js Show response
script.hotjar.com/ 220 KB
55 KB 83ms
25ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.618aa075c4d9b6424e07.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3550387.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.233.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-233-14.dus51.r.cloudfront.net

Software

Resource Hash

4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 10:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1c31a54ff1a1fff247c318d7b71b21d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 372909
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55689
last-modified: Thu, 21 Dec 2023 10:09:33 GMT
etag: "6ed2c6300d63320c76677ced187741fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Nkb9-49062Q5w3oAWzGv3qUIqzADYURRcPY3OrFzYQYxFNv5JrAxNg==

GET
H/1.1 200
OK ca.html Show response
20846458p.rfihub.com/ Frame 0DDE 5 KB
6 KB 167ms
31ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20846458p.rfihub.com/ca.html?ver=9&rb=48767&ca=20846458&_o=48767&_t=20846458&pe=https%3A%2F%2Fquickwin765412.com%2Fen%2F&pf=&ra=433609111160584
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 573bf5ed261d2491078ff5e825c5a36f64225dd761eb32c344345e2f61626fee

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4921
Content-Type: text/html;charset=utf-8
Date: Mon, 25 Dec 2023 17:45:15 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 30ms
30ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1152153043&t=pageview&_s=1&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&ul=en-us&de=UTF-8&dt=New%20Online%20Casino%20for%20Online%20Betting%20and%20Gaming%20%7C%20Quickwin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=681383537&gjid=1351425145&cid=2032309696.1703526315&tid=UA-258885462-1&_gid=1416867644.1703526315&_r=1&_slc=1&gtm=45He3bt0n81PV2Q5X5v9103625674&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=30218806

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quickwin765412.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 730 B
1 KB 90ms
30ms Script
text/javascript 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?pm=2796857&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=555605310485&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b0c0b5c3a291833446910b3911608b3fcdc9ee2b0998b2412af5bd140a21713c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 480
expires: -1

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=417752202514&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.c...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=417752202514&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765...

116 B
720 B

30ms
30ms

Script
text/javascript

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=417752202514&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e56d883115ac449f6460cbab8cba4dc92efaf906a10d8ffd31471282e695c301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 190
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3134589&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=417752202514&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=406063975414&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=406063975414&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x...

835 B
1 KB

43ms
40ms

Script
text/javascript

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=406063975414&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

26f69da76f046e50d712cc3689436c8f17c460a56aebd395068d7210825e2665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 674
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=allPages&ADFdivider=%7C&ord=406063975414&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=551239907792&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=551239907792&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x...

835 B
1 KB

42ms
39ms

Script
text/javascript

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=551239907792&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fed78f25c202e5ce5a6578c716478d85dc1af4c458942ff2aa1c3dfa8dae9b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 675
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=551239907792&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 72ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EFZEET6PW6&gtm=45je3bt0v9103640448z89103625674&_p=1703526314379&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2032309696.1703526315&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703526315&sct=1&seg=0&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&dt=New%20Online%20Casino%20for%20Online%20Betting%20and%20Gaming%20%7C%20Quickwin&en=page_view&_fv=1&_ss=1&up.UserID=Not%20Login&tfd=1629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFZEET6PW6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quickwin765412.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK b2d60636-809a-41e8-9870-3204d87a2d63
https://winner-slots.online/ Frame CA91 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://winner-slots.online/b2d60636-809a-41e8-9870-3204d87a2d63
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 quickwin.gif Show response
adjs.media/hit/ 0
337 B 137ms
136ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/hit/quickwin.gif?date=1703526315484&page=https%3A%2F%2Fquickwin765412.com%2Fen%2F&ref=&tid=tid-37005b312.254aa1b7f

Requested by

Host: adjs.media
URL: https://adjs.media/resources/content/quickwin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 652a25b1-3f79-4002-a752-990d7a9cfcb0
x-runtime: 0.004520
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vplZCYEz8nPiZQa9trn5J%2Fh7yaPAadUn4fA4dhWGWvgvygz6CpYt%2Fj%2B1cMoy2BtB7A1omTf710pwU7d8XWv%2FfO%2BkEkH%2Fm5qQDJbAlWp%2BxaU3xw%2FUKKd4H8R%2Fi%2Fb7zEKtRITHdx3pP%2FSR"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 83b2e58fd8872c04-FRA

GET
H3 200 mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js Show response
www.google.com/js/bg/ Frame 375F 17 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yb56d19dkezz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 02:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6828
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Dec 2024 02:47:06 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 375F 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 19:56:54 GMT
x-content-type-options: nosniff
age: 596901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Dec 2023 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 375F 15 KB
16 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 325099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 375F 15 KB
15 KB 69ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 420228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 375F 102 B
135 B 29ms
29ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbSf4kAAAAAAJey7uEFxYpE7Tn2cR1Y3WBNyGi&co=aHR0cHM6Ly9xdWlja3dpbjc2NTQxMi5jb206NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yb56d19dkezz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Dec 2023 17:45:15 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame CA91 4 KB
2 KB 364ms
206ms Script
application/javascript 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK8KFRRC77UACAV1FU60&lib=ttq
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c0f171f21fdab975b904fe917ed65ed581318e650c5293deef4a81528e329e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 3c7aadf7.cd61cfd6
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231225174515B64D47DF61A3EAB4F502-22084A42EBDEAB24-00
x-cache: TCP_MISS from a2-23-7-30.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 109,2.23.7.30
server-timing: cdn-cache; desc=MISS, edge; dur=117, origin; dur=6, inner; dur=4
content-length: 1364
pragma: no-cache
server: nginx
x-tt-logid: 20231225174515B64D47DF61A3EAB4F502
x-cache-remote: TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.48.100.71
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca7944b213e5fe93d18f6a4e897c153ce201f32a5b8d2aa2bace03ce2170768774df0d2b8816174ec87f933a6465c6b72aafd495766c79e89bf6dfa5583632d601e0e95d37be5a39eb09717e889e2a46634f47ee8d29343dcb1b63aadf9b7ca0ceeb
expires: Mon, 25 Dec 2023 17:45:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame CA91 202 KB
54 KB 75ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Dec 2023 17:45:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: QaToLBy7vTbmipBslBXIpzfCxcsYQo1BtC6p8/8XbjsHlXfBTFBQa4NmskLOGP2bH2ngpDF2BCtqVl1NE5Nzng==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame CA91 5 KB
3 KB 87ms
31ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 30 Oct 2024 19:01:13 GMT
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/31/2023 19:01:13
cdn-pullzone: 692289
last-modified: Fri, 04 Aug 2023 14:59:50 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64cd1266-1353"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9dc7eb218bfb479c10faaaa582b78a54
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sync
rtg.prdredir.com/ 43 B
658 B 143ms
133ms Image
image/gif 2606:4700:20::681a:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fquickwin765412.com%2Fen%2F&sh=1200&sw=1600&date=1703526315531&fp=uid-3188468404.2064048522

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="pixel.gif"
x-xss-protection: 1; mode=block
x-request-id: 4e2bf374-aded-49b3-a4fd-a001351dee8c
x-runtime: 0.000885
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrRUoDZ8ALmwrynn2I0hPnbmbOYxVRGjXM4YhgS3nfOdegw594T%2F7paBVf7%2FGQz0ldcN7jHoLlOYI54tloBHzRQwHKz4%2BjsI%2Fa6PiWDUiCffMq4HedGytXz8UFwE4%2FVpu0Z8eKRY4Idq3WzEOs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 83b2e5903d166957-FRA

GET
H2 206 video-featured.mp4
winner-slots.online/wp-content/themes/bizboost/assets/video/ Frame CA91 432 KB
0 48ms
47ms Media
video/mp4 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-content/themes/bizboost/assets/video/video-featured.mp4
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://winner-slots.online/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-7262571/7262572
date: Mon, 25 Dec 2023 17:45:15 GMT
last-modified: Mon, 09 Oct 2023 10:35:57 GMT
server: LiteSpeed
Content-Length: 7262572
content-type: video/mp4

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 116 B
719 B 30ms
30ms Script
text/javascript 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2796857&ADFPageName=quickwin.com%2Fen&ADFdivider=%7C&ord=555605310485&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJlbiJ9XX0&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=4146698757441511565

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a4f6ca79d14dad289eb7035d0e81e04571532d249fa80845c38bd1d274a493e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 189
expires: -1

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 8C3A 25 KB
6 KB 35ms
35ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
x-amz-version-id: Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPFGS4SBCJ216KA
age: 1781779
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified: Tue, 05 Dec 2023 00:24:12 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8857zPw%2B5fymRMIhu78tLJy0350M306Ybbr8tpEMv7ptXibJtZpmvw6Y%2FkpQ%2Fxh9lMkn6f%2FRZ%2BTbiMObQzVClX9RLqVT2jlUBA7EAK3HCYWjoJS5923nEQrWLVoz6AlxQENL7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b2e5910c4a65b9-FRA
expires: Wed, 04 Dec 2024 00:24:11 GMT

GET
H2 200 config Show response
quickwin.zendesk.com/embeddable/ Frame 8C3A 508 B
1 KB 134ms
50ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quickwin.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 073c099d4311d75bb5dd92d4f7fb539af3f161acbe89bb7e7b0e3e2d445412cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 0
x-zendesk-origin-server: embeddable-app-server-8694cc55d4-dmwgp
x-cached: STALE
x-request-id: 83b2d89f0bbc9176-FRA
x-runtime: 0.002057
last-modified: Mon, 25 Dec 2023 17:45:15 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgSO7Qmmp1j3fgqiSG1gXIeEIeiXP7HLYXufm3DbASKzjC3MDn2oAL36etx6W32EdS3Qo6UlvehzGlArr91Zksn%2FtVoF4ID2w68Tuo9BQAmr3xdcrDxx%2F6AjLMLqCjAg6bkVBEY6"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 83b2e5919d1f1cab-FRA

GET
H2 200 wp-emoji-release.min.js Show response
winner-slots.online/wp-includes/js/ Frame CA91 18 KB
5 KB 127ms
127ms Script
application/javascript 185.199.175.191
HOSTERION

General

Check archive.org

Show headers Download Go to

Full URL: https://winner-slots.online/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: winner-slots.online
URL: https://winner-slots.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.175.191 Floreşti, Romania, ASN43927 (HOSTERION, RO),
Reverse DNS: eros.hosterion.net
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 04:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Mon, 01 Jan 2024 17:45:15 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 0ADE 4 KB
2 KB 40ms
39ms Document
text/html 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=3199129&ADFPageName=Homepage&ADFdivider=%7C&ord=551239907792&ADFtpmode=2&loc=https%3A%2F%2Fquickwin765412.com%2Fen%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

53fb07be18a9f08ac5e583f9d4497ec03b972d7667bc31511eb91ecf53e6e8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 17:45:15 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
467 B 363ms
35ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=5404315708731918970&stamp=clSsn4yfX4gDvP-67D9Y4w2

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
466 B 363ms
36ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=1414419782452456610&stamp=wfFMv6dZEyADvP-67D9Y4w2

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 0DDE
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731643755681&referrer=https%3A%2F%2Fquickwin765412.com%2Fen%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dcb4f628c-2103-44f9-9d25-7e807ff...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731643755681&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dcb4f628c-2103-44f9-9d...
https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.188818

0
9 B

33ms
33ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.188818
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 f6d3d027dc70c7291c2f685efb187ab2.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: ZRH55-P1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.188818
content-length: 445
x-amz-cf-id: feiTo1W20sRflInCfoD50nDAeMZRRpwVdh1iK4HdUo_z0Hy6UUJGiQ==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 0DDE
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTY0Mzc1NTY4MQ==&forward=
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTY0Mzc1NTY4MQ==&forward=&google_tc=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBkcGDgRD1YFlbR5awdje1I&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731643755681&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dcb4f628c-2103-44f9-9d25-7e807ff...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731643755681&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dcb4f628c-2103-44f9-9d...
https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.3954232

0
9 B

30ms
29ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.3954232
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 f6d3d027dc70c7291c2f685efb187ab2.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: ZRH55-P1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.3954232
content-length: 447
x-amz-cf-id: Wzoi02bkyBajNo-6-z12cRYyAaHLfK_ZLMGKsSX_Ti9DYRHXU4LEUA==

GET
H2 200 setuid
ib.adnxs.com/ Frame 0DDE 43 B
830 B 42ms
39ms Image
image/gif 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5108559731643755681

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
an-x-request-uuid: b5ee0aeb-cdfc-4466-bf71-f2c28fce311d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 0DDE
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559731643755681&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731643755681&redir=

42 B
717 B

44ms
43ms

Image
image/gif

54.194.146.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731643755681&redir=

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Server

54.194.146.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-146-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0f36061c8.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 8IljpNzUSR8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0d41b9f76.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 4fQoTb4PRKQ=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731643755681&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 0DDE 0
225 B 344ms
32ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5108559731643755681&r=
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 0DDE 43 B
264 B 343ms
30ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5108559731643755681&r=
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 0DDE
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559731643755681&bid=omt9pi0

0
344 B

90ms
22ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559731643755681&bid=omt9pi0
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 17:45:16 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559731643755681&bid=omt9pi0
Date: Mon, 25 Dec 2023 17:45:16 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 0DDE 57 B
619 B 405ms
93ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559731643755681

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 17:45:16 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Mon, 25 Dec 2023 17:45:16 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 0DDE 43 B
109 B 454ms
142ms Image
image/gif 34.197.216.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559731643755681
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.216.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-216-192.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0DDE
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731643755681&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731643755681&forward=&C=1

43 B
337 B

68ms
67ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731643755681&forward=&C=1
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlPfmXR4R8bYHCI0ky4W30Xp8%2BpFjdyBLF3AD8BGIf2UkxG3ZbXZdqINb1QAeZGX4C9xe4fm%2B63TtsiDl8roV4AA0rnC0MNsgRRl2MhMR1JV%2FW1ALXQV3dyv3VmlIytbUW9lgMlhPzaT4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b2e5945aff4528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASLgrqIuFRU%2Bqz%2FXcEGWdSkn8sndYXMuxI4j3rCZjX30oxlnJY3a9ajsvPl%2BMFbywuWIsdhMp%2Fr68l0O3OmN%2FYe6ArlvshhqO59r%2BntraVQZ7uRrKxx0upNibcJ2JIBmKfuGHt43z0wU6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5108559731643755681&forward=&C=1
cache-control: no-cache
cf-ray: 83b2e593b99b4528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 0DDE 0
98 B 302ms
33ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559731643755681
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 0DDE 43 B
182 B 371ms
185ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559731643755681

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-169-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 17:45:16 GMT
pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 0DDE 43 B
175 B 653ms
112ms Image
image/gif 2600:1f18:612b:4216:f6cb:3f79:9ccd:b60d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5108559731643755681&r=Hfx2klC3tjuE
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:f6cb:3f79:9ccd:b60d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 25 Dec 2023 17:45:16 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 0DDE 43 B
377 B 176ms
42ms Image
image/gif 54.216.96.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559731643755681
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.96.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-96-95.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 0DDE 0
337 B 131ms
44ms Image
text/plain 54.247.15.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559731643755681
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.15.19 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-15-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1703526316
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame 0DDE 43 B
145 B 22ms
22ms Image
image/gif 18.196.198.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559731643755681&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.198.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-198-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 0DDE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZYm-rAAJnXrvxQBU
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYm-rAAJnXrvxQBU&_test=ZYm-rAAJnXrvxQBU

42 B
1 KB

27ms
27ms

Image
image/gif

193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYm-rAAJnXrvxQBU&_test=ZYm-rAAJnXrvxQBU
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20846458p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 25 Dec 2023 17:45:16 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-cph2320032-CPH
pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1703526316.432043,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZYm-rAAJnXrvxQBU&_test=ZYm-rAAJnXrvxQBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CA91 274 KB
91 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2NM3GY57HJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NFB7D7V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34d78b8a1214df7dae4629b4987f6459559d5edb05a3c15c854613cd0a1a4d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93057
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 17:45:15 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11435815060/ Frame CA91 3 KB
2 KB 341ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11435815060/?random=1703526315804&cv=11&fst=1703526315804&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&top=https%3A%2F%2Fquickwin765412.com&hn=www.googleadservices.com&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&did=dZTNiMT&gdid=dZTNiMT&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11435815060

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6afdd207510297ba49e0be23b4d3f0c49000d862d43967dfd5a24efe2b3429a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1268
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
track.wolf22.xyz/ 0
260 B 101ms
101ms Image
text/plain 88.214.195.93
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.wolf22.xyz/pixel?auth=dg12ck&event=visit&site=quickwin765412.com&ln=en-US
Requested by: Host: quickwin765412.com
URL: https://quickwin765412.com/en/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.93 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 17:45:15 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Server: nginx/1.20.0
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mt_quickwin Show response
scpt.getrmads.com/t/ 0
317 B 302ms
301ms Script
text/plain 2606:4700:3032::ac43:cb12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scpt.getrmads.com/t/mt_quickwin?ts=1703526315818&sh=1200&sw=1600&ref=&lp=https%3A%2F%2Fquickwin765412.com%2Fen%2F&fp=47b8b49c4.33e04c0b4.361deb405
Requested by: Host: scpt.getrmads.com
URL: https://scpt.getrmads.com/src/mt_quickwin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAWyvrV3kWNWnHsCr%2BS3jDGk1t3riafQH9fZY8ZDpSe0gWMkgfk%2FLb2ewyB1SliUKur485AHuNuavDRBxBEt41Pujh62FleigbgXBT%2Bf2JcbkT7txlOPxI2lVqChUOvEIsnxYLtcUyNtc%2FGU5gCtUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83b2e591eca5085b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
metrics.getrmads.com/tag/ 4 KB
2 KB 161ms
141ms Script
text/javascript 2606:4700:3032::ac43:cb12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Requested by: Host: scpt.getrmads.com
URL: https://scpt.getrmads.com/src/mt_quickwin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70f3083a31279768ce4485d94f7a71a1588232bfd7add408e71ae95a03d80c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESKSYjN%2FXMz8QaGsHAPTGRYy6KnlcYUm2lMYXJ79kQT9GKNTGsdpm%2F946vMlLApafNaFlG6VXTdu3o59RuOHMpiHHzUhxEOJ64ax2%2FXTpuRqemnNvR3BEHVEqUrdOphWt6WFvA8Fm8mAqV3gGP%2FPa8ua1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83b2e5920cc9085b-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 cssession Show response
dsp-trk.eskimi.com/tracking/ Frame CA91 2 B
172 B 293ms
32ms XHR
text/plain 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-trk.eskimi.com/tracking/cssession?tst&id=32550&url=https%3A%2F%2Fwinner-slots.online%2F&t=1703526315835
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://winner-slots.online
date: Mon, 25 Dec 2023 17:45:15 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/plain; charset=UTF-8

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ Frame CA91 116 B
578 B 290ms
29ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?id=32550&url=https%3A%2F%2Fwinner-slots.online%2F&t=1703526315836
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 310f0e0193d48fcb72e645f098698f91af95367cf76cdf9e7aac8087c94590c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://winner-slots.online
date: Mon, 25 Dec 2023 17:45:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 2039699393095584 Show response
connect.facebook.net/signals/config/ Frame CA91 133 KB
35 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2039699393095584?v=2.9.138&r=stable&domain=winner-slots.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6bc617ac8e5122153b2daed71181bdf2a735d28a71ac27101f766125f36a8126

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Dec 2023 17:45:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35377
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: SEeb8SNxCtzB8qTaGxbgnBWhTOA9fGOEL0Skj3tNwWzlKy1m50s4HNP04vGJ8rQIt4E0YpgcHk6bf8ddYtRF9w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
event.getblue.io/p/ Frame 02EB 1 KB
867 B 316ms
316ms Document
text/html 18.228.178.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&ulc=&v=29092023-1023&nocache=3129290529248.516
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.228.178.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-228-178-86.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: 96708161396acf5383c6ee29bd32bd0dae5c2669c5e6ad9ca630f60f84854b70

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 25 Dec 2023 17:45:16 GMT
tagcontainer-version: 1201-09112023-2349
vary: Accept-Encoding

GET
H2 200 / Show response
widget.getblue.io/event/ 13 B
92 B 243ms
229ms Script
text/javascript 18.228.178.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getblue.io/event/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&ulc=&v=29092023-1023&if=0&nocache=8203437543242.294
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.228.178.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-228-178-86.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
content-length: 13
content-type: text/javascript;charset=UTF-8

GET
H2 200 web-widget-chat-sdk-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 8C3A 202 KB
51 KB 39ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
x-amz-version-id: TdcYv88Lf5u9m3AG8eAA2HBmnexgob8V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0X24BSPSV39D8D28
age: 1781779
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 1eGND/GjxrlQxia9pWdTTwHT8UuCrrKDdbJzZuma1/VkfAY1PcOzD5FH1w1FjTJn2c8rVgJg5Po=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3ifD5hVCvcf5QgbuW%2Fo93AGS5WoaUNY7IkThBC0BjTjxfiwUNES7H8yHtWY5VDJ2BbkGIgizq5nv3e9TCQBd4ISDx6F8MGz5lYfyUXW0nN%2FI31IvuFKmtAYhpxOmMTTSJcJWcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b2e5926e4965b9-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 main.MWNkZmM2YTcxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame CA91 401 KB
108 KB 41ms
41ms Script
application/javascript 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK8KFRRC77UACAV1FU60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 87260ecf581a44a18ca2165015348383b430e6b77ca0b0ec4a9a3b1ebff57160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: cd61d4b6
date: Mon, 25 Dec 2023 17:45:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023122112255924333CA51F844AE95C69
x-tt-trace-id: 00-23122112255924333CA51F844AE95C69-3C835C01DA431FAD-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-7-30.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a05b0ac8e78bbff2df33470dfa13c33d8ed38cb2132698e7a7a18c0f038859bd786fc27d2f6f19733c9fc38b5528ead9a96e80e96ea90b3196b1a25c17c5548feda90ee7609e409dceee9a8a1aecc5d9176e2f5486796b3c7c5eab68ef1511d3
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length: 110273

GET
H2 200 plf
c1.adform.net/imatch/ Frame 0ADE 0
384 B 39ms
38ms Image
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 0ADE 43 B
199 B 140ms
43ms Image
image/gif 99.81.117.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5404315708731918970&Expiration=1704735915
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.117.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-117-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 17:45:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0ADE 0
235 B 106ms
33ms Image
text/plain 23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 17:45:16 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 24 Dec 2023 17:45:16 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 0ADE 0
214 B 117ms
24ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 9db1556130a9e92b896eecae836f6a70
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 0ADE 0
38 B 88ms
18ms Image
text/plain 52.28.225.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5404315708731918970&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.225.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-225-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
content-length: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 0ADE 43 B
163 B 102ms
30ms Image
image/gif 91.134.110.136
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5404315708731918970&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.110.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-91-134-110.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:15 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 0ADE 43 B
639 B 128ms
27ms Image
image/gif 2607:ae80:192:1::172
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:192:1::172 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 17:45:16 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1703526316160050-370

GET
H2 200 sync
x.bidswitch.net/ Frame 0ADE 43 B
146 B 94ms
21ms Image
image/gif 18.196.198.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.198.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-198-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0ADE
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404315708731918970&expiration=1704735915
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404315708731918970&expiration=1704735915&C=1

43 B
325 B

78ms
78ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404315708731918970&expiration=1704735915&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jbRRAzoVJAJmPCqn1kNTAl9uu9dCu6xFHBk5MynctFqRymS817GNVZqWvXYD%2BNZk%2BeLvPbe6o32FF2i6dlvldJkJrwu1Qj7PcVQjA4A2EEhi5HNyGfE91TeXUi80qCx7VxMPmc8mH5qvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b2e5945b024528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlvzFT%2BVil%2BhR%2F64wDxfeoPpW0SIODAudK1hPjLMbYtZpje9IhhMAX5o4cxJ%2F6csJUVstl3a%2B%2FjqCyANd1TElaC%2Fx5VC3K6dgo5VT5bJoXhXBMCoBX9MbsVhdTicjJY%2BqAq3eSDHKB6VzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=5404315708731918970&expiration=1704735915&C=1
cache-control: no-cache
cf-ray: 83b2e593b99d4528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame 0ADE
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5404315708731918970&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5404315708731918970&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=5404315708731918970&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7316589815103223966&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=4223567696920478705&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MTFFNkMxNjMxMTg2OTBBNw&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEDevC4UIIpIxTVcTh9BjmPg&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEDevC4UIIpIxTVcTh9BjmPg&sInitiator=internal&google_cver=1&gdpr=

0
415 B

40ms
40ms

Image
text/plain

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEDevC4UIIpIxTVcTh9BjmPg&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:18 GMT
uip-status: Ok
frontend-id: 04
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:18 GMT
frontend-id: 1
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEDevC4UIIpIxTVcTh9BjmPg&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 0ADE 0
344 B 123ms
21ms Image
text/plain 3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5404315708731918970&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 17:45:16 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 0ADE
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5404315708731918970
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5404315708731918970&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
386 B

283ms
19ms

Image
image/gif

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 25 Dec 2023 17:45:16 GMT
x-age-lb: 552319
x-77-cache: HIT
x-accel-date: 1702973997
content-length: 43
x-77-nzt: EQwBnJIhiwH3f20IAA
x-accel-expires: @1703945611
x-77-age: 552319
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: cf878727246b5488acbf89657b86cb28
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Mon, 25 Dec 2023 17:45:16 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 0ADE 0
42 B 30ms
30ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5404315708731918970/gdpr=/ Frame 0ADE 49 B
265 B 142ms
45ms Image
image/gif 54.194.101.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5404315708731918970/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.101.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.47
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 0ADE 62 B
218 B 204ms
157ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 25 Dec 2023 17:45:16 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 0ADE 43 B
97 B 49ms
31ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 0ADE
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

325ms
48ms

Image
image/gif

52.218.97.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Server: 52.218.97.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 17:45:17 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: WBVW1N1HFC8TCQVQ
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 9BLzTGpAFEASmbpdwE1AcAGApnJDa1jKSRYOizJw1Tgm4gLYVqA/amxlSnQshOyqqFXRqwDKdzE=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 25 Dec 2023 17:45:15 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 0ADE
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5404315708731918970
https://tags.adsafety.net/v1/cm?cm_uid=CM1202312251745fb83a7938b25bf1b6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=2c81ba266a9d707eb2e21629d1459895
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzEyMjUxNzQ1ZmI4M2E3OTM4YjI1YmYxYjY&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEIeZMs25j075bC2HSwoX6Yo&gdpr_consent=&gdpr=0&google_cver=1
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202312251745fb83a7938b25bf1b6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=2c81ba266a9d707eb2e21629d1459895&idt_did_status=added&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202312251745fb83a7938b25bf1b6
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2864804386523492739

43 B
2 KB

48ms
47ms

Image
image/gif

217.79.178.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2864804386523492739
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Server: 217.79.178.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm48.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 17:45:17 GMT
Last-Modified: Mon, 25 Dec 2023 17:45:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2864804386523492739
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 0ADE 0
338 B 94ms
43ms Image
text/plain 54.247.15.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.15.19 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-15-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1703526316
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 0ADE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTQwNDMxNTcwODczMTkxODk3MA
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP_54ivskY1ICPchDN1E92s&google_cver=1&google_ula=1641347,0

35 B
600 B

38ms
38ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP_54ivskY1ICPchDN1E92s&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP_54ivskY1ICPchDN1E92s&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 0ADE 0
384 B 38ms
37ms Image
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame 0ADE
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=4223567696920478705&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=2864804386523492739

43 B
872 B

29ms
29ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=2864804386523492739

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
an-x-request-uuid: f978c7ed-8942-43fc-adb8-17698357ecb1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=2864804386523492739
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 0ADE 0
225 B 122ms
41ms Image
text/html 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 25 Dec 2023 17:45:15 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 0ADE 43 B
444 B 68ms
22ms Image
image/gif 18.66.248.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-68.dus51.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 18:52:22 GMT
Via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: DUS51-P1
Age: 82374
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: eXU55vmS0U1dCc3MBy5URh3YrqMm2Hk-5qsRUKbQN651bwmqiCVUGg==

GET
H/1.1

200

p
a.audrte.com/ Frame 0ADE
Redirect Chain

https://a.audrte.com/a?adform_uid=5404315708731918970
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWE3UFVsZ296WExSTmEzaVFPdEFqMFJqdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

44ms
44ms

Image
image/png

54.217.36.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: HTTP/1.1
Server: 54.217.36.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-36-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 17:45:16 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 25 Dec 2023 17:45:16 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 0ADE
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5404315708731918970&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://c1.adform.net/serving/cookie/match?party=1007&cid=34847029226766502724360514930461732386&noredirect=1

35 B
600 B

39ms
38ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=34847029226766502724360514930461732386&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-irl1-1-v054-0a80e641c.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: pSl1Mt9ERKo=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=34847029226766502724360514930461732386&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 0ADE
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5404315708731918970
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219783204741002886496

35 B
600 B

39ms
39ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219783204741002886496

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219783204741002886496
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 0ADE
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7316589815103223966

35 B
600 B

39ms
39ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7316589815103223966

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7316589815103223966
Date: Mon, 25 Dec 2023 17:45:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 0ADE 62 B
429 B 195ms
193ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 25 Dec 2023 17:45:16 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 0ADE
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=y9ohstzc1RhP0U5

35 B
591 B

38ms
38ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=y9ohstzc1RhP0U5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 17:45:16 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=y9ohstzc1RhP0U5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0ADE 70 B
149 B 377ms
46ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET image.sbmx
global.ib-ibi.com/ Frame 0ADE 0
0

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 0ADE 43 B
921 B 305ms
22ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=5404315708731918970

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 0ADE
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1883330046
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=DKB0Dz2boxGKnEP1wCifJO

35 B
600 B

39ms
38ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=DKB0Dz2boxGKnEP1wCifJO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
via: 1.1 google
last-modified: Mon, 25 Dec 2023 17:45:16 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=DKB0Dz2boxGKnEP1wCifJO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 0ADE 23 B
163 B 246ms
46ms Image
image/gif 2.19.85.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-30.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 17:45:16 GMT
pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 /
s.ad.smaato.net/c/ Frame 0ADE 0
238 B 149ms
51ms Image
text/plain 2600:9000:224a:da00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:da00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: no-cache, must-revalidate
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: BbSelSPE2MPfoNXkpT8ffFEOiRYHqDqn7AYLzjG8uWAGw03f9EtvXA==
x-cache: Miss from cloudfront

GET
H2 200 5404315708731918970
match.contentexchange.me/adform/ Frame 0ADE 0
49 B 113ms
39ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/5404315708731918970?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 0ADE 37 B
140 B 59ms
20ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=5404315708731918970&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame 0ADE 0
44 B 61ms
19ms Image
text/plain 52.58.128.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=5404315708731918970
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.128.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-128-62.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 0ADE 0
384 B 38ms
38ms Image
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5404315708731918970&agencyId=9093&advertiserId=2180301&src=tp&rnd=136981
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 /
www.facebook.com/tr/ Frame CA91 0
185 B 57ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2039699393095584&ev=PageView&dl=https%3A%2F%2Fwinner-slots.online%2F&rl=&if=true&ts=1703526316159&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=empty&it=1703526315851&coo=false&rqm=GET

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 25 Dec 2023 17:45:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_ce767.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame CA91 135 KB
36 KB 49ms
48ms Script
application/javascript 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: cd61d945
date: Mon, 25 Dec 2023 17:45:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202312211225586EB95E8EA929F1209087
x-tt-trace-id: 00-2312211225586EB95E8EA929F1209087-46E77682794C0B49-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-7-30.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016c6e4d25d353677d5a3c2b54643949e09859a46ee06db796c67f7f6fcf33d325d743be49e4745b987477c65b00ac0856a842e579cbe142e396ece5a86908aa5e90fc2d5c1aaa8d84751001c65b916eeb8c05b1611a1b7672bb39a85fb3372e0e
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 36007

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame CA91 0
835 B 195ms
194ms Ping
text/plain 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winner-slots.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4534e045.cd61d9aa
date: Mon, 25 Dec 2023 17:45:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23122517451670674A918026BA5F55A5-0FCE5A8CA029D78D-00
x-cache: TCP_MISS from a2-23-7-30.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 138,2.23.7.30
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=41, inner; dur=33
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023122517451670674A918026BA5F55A5
x-cache-remote: TCP_MISS from a23-48-100-80.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.48.100.80
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca7944b213e5fe93d18f6a4e897c153ce2016306b2aead2630a3b4880c2fe5b6b41ad589d3f8dc3387d0da98c6278af61299248d9921f9caedd7a876a0f3a7ed72db866ceabc1a6caef079c983140b6bad09e853916ce9f5baf50e3e06209c0d1318
access-control-allow-headers: Authorization,*
expires: Mon, 25 Dec 2023 17:45:16 GMT

GET
H3 200 wmetrics Show response
metrics.getrmads.com/ 0
515 B 457ms
457ms Script
text/javascript 2606:4700:3032::ac43:cb12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.getrmads.com/wmetrics?rtid=REH-1691446272083886&lg=en-us&sr=1600x1200&fr=0&dr=&dl=https%3A%2F%2Fquickwin765412.com%2Fen%2F&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: metrics.getrmads.com
URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6m0Y1Qdssxaw8lRgKUsQ9%2Bo2YV7Lk0tnmhUT6y40WdWJ42qlzOqbZT5bnIgyG02bTDq6EoR7AQxqnxruT9VY23v6ACAOrZGT89%2B%2Fyonnf5a5AboPjP5EyISBVpHnRhziOC3%2FrKYtEIPaillB%2BY3PSJL8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83b2e5944d1b1e66-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/11435815060/ Frame CA91 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11435815060/?random=1703526315804&cv=11&fst=1703523600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_WRTjvPzOa9IHWlOq6z2bcyej7diLSg&random=1757919696&rmt_tld=0&ipr=y

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11435815060/ Frame CA91 42 B
455 B 82ms
33ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11435815060/?random=1703526315804&cv=11&fst=1703523600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinner-slots.online%2F&frm=2&tiba=Winner-Slots.Online%20%E2%80%93%20Gaming%20Online%20Platforms&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_WRTjvPzOa9IHWlOq6z2bcyej7diLSg&random=1757919696&rmt_tld=1&ipr=y

Requested by

Host: winner-slots.online
URL: https://winner-slots.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winner-slots.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 47ms
47ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=6dbc1654108520062cc5e1b2cbe1761d0aeee75ec04eecdef0bd17e37b76a87c&ttl=&rurl=https%3A%2F%2Fquickwin765412.com%2Fen%2F

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ Frame CA91 0
833 B 184ms
183ms Ping
text/plain 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winner-slots.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c15b5a62.cd61de03
date: Mon, 25 Dec 2023 17:45:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231225174516161862C933A793342E8F-0CD874B002843AAE-00
x-cache: TCP_MISS from a2-23-7-30.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 119,2.23.7.30
server-timing: cdn-cache; desc=MISS, edge; dur=117, origin; dur=24, inner; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231225174516161862C933A793342E8F
x-cache-remote: TCP_MISS from a23-48-100-68.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.48.100.68
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca7944b213e5fe93d18f6a4e897c153ce201ad601ceae142be0acda0351268e6c554aed4046244fc69ddba3ff324baaaa02880401e77b7c6812bee49b2d7a65fa0522c047c552590029ce79aa03cd10d686b6bb201b2d85f2c5371b6daff40ba4d63
access-control-allow-headers: Authorization,*
expires: Mon, 25 Dec 2023 17:45:16 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame 02EB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&google_ula=6572934421&ula=65729344...
https://cms.getblue.io/cm/?src=adx&child=europe&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&google_gi...

2 B
99 B

644ms
211ms

Image
application/json

54.94.153.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&google_gid=CAESEDJK2UqEJnfNoWMr6caL66o&google_cver=1&google_ula=6572934421,0
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&ulc=&v=29092023-1023&nocache=3129290529248.516
Protocol: H2
Server: 54.94.153.138 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-153-138.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&ula=6572934421&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&google_gid=CAESEDJK2UqEJnfNoWMr6caL66o&google_cver=1&google_ula=6572934421,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 493
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame 02EB 43 B
919 B 62ms
61ms Image
image/gif 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=449&code=F4E0DB39-C288-4FF1-9DC5516841777AFD

Requested by

Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&ulc=&v=29092023-1023&nocache=3129290529248.516

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
an-x-request-uuid: 7e6450bc-57be-451f-8cc5-65c59dc3f7f9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame 02EB
Redirect Chain

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&appn...
https://cms.getblue.io/cm/?src=appnexus&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&appnexusid=4223567696920478705

2 B
100 B

643ms
210ms

Image
application/json

54.94.153.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=appnexus&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&appnexusid=4223567696920478705
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=615EE320-F864-1EFC-FE69D99CF417DF26&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&ulc=&v=29092023-1023&nocache=3129290529248.516
Protocol: H2
Server: 54.94.153.138 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-153-138.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:45:16 GMT
an-x-request-uuid: a3fceb9d-58f4-41da-b62a-64bdef569b87
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cms.getblue.io/cm/?src=appnexus&ckid=F4E0DB39-C288-4FF1-9DC5516841777AFD&cid=615EE320-F864-1EFC-FE69D99CF417DF26&blueID=f2c6b686-94aa-459e-8eea-3a2412c705da&appnexusid=4223567696920478705
x-proxy-origin: 84.19.175.184; 84.19.175.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 audience-pixel.min.js Show response
event.getblue.io/r/ Frame 02EB 5 KB
3 KB 219ms
219ms Script
application/javascript 18.228.178.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/r/audience-pixel.min.js?nocache=1090

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.228.178.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-228-178-86.sa-east-1.compute.amazonaws.com

Software

Resource Hash

53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 14:19:54 GMT
etag: W/"5608-1703513994342"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 web-widget-chat-incoming-message-notification-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 8C3A 236 B
600 B 42ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
x-amz-version-id: vFeMRdO_ves3AqXqcJa51X.kBsGbKmeW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: A4N17FH4T4Q3T2FA
age: 1781780
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: jj3IJP8SG1qYvE4k5/yGOQQcVY1t9fS2FwFAUdl7K5931Xd3flm5WF8IJiZ/yy12ah/e+h8TsYA=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqLoyCzU6nnVQhBEBEZQdcrTI9Bl9xHjadz8skGcYr7R%2F6DxARuiMp5RwgDAvhGlfTrx17lFtylXoadCNKwL2I1dRZQOZskINQCkijswfHPJ2X4CfaX3HlGn8ci7SXYk74Ppkxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b2e597de5965b9-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame 1644 26 B
1016 B 28ms
27ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=48767&ca=20846458&ri=3164f5238a1ea42278c4c4091a9dc9ad&stats=%7B%2213488%22%3A%221003%2C2%22%2C%2217243%22%3A%22101%2C1%22%2C%2242261%22%3A%22433%2C1%22%2C%2250495%22%3A%22727%2C1%22%2C%2252220%22%3A%22514%2C1%22%2C%2253935%22%3A%22444%2C1%22%2C%2254497%22%3A%22534%2C1%22%2C%2254855%22%3A%22433%2C2%22%2C%2254863%22%3A%221013%2C1%22%2C%2255073%22%3A%22433%2C2%22%2C%2256659%22%3A%22444%2C1%22%2C%2256885%22%3A%22494%2C2%22%2C%2257347%22%3A%22540%2C2%22%2C%2257363%22%3A%22695%2C1%22%2C%2258143%22%3A%22436%2C1%22%2C%2258553%22%3A%22746%2C2%22%2C%2258561%22%3A%22494%2C1%22%7D&ra=6147430088633359
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://quickwin765412.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Mon, 25 Dec 2023 17:45:16 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 8C3A 19 KB
20 KB 36ms
36ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 25 Dec 2023 17:45:16 GMT
x-amz-version-id: Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KH5VE2Z70ZGQ75A2
age: 2125486
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified: Wed, 29 Nov 2023 08:06:43 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSNom1MA5iK8wf3gOOie4D0ElYq6ZRCenpPclzwYfLo8BM8BOROIr80e53uVxtzuYYV%2F2JaB4sJCIHl%2BJSclHZZ5Fi5%2Bv73b1ZkYIHi3ARczl%2BOYnbxLXEWIeT8%2FFwhKC%2BpLgMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83b2e5981ec665b9-FRA
expires: Thu, 28 Nov 2024 08:06:42 GMT

GET
H2 200 StaticTranslations Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 30 KB
9 KB 117ms
41ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76b62116376801eb5ddd47252fe3a7b5525cf95e5c056e33fc359675d845e771

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
age: 5672
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=600
cf-ray: 83b2e5a28a7b9b64-FRA
content-length: 9293

GET
H2 200 GetCountryCode Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 20 B
180 B 109ms
30ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetCountryCode?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 GetWidgetsConfiguration Show response
sb2integration-altenar2.biahosted.com/api/Widget/ 4 KB
1 KB 160ms
61ms Fetch
application/json 2606:4700:10::6816:95a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB&theme=light

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:95a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a37fd2b63accd942753709978d237c49cd1372250d1efdfa471ae6d58d7db60

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 83b2e5a2bf1d9125-FRA

GET
H3 200 launch Show response
quickwin765412.com/en/api/v2/sport/ 159 B
561 B 82ms
82ms XHR
application/json 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://quickwin765412.com/en/api/v2/sport/launch?code=sport

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae82102158a00126d6386338f5729f70962283d5faf3f0d109c5974a0b67629

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://quickwin765412.com/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-encoding: br
cf-cache-status: HIT
x-device-type: mobile
age: 2817
request-id: feapi-41109810-a4d5-4ab2-a8cc-dec9473293e1
alt-svc: h3=":443"; ma=86400
cf-revalidated: Mon Dec 25 2023 16:58:21 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Dec 2023 16:58:21 GMT
server: cloudflare
vary: null, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-ttl: 1703523561866
cf-ray: 83b2e5a22d2965aa-FRA
x-device-name: iPhone

OPTIONS
H2 204 GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0
0 68ms
40ms Preflight 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://quickwin765412.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Dec 2023 17:45:18 GMT
server: nginx
strict-transport-security: max-age=15552000
via: 1.1 google

POST
H2 200 GetMultipleBonuses Show response
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ 1 KB
1 KB 33ms
32ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1062

GET
H2 200 GetRules Show response
sb2frontend-altenar2.biahosted.com/api/BetMentor/ 12 B
92 B 41ms
41ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/BetMentor/GetRules?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da506c8a9c8a9f31aa00eaeef23d49764b9ace97158a1a0a7aa628e6d446b0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 83b2e5a2bab59b64-FRA

GET
H2 200 GetSystemParams Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 517 B
581 B 33ms
33ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6e12a1b5de1229a598cc5764d4df956c4e5d185269c091f11f77def8528a1318

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517

OPTIONS
H2 204 GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0
0 30ms
30ms Preflight 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://quickwin765412.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Dec 2023 17:45:18 GMT
server: nginx
strict-transport-security: max-age=15552000
via: 1.1 google

POST
H3 200 GetMultipleBonuses Show response
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ 1 KB
1 KB 33ms
32ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://quickwin765412.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1062

GET
H2 200 GetSystemParams Show response
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ 517 B
577 B 43ms
42ms Fetch
application/json 34.110.191.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB&countryCode=DE

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.191.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6e12a1b5de1229a598cc5764d4df956c4e5d185269c091f11f77def8528a1318

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
strict-transport-security: max-age=15552000
via: 1.1 google
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517

GET
H2 200 81851.f8d2ff4e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 2 KB
1 KB 22ms
22ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/81851.f8d2ff4e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bf08d53d64bd0d01bce2588cb207bb8a4e4676a50fca383612c0f4e977dbf6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:24:29 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 1249
x-guploader-uploadid: ABPtcPrMQRz_6uh5CnigQqLMBbknTDOS6woXnTa0-INsxj0N1SYWpNDdDT7xW1dLZJr4gYy-U8c4rl09pA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1046
last-modified: Fri, 15 Dec 2023 12:47:11 GMT
server: UploadServer
etag: "abc23df0cdfc03af5eb446730a00a460"
vary: Accept-Encoding
x-goog-generation: 1702644431117439
x-goog-hash: crc32c=CaywRQ==, md5=q8I98M38A69etEZzCgCkYA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1046
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 18:24:29 GMT

GET
H2 200 58455.b15af96e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 195 KB
20 KB 22ms
22ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/58455.b15af96e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bc8894bdb4894c36652d8b265a5cb7f77635ffc48ff5764957a73f602a3c26e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:49:44 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3334
x-guploader-uploadid: ABPtcPrMwvxRlvoHzk9CTf5ajoiikFsGhgl10eucKIwTag69mJJvzzH57NIZrqPJXIRUxlxnM64
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20671
last-modified: Fri, 15 Dec 2023 12:47:03 GMT
server: UploadServer
etag: "2a8bb22c3dbfd596ca11d9d812a0fba3"
vary: Accept-Encoding
x-goog-generation: 1702644423760285
x-goog-hash: crc32c=2QMH+A==, md5=KouyLD2/1ZbKEdnYEqD7ow==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 20671
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:49:44 GMT

GET
H2 400 css2
fonts.googleapis.com/ 0
0 30ms
29ms Stylesheet
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=%22Gilroy%22:wght@400;500&family=Roboto:wght@300;400;500;700&family=Libre+Barcode+39:wght@400&display=swap
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 58463.24ff136d.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 19 KB
7 KB 23ms
23ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/58463.24ff136d.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 155883ac227c8554ed4bfb278b6f99bfbcd93a3305c28bf7d05e0b3b67ac3166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:45:56 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3562
x-guploader-uploadid: ABPtcPreBqbLsqstheLFZcR7RMTDovQiudvqZLXqE-q259GVaqoZZAC6uqf3LI_IQuOlf3hlX1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7416
last-modified: Fri, 15 Dec 2023 12:47:03 GMT
server: UploadServer
etag: "2d7e195fa87ea26fa61651fb4ec7bd1d"
vary: Accept-Encoding
x-goog-generation: 1702644423809702
x-goog-hash: crc32c=cbIE5w==, md5=LX4ZX6h+om+mFlH7Tse9HQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 7416
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:45:56 GMT

GET
H3 200 1604.c67894d0.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 52 KB
12 KB 26ms
26ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/1604.c67894d0.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93ce75e5eb31481969ea384e9b1464cdf304eec087ccc4149cd593715921507f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:47:54 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3444
x-guploader-uploadid: ABPtcPrpeP01CKiN3CpqDpgNpPHxPqm_iOn6jMypfuvhEvis210_FWUj9GU6HLKa74BKrLjy7oc5MFnhmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12612
last-modified: Fri, 15 Dec 2023 12:46:50 GMT
server: UploadServer
etag: "0062cf973fe91754304d4bc2281f8f31"
vary: Accept-Encoding
x-goog-generation: 1702644410224428
x-goog-hash: crc32c=HFTz/g==, md5=AGLPlz/pF1QwTUvCKB+PMQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 12612
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:47:54 GMT

GET
H3 200 57333.2fcb7446.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 13 KB
5 KB 24ms
24ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/57333.2fcb7446.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ae63da45700241400f827429003ec1048254997563a16d4c174de6a32720706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:35 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3523
x-guploader-uploadid: ABPtcPqZvUDDe4XMFFNTJ-f6ZhOY8x82IxQOv6zabwGVAcArXO9yQrE6Ob880wLSvLvkJPSIVQmDxC_y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5082
last-modified: Fri, 15 Dec 2023 12:47:03 GMT
server: UploadServer
etag: "522742a9f70120b01e5fef0faaf015b4"
vary: Accept-Encoding
x-goog-generation: 1702644423513193
x-goog-hash: crc32c=JtA1Og==, md5=UidCqfcBILAeX+8PqvAVtA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5082
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:35 GMT

GET
H3 200 41335.e0d4ee39.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
5 KB 44ms
44ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/41335.e0d4ee39.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 89f95f5e6eb76319aeac8f44337b4a21ba82d266b60a495658f48ac6b9759b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:13:12 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 1926
x-guploader-uploadid: ABPtcPrlKGAVAvQysl2i4mSpidL-N-WcUOfQu2-UHydIPz7RN3vM370SCEYou5VbrvhjGZRtK1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5544
last-modified: Fri, 15 Dec 2023 12:46:58 GMT
server: UploadServer
etag: "6aa973e524a62cae3eac0c4e3b2f3668"
vary: Accept-Encoding
x-goog-generation: 1702644418547779
x-goog-hash: crc32c=+rsqmw==, md5=aqlz5SSmLK4+rAxOOy82aA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5544
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 18:13:12 GMT

GET
H3 200 191.2503dd8b.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 100 KB
33 KB 33ms
33ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/191.2503dd8b.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2233754fdfaada7798be8f96854289b010c426db98f7a7d01e008b4828afa545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:20:53 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 1465
x-guploader-uploadid: ABPtcPohU0geGaPC8z-hv1rfGb79vQbNqdAHSkCxik7wpnZSFIh7V9KmhetswvFXFMVnnC-ZUYo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33625
last-modified: Fri, 15 Dec 2023 12:46:51 GMT
server: UploadServer
etag: "384987c6a7668447335779330020c6ff"
vary: Accept-Encoding
x-goog-generation: 1702644411367411
x-goog-hash: crc32c=PyCueA==, md5=OEmHxqdmhEczV3kzACDG/w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 33625
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 18:20:53 GMT

GET
H3 200 51844.f8ec3d8d.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 5 KB
2 KB 40ms
39ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/51844.f8ec3d8d.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c138f5424629d2a5ca8504b783784078b326a7a8426ce38386e4f4a419047b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:20:46 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 1472
x-guploader-uploadid: ABPtcPqEiIB8ENL2sLQHXDNXSO78gp6skwTFsk04G_DZh1IVTEdJEd9TJ6AFxZJOVPY1qZZpQUM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2080
last-modified: Fri, 15 Dec 2023 12:47:01 GMT
server: UploadServer
etag: "196f91e70638065ed6ae5673a9e861af"
vary: Accept-Encoding
x-goog-generation: 1702644421785874
x-goog-hash: crc32c=H7rptg==, md5=GW+R5wY4Bl7WrlZzqehhrw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2080
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 18:20:46 GMT

GET
H3 200 32156.183cca06.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 12 KB
4 KB 41ms
40ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/32156.183cca06.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 342922b9815914af8a301d4429feba88cdf99af5aa40065a68b170deb3144709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:02 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3556
x-guploader-uploadid: ABPtcPr2B4zOil0PoZhkfc5FS7-sxHtzNEmi8hOtgFkKOfaxbvxYXX_lkH0EHsgYTi8c72owkpMiegUkwA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
last-modified: Fri, 15 Dec 2023 12:46:55 GMT
server: UploadServer
etag: "80fae61b897b8b4dc9b23b3178703515"
vary: Accept-Encoding
x-goog-generation: 1702644415389874
x-goog-hash: crc32c=Jr3nqA==, md5=gPrmG4l7i03JsjsxeHA1FQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3729
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:02 GMT

GET
H3 200 11602.7834f8fc.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 2 KB
986 B 41ms
41ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/11602.7834f8fc.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8810a5432c47d6ef190d61ff42f61843e1321590ccb1feb54f786f268aa979f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:02 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3556
x-guploader-uploadid: ABPtcPrdfPP5NJmObBqnp1zvEj_1ydValILVOCLbTBmmJXql0wcYyzMQdcgIfRyHjCLEd80W8zpXYzRlCw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 946
last-modified: Fri, 15 Dec 2023 12:46:49 GMT
server: UploadServer
etag: "6400fda64cb121319ce423d1f2f6aaf5"
vary: Accept-Encoding
x-goog-generation: 1702644408937410
x-goog-hash: crc32c=Kii41g==, md5=ZAD9pkyxITGc5CPR8vaq9Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 946
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:02 GMT

GET
H3 200 8125.6aa1f591.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 5 KB
2 KB 45ms
45ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/8125.6aa1f591.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dfbca6040f3d8352da55124ac60a7f6b2535173a3b47bec0c9323b71a5b775a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:29:23 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 955
x-guploader-uploadid: ABPtcPp2Tzgyo9FDKpdnyY2UM7UNIUvEDVr8qILNUZ6Oyd4lFUbc-U6Nao07PkvOvsEqY2i0XGJFLkFlQg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1584
last-modified: Fri, 15 Dec 2023 12:47:10 GMT
server: UploadServer
etag: "27c5dbc5088455609ce0ce15cb6cba8c"
vary: Accept-Encoding
x-goog-generation: 1702644430878654
x-goog-hash: crc32c=zh+nbw==, md5=J8XbxQiEVWCc4M4Vy2y6jA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1584
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 18:29:23 GMT

GET
H3 200 70234.89a57a8b.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 11 KB
3 KB 46ms
46ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/70234.89a57a8b.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f9c9f6c70ddd55d39e67461890729c9e0bf8e426e2e02122b4699f9783dd7c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:53 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3505
x-guploader-uploadid: ABPtcPofwxs8XCeAcrG6Ocl0O98TBMnXV4f5l1Oo-AD2vfM61UyjN3DOqhBdSr8PwSUsaUOobF9l5-ym6w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2705
last-modified: Fri, 15 Dec 2023 12:47:07 GMT
server: UploadServer
etag: "c630738849a76b3969380f18742fdb8c"
vary: Accept-Encoding
x-goog-generation: 1702644427730693
x-goog-hash: crc32c=i7ytXg==, md5=xjBziEmnazlpOA8YdC/bjA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2705
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:53 GMT

GET
H3 200 2826.07ad82b3.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 12 KB
3 KB 48ms
46ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/2826.07ad82b3.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8035763ab5fb9a8c404326596a14a168089d87e84f717258cf96bfc77c5e0178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:02 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3556
x-guploader-uploadid: ABPtcPpx_puTFbrAFT27FjKRAzDofXfLDpOtjQvX6GNlHKLKMz3jijKd3zM4mK_Bfy-R6zITPn15isQrmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3081
last-modified: Fri, 15 Dec 2023 12:46:54 GMT
server: UploadServer
etag: "507a71b66d1c94c3b55d917f04c687a6"
vary: Accept-Encoding
x-goog-generation: 1702644414187361
x-goog-hash: crc32c=jPYWFg==, md5=UHpxtm0clMO1XZF/BMaHpg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3081
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:02 GMT

GET
H3 200 69182.2408f4d2.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
5 KB 49ms
48ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/69182.2408f4d2.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4290f8735f531628998cf650136b94db9674c7238e65605c0e331e76c28295cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:02 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3556
x-guploader-uploadid: ABPtcPqHBXbi-0EEJdKZTw0FNheCoG4YvUlDLhDy5TSrE7HlbI7lSbzcN9P7Cxa3H9cA48uXozyT5BtiNw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5007
last-modified: Fri, 15 Dec 2023 12:47:07 GMT
server: UploadServer
etag: "7dae7445ea63cf49bed5a5446e61e9c3"
vary: Accept-Encoding
x-goog-generation: 1702644427337738
x-goog-hash: crc32c=m9utRg==, md5=fa50Repjz0m+1aVEbmHpww==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5007
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:02 GMT

GET
H3 200 69863.445f9be3.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
4 KB 50ms
49ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/69863.445f9be3.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a4e8174ae3e747763d7ba7362b16e4b5c49c7538727982f7c0a094e9db49f8bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:02 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3556
x-guploader-uploadid: ABPtcPpxo3xm6nhrxYazn86iGvLPMWBpmxSYFnirN3V98Ag8U_HF8i5BFwT5AcRQKCBeSmMKtOkyGQpLKw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3692
last-modified: Fri, 15 Dec 2023 12:47:07 GMT
server: UploadServer
etag: "09280d09e1085ea7fc493000e1d54cea"
vary: Accept-Encoding
x-goog-generation: 1702644427601487
x-goog-hash: crc32c=7xs3qA==, md5=CSgNCeEIXqf8STAA4dVM6g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3692
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:02 GMT

GET
H3 200 85548.eeeca7f1.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
3 KB 53ms
51ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/85548.eeeca7f1.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 14a2fe57e4f52b39b42dd580cfc3826c6a422ae0a2d2f94af5bd1b979744e2fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:13 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3545
x-guploader-uploadid: ABPtcPqNhCYoX8HSLewKWMCuJvNQVkiIquTxb0QSsT1HX5JGuOKmw_pacTEwMR4EWIDYzeGlv5bgNm24Gg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3164
last-modified: Fri, 15 Dec 2023 12:47:12 GMT
server: UploadServer
etag: "9669dc6576138834ff9461c8aee52b97"
vary: Accept-Encoding
x-goog-generation: 1702644432438733
x-goog-hash: crc32c=HbsqoA==, md5=lmncZXYTiDT/lGHIruUrlw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3164
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:13 GMT

GET
H3 200 17060.9fd15f5e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 15 KB
4 KB 54ms
50ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/17060.9fd15f5e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f2714a441b8b3609c365b8570c4e08fc5bac9d6866f842d0029d905b01df398e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:12 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3546
x-guploader-uploadid: ABPtcPoJG9y_fUK3pyvbHPLlTeGkMAsF8BlviFK5kQ71IheAV13TqnpgWoOZll_bHCmLvoVAq6Yb5edXkg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4009
last-modified: Fri, 15 Dec 2023 12:46:50 GMT
server: UploadServer
etag: "50e41ddcb4aa64bac3004099926cdc87"
vary: Accept-Encoding
x-goog-generation: 1702644410700201
x-goog-hash: crc32c=N4TYwg==, md5=UOQd3LSqZLrDAECZkmzchw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4009
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:12 GMT

GET
H3 200 4956.c24f1926.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 20 KB
5 KB 57ms
53ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/4956.c24f1926.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b7c23cb2475f67db84f2b2bb59c3f8315747b1af584c7e97d1c80fe85653594a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:12 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3546
x-guploader-uploadid: ABPtcPqgx95bBUy0xMo_FodNNH5Zk6Jhl3hAHvsO_jqk3cjQlCbhPpL8OKLqZPrCfTyLjwmUtIm173QoHw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4877
last-modified: Fri, 15 Dec 2023 12:47:01 GMT
server: UploadServer
etag: "96559ea66e594b078df079bb197680f4"
vary: Accept-Encoding
x-goog-generation: 1702644421373749
x-goog-hash: crc32c=77DfZA==, md5=llWepm5ZSweN8Hm7GXaA9A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4877
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:12 GMT

GET
H3 200 96901.cd639ed4.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 41 KB
8 KB 54ms
51ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/96901.cd639ed4.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d44a77af748ee535171bfd04986e6e4c474bb989284e0c828ecb54fe8ceecb70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:47:54 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3444
x-guploader-uploadid: ABPtcPozEhD42T4JCrS-9dcNPXGQVXmjDGDdGEWuaDsR8fzL6k61JFd5KU7Uvash255sQ_a-VHGxsk1BwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8011
last-modified: Fri, 15 Dec 2023 12:47:15 GMT
server: UploadServer
etag: "95d5208c12ba039819df92c09da39e83"
vary: Accept-Encoding
x-goog-generation: 1702644435763595
x-goog-hash: crc32c=P+WXzg==, md5=ldUgjBK6A5gZ35LAnaOegw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8011
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:47:54 GMT

GET
H3 200 39246.78080e9c.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 11 KB
3 KB 58ms
55ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/39246.78080e9c.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e2bd2875521e41f499f90de3aa5bb55c195f011a8e186dcc72cf608ec8e8485b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:13 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3545
x-guploader-uploadid: ABPtcPo_aemZYKLO8wL0rP1oMgN5nW4qLEaAwlr74Oxbgiy7gDX2O8b5I3lLRMWY1cTuIIhLzdlafdmCYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3474
last-modified: Fri, 15 Dec 2023 12:46:57 GMT
server: UploadServer
etag: "460821a825aa54e3bf2291e1146d30b2"
vary: Accept-Encoding
x-goog-generation: 1702644417823799
x-goog-hash: crc32c=+U4QVg==, md5=RgghqCWqVOO/IpHhFG0wsg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3474
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:13 GMT

GET
H3 200 85650.926859aa.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
5 KB 59ms
56ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/85650.926859aa.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3af3862b6da63e2b5900c8fca35e3686125ac5a80235442066a6ee77a57e35e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:12 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3546
x-guploader-uploadid: ABPtcPr-LaeuIgUeA_sHH9lVkdcJ4GerPm3fZEKiu6yNu246CIgtQB3uwBe2hP4Fj3jbOy3wL1f71YhYIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4603
last-modified: Fri, 15 Dec 2023 12:47:12 GMT
server: UploadServer
etag: "38380cd2269e880da4d7d88242c1b18f"
vary: Accept-Encoding
x-goog-generation: 1702644432522875
x-goog-hash: crc32c=dY9RkQ==, md5=ODgM0iaeiA2k19iCQsGxjw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4603
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:12 GMT

GET
H3 200 62183.5874e42c.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 9 KB
3 KB 61ms
58ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/62183.5874e42c.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5ac0af5fb98a8b0f07bcf735d561ce64e8cb9e020501fa5b7d5d8f4c773b6a9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:13 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3545
x-guploader-uploadid: ABPtcPrvqWO_EwS0Dt6xLjTDWj2-qJj0p2EUvTiy-0gWcB1mI1QYgxh0vQ93EJ182tPdyEqRiQBt3gOTzQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3348
last-modified: Fri, 15 Dec 2023 12:47:05 GMT
server: UploadServer
etag: "9204431bae030b87525931c9d9cb7000"
vary: Accept-Encoding
x-goog-generation: 1702644425299059
x-goog-hash: crc32c=DTWH2Q==, md5=kgRDG64DC4dSWTHJ2ctwAA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3348
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:13 GMT

GET
H3 200 86437.1d4fbc4e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 23 KB
5 KB 60ms
57ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/86437.1d4fbc4e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b09128c9a5b10aa82818d517350a9c8ec712fa6778e8a802927ec7fb93edbb01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:13 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3545
x-guploader-uploadid: ABPtcPpsundw60LQ9CsBh6d_JmAMTXDnnbhU9c41ioRqUF7yaISVyMw2mfTftXp07b7JbAAtukrv8AsD_A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5346
last-modified: Fri, 15 Dec 2023 12:47:12 GMT
server: UploadServer
etag: "2ebc2b1fb07cf59e5ce984b891caea17"
vary: Accept-Encoding
x-goog-generation: 1702644432814644
x-goog-hash: crc32c=0c1p+A==, md5=LrwrH7B89Z5c6YS4kcrqFw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5346
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:13 GMT

GET
H3 200 40582.0fdfb0ec.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 24 KB
5 KB 62ms
59ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/40582.0fdfb0ec.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 47447f6389b91e28a7fb44bb0d9109ead0764d4fb20e0e205a8c4a1563860999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:12 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3546
x-guploader-uploadid: ABPtcPq0pBAm9EJPsINhEb0n40M2ecDUSHaCy7Ubmd3cBbyNq5vfjp5bbvnbUFJUGRDSCOImOWsW8DGJag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4858
last-modified: Fri, 15 Dec 2023 12:46:58 GMT
server: UploadServer
etag: "567bba95ab3e1d71f9bdc4782d0ce6e1"
vary: Accept-Encoding
x-goog-generation: 1702644418288635
x-goog-hash: crc32c=J6lhPQ==, md5=Vnu6las+HXH5vcR4LQzm4Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4858
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:12 GMT

GET
H3 200 93209.049cd090.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 18 KB
4 KB 63ms
60ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/93209.049cd090.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e83ee36b99f5b99694fb14962ac5cd6e2d4e5258f1ed66800c9faa9b53431a55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:47:06 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3492
x-guploader-uploadid: ABPtcPpUQ-kL4zdv38XoGC8U_KiDc51kwV-7ofb0RjoSB4ozy6c5dhtaOof8a2QfQlCBRzhg4wktbe8b1A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4085
last-modified: Fri, 15 Dec 2023 12:47:14 GMT
server: UploadServer
etag: "55bf775166886e86d2695d3142b0686d"
vary: Accept-Encoding
x-goog-generation: 1702644434606710
x-goog-hash: crc32c=pxKFiw==, md5=Vb93UWaIbobSaV0xQrBobQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4085
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:47:06 GMT

GET
H3 200 8825.2629e748.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 12 KB
4 KB 64ms
62ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/8825.2629e748.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ef68efdb442844721f8f5e8343e6c021dbe640572c7fb84481386dc08ff219db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:35 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3523
x-guploader-uploadid: ABPtcPqcUk6ueaPDS-jmprmJCl6QNrD1urHkvOEM8ACd7h8TLhNFa1f1AuEmh-6GB69ohVdo2dPvGOMH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4081
last-modified: Fri, 15 Dec 2023 12:47:13 GMT
server: UploadServer
etag: "c7cf35b5be06950ac6a38efe9c0f8628"
vary: Accept-Encoding
x-goog-generation: 1702644433237937
x-goog-hash: crc32c=/BGxHQ==, md5=x881tb4GlQrGo47+nA+GKA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4081
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:35 GMT

GET
H3 200 65081.e860af08.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 8 KB
3 KB 64ms
62ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/65081.e860af08.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4551780a660e8d9f6c0e16aeda0c7cc9b0296f2aab4e53d0bb336788b6550498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:23 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3535
x-guploader-uploadid: ABPtcPqJvd4AD0kn_paYMM1PorZem95kWqYgUYr-1V-TNuh_ujCXB6u06kl1shHDj_Qlcc5z3a5jIAO3GQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3282
last-modified: Fri, 15 Dec 2023 12:47:06 GMT
server: UploadServer
etag: "6aa88d0f5d00b189a062c05d6bf62fc6"
vary: Accept-Encoding
x-goog-generation: 1702644425932656
x-goog-hash: crc32c=1P6LSQ==, md5=aqiND10AsYmgYsBda/Yvxg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3282
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:23 GMT

GET
H3 200 20743.76c729ca.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 14 KB
4 KB 65ms
63ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/20743.76c729ca.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e1597b04801911df295990c65d1932c2cb0cc91a304c8127419bca00f804ae12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:46:13 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3545
x-guploader-uploadid: ABPtcPrTSoB-r9y2mA7id3JuW3hYddgYemMwW999-yaUQmumSYLdwJDPIWJb_b3Y5rKlWfP28x_cG9uteg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4152
last-modified: Fri, 15 Dec 2023 12:46:51 GMT
server: UploadServer
etag: "c81b674d89ed767ef87474e4ec0d6eab"
vary: Accept-Encoding
x-goog-generation: 1702644411761121
x-goog-hash: crc32c=xA/uLQ==, md5=yBtnTYntdn74dHTk7A1uqw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 4152
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:46:13 GMT

GET
H3 200 83350.8458af05.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 65 KB
13 KB 68ms
66ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/83350.8458af05.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 577d21a2b26610180a8714a204448387dcb70731de4e198a017527053dd4ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:54:39 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3039
x-guploader-uploadid: ABPtcPotZ3gBPg2VPdd5XBdo7S2yaeTHvgzp37lE6Ul5BwmATioGUw7mvtJ2q3pUrexbYdgAbukYEuNYpA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13577
last-modified: Fri, 15 Dec 2023 12:47:11 GMT
server: UploadServer
etag: "1114a4a7685e6af914b9cb532eb8593f"
vary: Accept-Encoding
x-goog-generation: 1702644431700095
x-goog-hash: crc32c=v3xzZQ==, md5=ERSkp2heavkUuctTLrhZPw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 13577
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:54:39 GMT

GET
H3 200 92089.007e8846.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 64 KB
14 KB 66ms
64ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/92089.007e8846.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cf597a3f14106e6e9ed69f14b80dca252bd0bc3c5542f03155539d607e8e10a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:47:06 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3492
x-guploader-uploadid: ABPtcPotlTzzr9plYYdTeLtQ3fVZDvIJf5BYAXU8Y7LDeVB5TXXbMGMk7aoIb-IfiH_eycaGJpTpBfZGqg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14601
last-modified: Fri, 15 Dec 2023 12:47:14 GMT
server: UploadServer
etag: "317ced46183b5ba9351ec5a22bb64976"
vary: Accept-Encoding
x-goog-generation: 1702644434307617
x-goog-hash: crc32c=Xn0OMg==, md5=MXztRhg7W6k1HsWiK7ZJdg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 14601
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:47:06 GMT

GET
H3 200 18588.1979bf45.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 34 KB
8 KB 69ms
68ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/18588.1979bf45.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cc5748832dad5ebe2db912ce4464be4a40376b103c157db67b6d57fd93b0d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:48:37 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3401
x-guploader-uploadid: ABPtcPqeWl_ax_zWrQ3dFVlQepgXEvDCmb76oNx_CfA6U0ozmUZJJt9O5AM3Y5mAd_fvNgF-_nSZzvvNSQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7985
last-modified: Fri, 15 Dec 2023 12:46:51 GMT
server: UploadServer
etag: "605e5a91ac0a7271fe111e3063794bd5"
vary: Accept-Encoding
x-goog-generation: 1702644411246386
x-goog-hash: crc32c=popuTg==, md5=YF5akawKcnH+ER4wY3lL1Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 7985
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:48:37 GMT

GET
H3 200 90782.4c03877e.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 8 KB
3 KB 71ms
70ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/90782.4c03877e.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 750b6f51f97ede61dc2ae909d30da51c5501056f889c1961df6459681df635dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:48:37 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 3401
x-guploader-uploadid: ABPtcPpGhOAcGvz-lIZs3r8nqvZPhESUC38xmtv32PsPx1edAhHOxO7ziRd_g_XsHGEfIkwVCGrFc9se8A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3124
last-modified: Fri, 15 Dec 2023 12:47:14 GMT
server: UploadServer
etag: "c91ac989cb34ac873c768fa60bc5a2d2"
vary: Accept-Encoding
x-goog-generation: 1702644433934305
x-goog-hash: crc32c=IKOtHQ==, md5=yRrJics0rIc8do+mC8Wi0g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3124
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:48:37 GMT

GET
H2 200 GetTopEvents Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 4 KB
1 KB 78ms
77ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sb2frontend-altenar2.biahosted.com/api/widget/GetTopEvents?culture=en-GB&timezoneOffset=-60&integration=quickwin&deviceType=1&numFormat=en-GB&countryCode=DE&eventCount=0&sportId=0&timePeriod=0

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893e7a3aa16a625c35bd3cbfe47bf2021d80fae8579e2dbb3dc55e0caec3ba6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3
cf-ray: 83b2e5a48d5d9b64-FRA

GET
H2 200 GetTopEvents Show response
sb2frontend-altenar2.biahosted.com/api/widget/ 3 KB
909 B 49ms
49ms Fetch
application/json 2606:4700:10::6816:85a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: quickwin765412.com
URL: https://quickwin765412.com/polyfills.250fe061a3885860ec19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:85a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21bc441227b6235691891b05d1e048ab6e97a63f8aa305396364e891c6a7972d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
age: 2
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3
cf-ray: 83b2e5a48d5f9b64-FRA
content-length: 832

GET
H3 200 91605.7a727202.chunk.js Show response
sb2widgetsstatic-altenar2.biahosted.com/static/js/ 1 KB
682 B 22ms
22ms Script
application/javascript 34.120.135.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sb2widgetsstatic-altenar2.biahosted.com/static/js/91605.7a727202.chunk.js
Requested by: Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.135.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0357a6e5d08d5a9c769f8719aa321ec0a9f265be863831f7b4a5a9478124ce22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:59:48 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1702643918
age: 2730
x-guploader-uploadid: ABPtcPpnfRG91_DYv3Pr_uYQ1XRnZIpPvWvthcv3pVd7AtPv__cRLsBy7pB4MzTxdn80vyqBfgW-1Zc_eQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
last-modified: Fri, 15 Dec 2023 12:47:14 GMT
server: UploadServer
etag: "3424cef4534e34917c0fdd0f33b4cc6a"
vary: Accept-Encoding
x-goog-generation: 1702644434131906
x-goog-hash: crc32c=AjO2vg==, md5=NCTO9FNONJF8D90PM7TMag==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 630
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 25 Dec 2023 17:59:48 GMT

GET
H3 200 44355.png
quickwin765412.com/dimg/altenar_logo/ 42 KB
43 KB 37ms
35ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44355.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f50678facee42859cf140739d1fc46f4433a8f6fbc0c1d9f01de3d36cc313fb5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179DFBB5AC1EA0B6
age: 173394
cf-polished: origSize=46364, status=vary_header_present
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 43465
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 11:18:19 GMT
server: cloudflare
etag: "42f5e239097e2374e3b8f8d0c07813a9"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a5198b65aa-FRA
x-conv-cache-status: HIT

GET
H3 200 44352.png
quickwin765412.com/dimg/altenar_logo/ 43 KB
44 KB 39ms
38ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44352.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

74cf51bbc642a4b3c9aeef3718828402817539357a8ba122611323fa5552b30b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179DFB60CA35E866
age: 328023
cf-polished: origSize=46697, status=vary_header_present
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 44468
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 11:18:19 GMT
server: cloudflare
etag: "1c5a169a3fc4a84c5be0f892857b4f8c"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a5198d65aa-FRA
x-conv-cache-status: HIT

GET
H3 200 47431.png
quickwin765412.com/dimg/altenar_logo/ 30 KB
31 KB 35ms
34ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/47431.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

73aa36d752a27d751bad490fe20484fc53ffac1b5b9888ca61dc5a3d8c75a8ac

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 17A3A5BE6937A210
age: 9801
cf-polished: origSize=39168, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 30910
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 23 Mar 2022 12:56:36 GMT
server: cloudflare
etag: "70f9cc92700f9660ada674dda1754375"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a5198e65aa-FRA
x-conv-cache-status: HIT

GET
H3 200 43744.png
quickwin765412.com/dimg/altenar_logo/ 28 KB
28 KB 32ms
31ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43744.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e05c18b88a9a62862fb33e2e24b1751c58598f2c82b4626785e45c8d78a0544

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179F3A31633E3A4E
age: 9801
cf-polished: origSize=36914, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 28178
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 23 Mar 2022 12:56:36 GMT
server: cloudflare
etag: "14b2ed572c01abd67a664307de07b435"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a5199165aa-FRA
x-conv-cache-status: HIT

GET
H3 404 55719.png
quickwin765412.com/dimg/altenar_logo/ 347 B
347 B 30ms
30ms Image
application/xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/55719.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

422e63edd5b4b15c3e783ed28b80f2a8df694a935a93ed987577dce3a0ad66c7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
server: cloudflare
x-amz-request-id: 17A3FAAA73831758
age: 81
vary: Origin, Accept-Encoding
content-type: application/xml
cf-ray: 83b2e5a5199265aa-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 43997.png
quickwin765412.com/dimg/altenar_logo/ 347 B
347 B 33ms
32ms Image
application/xml 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43997.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

11de0299e67a66cbde0178ebccadd3e31765ac2a2e599288a204a85af30443e6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
server: cloudflare
x-amz-request-id: 17A3FAAA740E6B21
age: 81
vary: Origin, Accept-Encoding
content-type: application/xml
cf-ray: 83b2e5a5199365aa-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://quickwin765412.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 17:38:05 GMT

GET
H3 200 44365.png
quickwin765412.com/dimg/altenar_logo/ 40 KB
40 KB 31ms
31ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44365.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6e80a715546f3c1100e1cbd038cdfce7707f095efa74b0f4b87cf41f954d01

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179E3124747E5E96
age: 412758
cf-polished: origSize=42784, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 40839
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 11:18:19 GMT
server: cloudflare
etag: "a951e40e07b25613f8c63be7c759e48f"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a5765aa-FRA
x-conv-cache-status: HIT

GET
H3 200 44376.png
quickwin765412.com/dimg/altenar_logo/ 43 KB
43 KB 34ms
33ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44376.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1c37cda1e5f993855f12d16492bf6cd276b9900c317d45af4d0ffbe5e404c9d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179E5C0FAF4F674D
age: 243457
cf-polished: origSize=46501, status=vary_header_present
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 43619
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 11:18:19 GMT
server: cloudflare
etag: "e5982c85e987d45a096bb260240a0987"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a5965aa-FRA
x-conv-cache-status: HIT

GET
H3 200 44372.png
quickwin765412.com/dimg/altenar_logo/ 41 KB
42 KB 33ms
32ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44372.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f1aa5842ffa17891be38d946da663a8b05e7c8c43c8e2c647016592997893c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179DFBB5AC067CB1
age: 1361158
cf-polished: origSize=45273, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 42346
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 11:18:19 GMT
server: cloudflare
etag: "bc32f6009e557d2cf05ca4fe816df606"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a5b65aa-FRA
x-conv-cache-status: HIT

GET
H3 200 44358.png
quickwin765412.com/dimg/altenar_logo/ 43 KB
43 KB 52ms
51ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/44358.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcbf3c26722321587d928e6354d7384bc1ada945d5efc687ed84eb46b46c636c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179E511D1E186375
age: 155243
cf-polished: origSize=46920, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 43865
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 11:18:19 GMT
server: cloudflare
etag: "014e75ef7faaa58b6d8544deaa70d5a3"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a5f65aa-FRA
x-conv-cache-status: HIT

GET
H3 200 43741.png
quickwin765412.com/dimg/altenar_logo/ 36 KB
37 KB 53ms
52ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43741.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

087fcdc196cde517dd7e8a8e798f88ba505957e33d681ec9259dd22af13f4c60

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1748E78B5448A3B5
age: 222199
cf-polished: origSize=45737, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 37344
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:36 GMT
server: cloudflare
etag: "250f08bbdb0a051c61e240d9f059f54a"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a6265aa-FRA
x-conv-cache-status: HIT

GET
H3 200 43620.png
quickwin765412.com/dimg/altenar_logo/ 58 KB
59 KB 54ms
53ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43620.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a1dd50d7314fcdd6bd5e06259e75fc8603b42d1991b7b2e7eb3a80875a8d71

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 17709C6848433510
age: 178426
cf-polished: origSize=71775, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 59592
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 11:59:41 GMT
server: cloudflare
etag: "4617245cd41eea7b06cdf4eca83f851b"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a6365aa-FRA
x-conv-cache-status: HIT

GET
H3 200 50090.png
quickwin765412.com/dimg/altenar_logo/ 50 KB
50 KB 36ms
35ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/50090.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79f9542464f9127374911233511827193c3d6ca4d09657dfd1db6a57385c9a97

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179DFB81117316D7
age: 61822
cf-polished: origSize=54750, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 51205
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Dec 2023 13:13:42 GMT
server: cloudflare
etag: "0d72c52ebbea2400eea1476fe0a36016"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a6465aa-FRA
x-conv-cache-status: HIT

GET
H3 200 50088.png
quickwin765412.com/dimg/altenar_logo/ 25 KB
26 KB 37ms
36ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/50088.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3281cf251f71a1b63f270724d473727d48d412baeb1f67a6fec2c170592be2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 179DFB810EE79611
age: 61822
cf-polished: origSize=28217, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 25818
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Dec 2023 13:13:40 GMT
server: cloudflare
etag: "a29605b08568fa841af91cc89eb2a0a1"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a6565aa-FRA
x-conv-cache-status: HIT

GET
H3 200 43701.png
quickwin765412.com/dimg/altenar_logo/ 61 KB
61 KB 55ms
55ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43701.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25255eebea642aff44efb043effce8c130965162d70463f34ee8e7408c30508

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 1778310EB8A2DF57
age: 220323
cf-polished: origSize=72631, status=vary_header_present
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 62343
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Aug 2023 09:20:21 GMT
server: cloudflare
etag: "8704ebef7a0768f216b0921da665fab5"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a6665aa-FRA
x-conv-cache-status: HIT

GET
H3 200 43703.png
quickwin765412.com/dimg/altenar_logo/ 52 KB
53 KB 35ms
34ms Image
image/png 94.242.229.244
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickwin765412.com/dimg/altenar_logo/43703.png

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.229.244 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b543828b97af78d57453e24bbb18f4068bdbe1110ded8b6a00c76cc01f77385

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quickwin765412.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:45:18 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: HIT
x-amz-request-id: 177738059E23D362
age: 1674514
cf-polished: origSize=63592, status=vary_header_present
x-front-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 53467
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 31 Aug 2022 09:06:06 GMT
server: cloudflare
etag: "54a26a86cf47d21336036b2e59d9e103"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 83b2e5a59a6765aa-FRA
x-conv-cache-status: HIT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5404315708731918970

Verdicts & Comments Add Verdict or Comment

273 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
quickwin765412.com/cdn-static/images/quickwin/entrance/dashboard/webp	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/cdn-static/images/quickwin/vip-page	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/en/api/v2/sport	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==
quickwin765412.com/	1970-01-20 21:31:18	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_personalization":"targeting","ad_user_data":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"}}
.adnxs.com/	1970-01-20 19:21:42	Name: uuid2 Value: 4223567696920478705
.reichelcormier.bid/	1970-01-20 19:21:42	Name: ADWUID Value: 6589c0770423008210724980
.adform.net/	1970-01-20 17:56:44	Name: C Value: 1
.adform.net/	1970-01-20 18:38:30	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 17:13:32	Name: CM Value: 1\|1
.adform.net/	1970-01-20 18:38:30	Name: uid Value: 2864804386523492739
.rfihub.com/	1970-01-21 02:33:42	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjQzMTY3NTWzMBTiM9Qtc_TyqEgu9S428ysCAMLZa0YlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjQzMTY3NTWzMBTiM9Qtc_TyqEgu9S428ysCAMLZa0YlAAAA
.quickwin765412.com/	1970-01-20 17:12:08	Name: _hjFirstSeen Value: 1
.quickwin765412.com/	1970-01-20 17:12:08	Name: _hjAbsoluteSessionInProgress Value: 0
.aso1.net/	1970-01-21 01:57:42	Name: aso_uid Value: ad7cd210a488f42f3b3bc930706074a0aef9bf43
.adform.net/	1970-01-20 17:32:15	Name: CM14 Value: 1703612715_1703526315_1_Hu7u4e4e4R7u4e4REREeEREREQ
.tiktok.com/	1970-01-21 02:33:42	Name: _ttp Value: 2a2p1r4aJQgIenyYcd9WDJdrPnn
.eskimi.com/	1970-01-20 17:55:18	Name: __eConsent Value: 1
.eskimi.com/	1970-01-20 17:55:18	Name: __eDId Value: 4171f9a7-8d74-4361-9728-e2d3d3d3dbf2
.eskimi.com/	1970-01-20 17:32:15	Name: __eP Value: 1
.seadform.net/	1970-01-20 18:38:30	Name: uid Value: 1414419782452456610
.demdex.net/	1970-01-20 21:31:18	Name: demdex Value: 34847029226766502724360514930461732386
.casalemedia.com/	1970-01-21 01:57:42	Name: CMID Value: ZYm-rL4MhzoRuS1ysJ4MiAAA
.casalemedia.com/	1970-01-20 19:21:42	Name: CMPS Value: 5178
.casalemedia.com/	1970-01-20 19:21:42	Name: CMPRO Value: 5178
.media.net/	1970-01-21 01:57:42	Name: visitor-id Value: 3465279167631250000V10
.media.net/	1970-01-21 01:56:15	Name: data-rk Value: 5108559731643755681~~3
.doubleclick.net/	1970-01-21 02:33:42	Name: IDE Value: AHWqTUkr0unfq0nNXJCiMokvV8Pll9cyK6TQWVrADNZdjJbBqkQzWofvvKSuNXgpCx4
.dpm.demdex.net/	1970-01-20 21:31:18	Name: dpm Value: 34847029226766502724360514930461732386
.ads.stickyadstv.com/	1970-01-20 18:38:30	Name: uid-bp-617 Value: 5404315708731918970
.ads.stickyadstv.com/	1970-01-20 17:55:18	Name: UID Value: 45656269a31079bc768a7df2cb31fa4
widget-mediator.zopim.com/	1970-01-20 17:22:11	Name: AWSALBCORS Value: eIpyIlRZaPla3OCeDKBxAm4mas8FeFeOa89J+efbXmYuwy4I9z2kK8Vc/rAJpfs1bG0vrV5ZvMjBL+RSc6w+TI53dHTFVqBB4oX7RvA0euDqtWBKM9sYNLJWrn+h
.semasio.net/	1970-01-21 01:57:42	Name: SEUNCY Value: 11E6C163118690A7
.eyeota.net/	1970-01-20 17:12:06	Name: SERVERID Value: 21997~DM
.rezync.com/	1970-01-20 21:31:18	Name: zync-uuid Value: cb4f628c-2103-44f9-9d25-7e807ff01ad2:1703526316.1873386
live.rezync.com/	1970-01-20 21:31:18	Name: sd-session-id Value: .eJwNzEEKwyAQQNG7zDoWRx3HeJmQ6gjSxpaYbBpy97r88PgXLF_Zt7VJOyAe-ykTpHcd1SFe0OtvkxdEINSBaGaL3lkm8gHhnqBL7_XTlpqHSU9XvAlJGdRWOVdmNWdDiiVoLkXjmk1E1paMH58HBrY2eLj_rCwldA.ZYm_rA.Dr7Da5Yt3vXxuSk2Jo_LyJng1iQ
.krxd.net/	1970-01-20 21:31:18	Name: _kuid_ Value: P_w_ngib
.agkn.com/	1970-01-21 01:57:42	Name: ab Value: 0001%3A5eO5wZb76c%2BTtibI6xaCKJAnuH7OFxq6
.exelator.com/	1970-01-20 20:04:54	Name: EE Value: "99122153a01bf44018b7dfe325414ab7"
my.rtmark.net/	1970-01-21 01:57:42	Name: ID Value: ed011a4967064374a49f67395894fab0
cm.adsafety.net/	1970-01-21 01:57:42	Name: UID Value: CM1202312251745fb83a7938b25bf1b6
.adsafety.net/	1970-01-21 01:57:42	Name: cm_uid Value: CM1202312251745fb83a7938b25bf1b6
.adfarm1.adition.com/	1970-01-20 19:21:42	Name: UserID1 Value: 7316589815103223966
.getblue.io/	1970-01-21 01:57:42	Name: ckid Value: F4E0DB39-C288-4FF1-9DC5516841777AFD
.w55c.net/	1970-01-21 02:43:47	Name: wfivefivec Value: y9ohstzc1RhP0U5
.exelator.com/	1970-01-20 20:04:54	Name: ud Value: "eJxrXxzq6XKLQcHS0tDIyNDUONHAMCnNxMTA0CLJPCUt1djI1MTQJDHJfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR8L5AIAZBYpEQ%253D%253D"
.everesttech.net/	1970-01-21 01:57:42	Name: everest_g_v2 Value: g_surferid~ZYm-rAAJnXrvxQBU
.w55c.net/	1970-01-20 17:55:18	Name: matchadform Value: 5
.audrte.com/	1970-01-20 17:33:42	Name: arcki2 Value: ea7PUlgozXLRNa3iQOtAj0Rjw!20220908!1703526316436!ip#84.19.175.184
.audrte.com/	1970-01-20 17:33:42	Name: arcki2_adform Value: 5404315708731918970!20220908!1703526316436
.adnxs.com/	1970-01-20 19:21:42	Name: anj Value: dTM7k!M40h.v04ghqdmU(7TXcY$pH#?nH'N:uL''QcIv2s'`K!y2'.=97X44HA<B?hBM`9a6jkUe]a`D)ITlk_#4uDv=#`DY[^VGlluoE<KcmE<_67^Um/MPskk7<xe6h/E2NeUCg4kDj9c9N)3$gz!%CeW(goi-3EJi.rJ6iIQnq0a-DqXstGt!@BLZ0V<_q
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dcpOdndJD3IxjHTLSQoyTSxPyUo19FzFKBAVmatb5OjolRdRVFYR6BTaxGKenGSSZmZkkaxrZGhgrGtikmapa5liZKprnmphYJ6WZmCYmGJkZWhuYGxqZGZsaKZnaGFubGxhBgBtsJYRawAAAA
.bluekai.com/	1970-01-20 21:35:37	Name: bku Value: aG/99v0diVU8DwWI
.bluekai.com/	1970-01-20 21:35:37	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwED61exp1EDl1eQl1pW81EQ8Bp9e9J6fYeG=
.audrte.com/	1970-01-20 17:33:42	Name: arcki2_ddp2 Value: ea7PUlgozXLRNa3iQOtAj0Rjw!20220908!1703526316513
tags.adsafety.net/	1970-01-21 01:57:42	Name: UID Value: 2c81ba266a9d707eb2e21629d1459895
tags.adsafety.net/	1970-01-21 01:57:42	Name: DID Value: 2c81ba266a9d707eb2e21629d1459895
tags.adsafety.net/	1970-01-21 01:57:42	Name: IDT Value: 100
tags.adsafety.net/	1970-01-21 01:57:42	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 17:55:18	Name: block_reset Value: 1
.adsafety.net/	1970-01-21 01:57:42	Name: ct_uid Value: 2c81ba266a9d707eb2e21629d1459895
.adsafety.net/	1970-01-21 01:57:42	Name: ct_did Value: 2c81ba266a9d707eb2e21629d1459895
.adsafety.net/	1970-01-21 01:57:42	Name: ct_idt Value: 100
.weborama.fr/	1970-01-21 02:38:01	Name: AFFICHE_W Value: uKLBOa7Snbm420
cm.adsafety.net/	1970-01-21 01:57:42	Name: permanent Value: 1
.rfihub.com/	1970-01-21 02:33:42	Name: eud Value: H4sIAAAAAAAA_13RuW7CQBAGYBHhgLAiRXKbV1jk2fUepjOnki6OIsXpwMaRuAoKkppHoKR06dKlS0pKSkpKHiEVJZ4pP_2zO6OZ1gv0gsHHoDuPR_2fsA_RcDEJ5fg3mU3hNXwC7QrJlQDFfb6v3S2lgYK4JD4SX4n_iXcP2BlxTlwQl7S-jn2uWIFQmfX8HS3ZOgjeVl_rzd979zO3KiWeEoWFvzhVcwPiSpw_Yh-IT8Rn4gvNG9jbJnZp4_kONs53jo4nXqq4iRkHVzDPS33mJ1wyPTWuTlMXxgnv3B-1wWghjNo71U34MsNWF4cc18Gdb8w0w3taAgAA
ads.smartstream.tv/	1970-01-21 01:57:42	Name: DID Value: 2c81ba266a9d707eb2e21629d1459895
ads.smartstream.tv/	1970-01-21 01:57:42	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 01:57:42	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 17:55:18	Name: cm_uid Value: CM1202312251745fb83a7938b25bf1b6
cm.adsafety.net/	1970-01-21 01:57:42	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMy9zSm5PSTgwMmh6WTF1SEVWQTl1R2JVWXlMVk9NRVFsbk9rZVF1VTFzZkJnN1NUMCs3WVR0bGJEaUJtUFlDSldaTG90OUlpMTQxelhxN29vNm5hRmpJTlhIdFdCOER3UVU1dWpTOUR2SmhlSVpoVWppMWM2OEtNWlhCV2VTeVB2dExQNkloWmdCUGxZOTFMSmIrdU9qNmc1VVgrbVB4L3BxMk5SOS8vOUJ6SUJvUG5iYXU1eTkycWxMaGp6S29EU0UvenRKVGRLZkNBazZCK2xNUWdGV1VJTlZSWjVObXE2ekxlRndXWFQ4OCsyRXIzOHZOL2RLWjVwM08xd3FqSlE5RlNXWmk5cW83b0NZR3hSQ1hFU3J2ZzJ3VFJxVGVGYVFMbHJhMXM1K092TmpiZXhFSmRqVEt5MEV5bmxESXd5V0J2QnhDMC9jbStTbjBmZk90VTFaTGIrc3FBN3VaM0EvUkI0VzcwMlhjVURXNHR1M1pyQnMzNHk4NFpod3VldU9JbVlzMDR5Rlkyc0JiR3BRVnBIdXFWdkxqN0VLR29TaWxxbDRXeDFoSEhIZ2l4SUwwOUZid0JsWVFXZGR1UENUM1NvcFRRd3h3WEFMSUdRdGNUc1ByaTFJVnhkQXFvNzdSbjZzMi9RYUdndmd6ZXBRc3I5QjJyTk90ZHdvNUgwRFNRc2hNTW1UUlNxY2FZSHo5c3paY1RnM0l3Unp6RUtPamlCN01NS2NCQ2pSaGx5c3JXTTdjZlFmQU56WjA3a0w3UWt1ZFZzWUQzVmUvMk1DeURVaDAydHM5YUFnUW9lMGVFWkFZdVF3QldzYjBMN3p1OFRVNlBCRXVFbGU3a1RiR1lNRTgyT2RqZEV2NktjMUFyU0U9
quickwin765412.com/	1969-12-31 23:59:59	Name: _cf_reyid Value: Z/agKs4utwrHfL8P7Lc85pDgR5LgDBv8rAmiVOi/dCQdjPxbuaMQN++haLqjMK0RTOzL8CNXuHAIqOxHMAIy3w==

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559731643755681 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=5404315708731918970 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5404315708731918970/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.188818 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=cb4f628c-2103-44f9-9d25-7e807ff01ad2%3A1703526316.1873386&_=1703526316.3954232 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5404315708731918970 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://fonts.googleapis.com/css2?family=%22Gilroy%22:wght@400;500&family=Roboto:wght@300;400;500;700&family=Libre+Barcode+39:wght@400&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://quickwin765412.com/dimg/altenar_logo/55719.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://quickwin765412.com/dimg/altenar_logo/43997.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20846458p.rfihub.com
a.audrte.com
a.rfihub.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
adjs.media
ads.smartstream.tv
ads.stickyadstv.com
analytics.tiktok.com
api.adrtx.net
beacon.krxd.net
bpi.rtactivate.com
c1.adform.net
c1.rfihub.net
cdn.cookie-script.com
cm.adsafety.net
cm.g.doubleclick.net
cms.getblue.io
connect.facebook.net
contextual.media.net
d3mi6d1ao3fzsg.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
ekr.zdassets.com
eu-u.openx.net
event.getblue.io
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
live.rezync.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
metrics.getrmads.com
my.rtmark.net
p.rfihub.com
partners.tremorhub.com
pdw-adf.userreport.com
pixel.adfyier.com
pm.w55c.net
ps.eyeota.net
quickwin.com
quickwin.zendesk.com
quickwin765412.com
redirect.frontend.weborama.fr
region1.google-analytics.com
reichelcormier.bid
rtb-csync.smartadserver.com
rtg.prdredir.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sb2auth-altenar2.biahosted.com
sb2bonus-altenar2.biahosted.com
sb2frontend-altenar2.biahosted.com
sb2integration-altenar2.biahosted.com
sb2widgetsstatic-altenar2.biahosted.com
scpt.getrmads.com
script.hotjar.com
scripts.prdredir.com
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
static.hotjar.com
static.zdassets.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
track.aso1.net
track.wolf22.xyz
uipglob.semasio.net
us-u.openx.net
widget.getblue.io
winner-slots.online
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
global.ib-ibi.com
104.16.53.111
104.18.70.113
104.18.72.113
138.197.230.29
139.162.141.41
139.45.195.8
141.95.98.65
151.101.2.49
172.217.18.2
172.64.151.101
178.162.159.92
18.165.183.56
18.173.233.14
18.196.198.248
18.228.178.86
18.66.242.68
18.66.248.68
185.199.175.191
185.64.191.210
185.89.210.141
193.0.160.131
193.135.9.128
198.47.127.205
2.19.85.30
2.23.7.34
2001:4860:4802:32::36
217.79.178.233
23.32.185.192
23.35.228.23
2400:52e0:1e00::1082:1
2600:1f18:612b:4216:f6cb:3f79:9ccd:b60d
2600:9000:224a:3800:1:76cf:fe80:93a1
2600:9000:224a:da00:1b:5138:8a40:93a1
2606:4700:10::6816:85a
2606:4700:10::6816:95a
2606:4700:20::681a:672
2606:4700:3032::ac43:cb12
2606:4700:3038::6815:ea9b
2607:ae80:192:1::172
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a02:6ea0:c700::18
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
3.120.214.218
3.33.220.150
34.110.191.112
34.120.135.117
34.120.139.69
34.197.216.192
35.186.201.99
35.190.24.218
35.244.159.8
35.244.174.68
37.157.3.20
37.157.5.73
37.157.6.243
46.19.11.36
52.214.72.66
52.218.97.186
52.222.139.19
52.28.225.34
52.57.164.72
52.58.128.62
54.194.101.149
54.194.146.163
54.216.96.95
54.217.36.38
54.247.15.19
54.78.254.47
54.94.153.138
69.173.144.138
72.246.169.24
76.223.111.18
77.243.51.121
77.243.51.122
78.47.189.205
85.114.159.118
88.214.195.93
91.134.110.136
94.242.229.244
94.242.230.31
99.81.117.7
025cf6abb05fc2309b52b049d6761b66fd2f0ad005380ccdf4613612202ad037
02e9d7d9259501d12483e279c6fd405e2bccdd35999d7990c58aa3603ce3f35a
02e9eaa138a48931f160746196b6c14044914c584a180324b2a296ae9fed972d
0357a6e5d08d5a9c769f8719aa321ec0a9f265be863831f7b4a5a9478124ce22
036582f2a848015ce1307dda67910e24b6f6b3a2c853031bd1d0558ce448c459
05d4ced653380378d6d9033fef8bec46d38adaf31238d183c762366bdbbeb75c
073c099d4311d75bb5dd92d4f7fb539af3f161acbe89bb7e7b0e3e2d445412cf
086f1cceadf3a6d1b743e026baa82a170c1b5b3e19f1d2ce8ccc3de200bec30a
087fcdc196cde517dd7e8a8e798f88ba505957e33d681ec9259dd22af13f4c60
08df647ac6ae9d6db2ed6c7a65250d04f14918a58f8ecab598d98b9e622e417d
0a37fd2b63accd942753709978d237c49cd1372250d1efdfa471ae6d58d7db60
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7a7414203adbf8c873976e596bd6685437669dc773f66ddb2780a23d43cf76
0f242e7f1afd4035ff39b92603ed40a8d7d3fc878bf86c3ec61896a9e0532e28
10280f6a705b52ee8eb4ee70aadf8a352a112ff9caf9266eab9666609e061e81
11de0299e67a66cbde0178ebccadd3e31765ac2a2e599288a204a85af30443e6
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
1252aff629065ef907864c2a694343c8d49ba69483d6ee1d734bfb3aaf61a7e5
136daf42e7913ec0cb00e0d0b42ee434c85097250151518e0a5ea22c2ee69ac9
14a2fe57e4f52b39b42dd580cfc3826c6a422ae0a2d2f94af5bd1b979744e2fb
155883ac227c8554ed4bfb278b6f99bfbcd93a3305c28bf7d05e0b3b67ac3166
18e3efc7a45f53d0d553f3ca64dbad85f50eea562865265a2883f82f9d34b935
193561f978c5db1176bd70243ced9ace558b0d6b544124c7624259b605c99fbb
1a2a6d9c4ca38a7e4047e3f4a4af653a932bf432ae5d7c65e27843b98fda0151
1a6e80a715546f3c1100e1cbd038cdfce7707f095efa74b0f4b87cf41f954d01
1b61f379164930f075993f6b3bb7eb9766adec8be31f7fcedc5d138833f7d3bb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb43e5e70bbd280f2cff81dd2fbdc1c87e3e4cb3cbbb2afd7f5e4a559dc8ec4
1ca9b9ca89baa958fb5b50e7c0aa2ac6e4c69415b7ca0ef45159db94f29e8729
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e53d876c9ecb2883a9d7ebeb3715ab8ee8ba347b330e730a7859d2b9b37162c
2024178346f942d57c649c7d981f280b3821c05d6b6d9ebfa38464d10550ad6f
20710d5060f2ecaaf5f99778d59b74e023491f5ffa96c952e2d56db4cede2ed2
21bc441227b6235691891b05d1e048ab6e97a63f8aa305396364e891c6a7972d
2233754fdfaada7798be8f96854289b010c426db98f7a7d01e008b4828afa545
253bf135859fd11113deb79262ffb8d9831dc7dbaf46c3470c1b54a7f4372606
26f69da76f046e50d712cc3689436c8f17c460a56aebd395068d7210825e2665
28278bd04e7e55be32df39e901249a0ef8dbacd10381b25b66a94688567c6115
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af270819ef7138e262d3b7b08dae6e93875f5b0f1328f1bd98d66f819686563
2b30be91b5dc80b46e2ef45cf597b7f1d91763142580faf796cf9685e633d77d
2b543828b97af78d57453e24bbb18f4068bdbe1110ded8b6a00c76cc01f77385
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eab38026906bdd534b057b203e53d186a30a6d1e439b87485bdc24d5b0e2d8c
2ed465b5e6c3c472c46e04e78143ca909bdd12094604dc79868ca192bd0f852c
2f1aa5842ffa17891be38d946da663a8b05e7c8c43c8e2c647016592997893c2
2f1dd0ff97f0f46ac10e93ab0f1307f699895f944c90016a350735f4562fe994
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30cd4cc982d4edfad6e2c99173c1ce32e2c3b381e4d5a1f126ee3a71566c2170
310f0e0193d48fcb72e645f098698f91af95367cf76cdf9e7aac8087c94590c3
31b824c9b63a35a3775df3b6db43259eb786f2f6871e2950fb8afc3a83744e67
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e9ca0a9a965ad4da451eca1f42935be45141b420134584831739400c688058
342922b9815914af8a301d4429feba88cdf99af5aa40065a68b170deb3144709
34d78b8a1214df7dae4629b4987f6459559d5edb05a3c15c854613cd0a1a4d8a
36b658c9e042fd550658e26af78a29a677807fd11f642fe7d78d601402ce7a13
379fb57fa01d94da1f94ca7069a3cc71339b93efeb6061156fa07598132c5849
384e5a56b7bb4a02faf44722bb96cc1c76207e809aa295855d16484ffd633108
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3926eb7b9eee88ede5b574303fda25cd5cb9389ec39ef70baf5a046c38fae87e
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3ae63da45700241400f827429003ec1048254997563a16d4c174de6a32720706
3af3862b6da63e2b5900c8fca35e3686125ac5a80235442066a6ee77a57e35e0
3bb5b7c3b7023f20cf02e5d9bade5c67664df2027d7c09929d3fb8a52d7d50cb
3d70f37d0643d718c68550e8f30873988b9f7df5a856bb9f79fc47e9184184ce
3e05c18b88a9a62862fb33e2e24b1751c58598f2c82b4626785e45c8d78a0544
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
3f75e2446874c812c9f47612105104fa5d3d8833dbf077c4daaeeffc3b767403
422e63edd5b4b15c3e783ed28b80f2a8df694a935a93ed987577dce3a0ad66c7
4290f8735f531628998cf650136b94db9674c7238e65605c0e331e76c28295cd
441c4f94bd62d62ac5a317442cee2f7805f2b743c3492d5490cad7355ad95f3b
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4551780a660e8d9f6c0e16aeda0c7cc9b0296f2aab4e53d0bb336788b6550498
45d90fd26e8cc7c0853639d15bfd9cd080c1080ab25f023419d4b29c8e2780b7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47447f6389b91e28a7fb44bb0d9109ead0764d4fb20e0e205a8c4a1563860999
486c3ad09607caa76fd99d9e460e0f7c2943bf4e889efbe296cf7430e12ba2f3
486d29980f9335e62a392e6e76591543173a8f2a026d3df4080bc09e2b5ee5f5
48965fdac12d5f498b3b99c515be39aa125cb31c6708271eab187df5df5edfc3
4a2185312272132d675b3fde9ecde32f0eac7ba575afee1a945fb33e3bbb3832
4af4ede967218ca52aa7c5d766e0af5992160ecc2382d0635db809e01a28ff18
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf582dd3f06c3e5980570e1f97c5467c4ea9077a4d1a526fd109b34e67acfb0
4d8813ea274fb47c71a14bc23a8a2572753ec02c4bd5cf0ca1f191371fa8cc5b
4d8b5f4f08d1c133e211fa18f260d505a82d862c219c25e707d7232989385996
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fcb61bd7ccd26df74d46c0a2c75b9681ba90cf8c19f2dfb15fc0a47bb696561
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
50873012c7b4c1f152711839d081d9b1a297c39fba83a21eb0b983da0867af8d
53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb
53fb07be18a9f08ac5e583f9d4497ec03b972d7667bc31511eb91ecf53e6e8a4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
573bf5ed261d2491078ff5e825c5a36f64225dd761eb32c344345e2f61626fee
577d21a2b26610180a8714a204448387dcb70731de4e198a017527053dd4ec71
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ac0af5fb98a8b0f07bcf735d561ce64e8cb9e020501fa5b7d5d8f4c773b6a9f
5c6d77b0c54018fe4e0a717e47a8ba92bc3598a5ef0a1f977be6045537cb158a
5d0dbbfa46f6e2ef2d26d258ba555db6677788f35198005b9a9cc66ef98a71b7
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5eb385d033a48d86d5141d6dcd3d54ebfeec39a62c5e25687b342edfb4a6e7a4
5eeed7bffc4bcd87c8d0d0eba7efb375c73c4eeb034c2e887e348859b31e874e
60ff18a2a6e54394d6dc4e1bb368c47850848306d56e177b4a02270db7e80603
61a1dd50d7314fcdd6bd5e06259e75fc8603b42d1991b7b2e7eb3a80875a8d71
63e4b153c4a108c47f7676a472612a4ecf32630633c79a785663dbf14becf693
66fbf319de6eec942f1b42488836f2862b0a3db4131f403fa692a51d930fb3f3
6732da5309353d59f8b58c023992d258cbdb34bef0ef80d1a8d80f7f1eaf673d
6a19fdbfca0d103d1fd437df3c9affbb48b6c20ac252c4aca856204aa7aa761d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bada8511476ba1eec49ed28d1cb9617792cbeb82e46c8c6741a1a237107e293
6bc617ac8e5122153b2daed71181bdf2a735d28a71ac27101f766125f36a8126
6d495de2f7d8af5a0bae5ca9c4891c40b1680046747d3fc927c85eae120d93ec
6e12a1b5de1229a598cc5764d4df956c4e5d185269c091f11f77def8528a1318
701e9aa3d4d5962ef46afc64a8377db84b94380470cd6717962e9811652d79e0
7025aae009c4562e6049990255420de5f854ee5b25e2e627c7d47a1cc51d13f1
705757ab484571b93cb8950a54c6f565e689a0223751f36d46df63c589bf6992
70f3083a31279768ce4485d94f7a71a1588232bfd7add408e71ae95a03d80c2a
7141116b6270388115588ceb69ba2b1c4a993156c81e1f0b4b6380c2ea3b87cd
73aa36d752a27d751bad490fe20484fc53ffac1b5b9888ca61dc5a3d8c75a8ac
74cf51bbc642a4b3c9aeef3718828402817539357a8ba122611323fa5552b30b
750b6f51f97ede61dc2ae909d30da51c5501056f889c1961df6459681df635dc
7597f783523d4fdb4e0574234bbdd5ea3e19f7f10bc5e5f881e4bf48b2a2c1ef
76b62116376801eb5ddd47252fe3a7b5525cf95e5c056e33fc359675d845e771
76c5ce2a67d045bccdea2726547c294bcc210db23725b8b358e83a5afd953440
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79d4c69afe3c355656c70086d3784c113f011309b24a93c0070ce8398cf6f807
79f9542464f9127374911233511827193c3d6ca4d09657dfd1db6a57385c9a97
7d8591614eb328a49a0b95739f839cbed7a1c0f5f075914011f384c1cf567fd2
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8035763ab5fb9a8c404326596a14a168089d87e84f717258cf96bfc77c5e0178
81569f8b6ab95cfd030493954ccc55b629cf0d29f8627c6904fc3dffa8fa896c
819139ba1036d6cea3e0d6ae29c27254a81b04cfde04b56cd7b9b7edb980e7b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f92e3790df8c048d1425e5973b962d4f0861da99a355802bfdc941a3dccb62
85c2a278772fd74d92cb7f5b5e486048490456e49ecd65c14e2df39e7a9d9530
87260ecf581a44a18ca2165015348383b430e6b77ca0b0ec4a9a3b1ebff57160
875f3b18a64e0e96fe9b347eb06ea49f94a7cb2986209acc800d05fae9210dd0
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
8810a5432c47d6ef190d61ff42f61843e1321590ccb1feb54f786f268aa979f1
893e7a3aa16a625c35bd3cbfe47bf2021d80fae8579e2dbb3dc55e0caec3ba6a
89c80d2e8672ebd49da0e7669159676c086e0b4d122d5df3b0563465d4808a2d
89f95f5e6eb76319aeac8f44337b4a21ba82d266b60a495658f48ac6b9759b1e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a568ac0428f6d7e4801f330902d4a6e47cc31a58b9afccd687d90aede26aa17
8af864b837e8fb646957e684235bccb6b097dbc41953112cea38d43c4785de99
8bea9b4ffb09fc3c9c5f5dd38e96894ff1c5fa75afc4a9e5bedd640202e7763e
8bff57770500e5694938c47feeaddccb7ccd8d226f23f69d3551bfee94e2e672
8c76aaa9d4eb842dbf166f25fde1ab73cb3035c7347775bebb3b9611e7edee93
8d68afa6971b9e5ffae1297175d8681926ca9bad65d389732f31f559952c0155
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd812109c87559552ac89eb7f352a08baae02f5343b43b28d62c871a9e78df8
8e6275dbf3e6c09f7158e3b17cd4256d991c4e825dccd90e2eb11a1db4f2fe47
8fd99ae891271f08519932a03c375a607b662b7ddecf47d45b7d3b9771504b7c
900e0c399099619f153ab1457e02b2311a73f99908b2a3ba35566b1beecfc65e
90438c83bdc3d682d1a6d494328898e6ce1faf37ced4da7191fcc29d4fb22358
904bf79f059c1e22b4b20cb1e86895a89c017c85e48dad545928a6e103d2d8cf
92787ccfb81cc2be5343e18ff09c31e3a2bde375a7ba5a91b28cf862aaec7166
92f383732552d6f8440c1202b484ae36567ff65a360f6f58a1ed1f1f2bf246f6
936d9f31827f42dab25eb52fd38e687df4d2b8fab254bd05e36806a026cfc2a1
93a377f6c1d2fc313f46d5aae100fd800a40dabb4f5cdf9b2b33604455fedda7
93ce75e5eb31481969ea384e9b1464cdf304eec087ccc4149cd593715921507f
941c4c5d10e5812e7bef2c8b115965eac81d5b6681c825aba74a2edd9c82a7ec
945f22255230aabc25d78408dcd96344d469b91149c5c18e1fad99cc39757ff7
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
96708161396acf5383c6ee29bd32bd0dae5c2669c5e6ad9ca630f60f84854b70
969fd990bcd980d6754827a283c9c9f447f98958adbf6bd4c0e134440e2fe7e6
9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded
979b86364648e67957ed75c12ec72a584055ec6a8352ad6ceaefe35800e371f3
97b23f1d09ebe1ca5d6fb367ae8fd86f37e74391589bbc5fd58336fc007a4e97
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
983ccb9144855e909faaf3a4ae344c8f8075d023b109163ef50308ac540c0d54
9871092083d601f0db7e16e24c537281b0fbcd7265a7f3fabc17b2f72fb1fafd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
998d16cfc3888850fcf8cd864f344e3f68056559007a60d352ea9587e3b9d202
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99f48e1f13877f3a2b73bdf8f280632d8d42f4004f83b2417d8192649b501058
9b13bb2a102816f21ae2b3f10a40cfbab4d4c601ddaebf4752a9076c2ff3ceb2
9cc5748832dad5ebe2db912ce4464be4a40376b103c157db67b6d57fd93b0d9c
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bdcd0c8b8b3b686a3d9fd02dc3f5b716f810115bad6d5b284c34923b8b0797
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
a2d886c930b20c15f30e80372395c572095464710452c302063f3e7bfb9bb233
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a4e8174ae3e747763d7ba7362b16e4b5c49c7538727982f7c0a094e9db49f8bd
a4f6ca79d14dad289eb7035d0e81e04571532d249fa80845c38bd1d274a493e9
a4fa92f5ae0317e4ff1f819c2a9d327562b65b62909654f5a6310557e9470937
a65557ac587cbc6aa93a7b4040391d362c8d3a13b70365dc5381d9de03078df6
a685ebb1a291fc1b2ee17a2b9c67815c6ab5e239281e13d2b2caca4591473d85
a805c5457dba39514e74a7ad2b5dbd4c0095c1095d6b7299a82e6afd01196e09
a9464ddcc583f654dfd738be0e287d5e9c3a581600578242140c734ba8023f0c
ac0eb9b299d05c43ce0bb3bccfe28d38c78ab3f8442854f1f28b1e5a64237505
ac48966b26e0ea4ce7309bd715593533840de4f72df6b60ba9b73ce0e9b4b641
ace7e99e54c48ac1e0f32d73656ef409e69139bff003b7aeef76462ee0594dd4
aefbc53a26bcf50b968ec231b9848483e043e5e47518a8fe0d93349f7ed15fa8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09128c9a5b10aa82818d517350a9c8ec712fa6778e8a802927ec7fb93edbb01
b0c0b5c3a291833446910b3911608b3fcdc9ee2b0998b2412af5bd140a21713c
b12b5482636f480bdd67bc854e25e176860b3ed7018a01bce897eb304a52a02a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c37cda1e5f993855f12d16492bf6cd276b9900c317d45af4d0ffbe5e404c9d
b2e942aec87ee348e868cf803ab0fc3d8a449f43327d502cfe30f1e1a08847e1
b3b24077b5d68982367d8c0653653db94c2e03d5ab5b0d8ba373610a661cbbc8
b4fe2b0fff3949427fae83fa1824eacdd5f66b37d59a0831bad99b0ffa5723b8
b6afdd207510297ba49e0be23b4d3f0c49000d862d43967dfd5a24efe2b3429a
b7c23cb2475f67db84f2b2bb59c3f8315747b1af584c7e97d1c80fe85653594a
b8af1a21aaebbabbbe5599ffc3021593ec26006c7691bc4bf4a4c3f5dffa9c53
b9eb98053bf9fc2a5147b4796de61dce179aeb0d0e9b6e49c2bcfc71b529533a
ba129f3fab709dcad8916478c2d18c9cdb1b37ffd1fdc8fd998dc4f3753460c6
ba5a53d99b4e015e652e675e9dfedc98345a7c2fc7d0c945aa0d8ddb2647efdd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8f0a5a2ac4d52d33bcdd4e13b96572b8114f5851bc763d6af46c2eb1144281
bbffca692cf40b9d0611e20983dadef6e2adf9ce02b398257d0273245c619bbc
bc197118bc5867f8763f59fc8c45da24f7a50fec00064e412041cdcf0255f3a3
bc8894bdb4894c36652d8b265a5cb7f77635ffc48ff5764957a73f602a3c26e0
bcbf3c26722321587d928e6354d7384bc1ada945d5efc687ed84eb46b46c636c
beaacc720264e77de9d27705284a709816ed317c515eae856298675a45ad55f1
bee312a608434a924bf063b224effb547a32f61483741ca6c9817edc5054b2fc
bf08d53d64bd0d01bce2588cb207bb8a4e4676a50fca383612c0f4e977dbf6c1
bf622c70cd52085f8d3672dd27abf0ccdf5600297221514aa41dbaf2a0f6b1d2
c009807b93d04cb58be1e2cdac7934a512c8b3913eefd0d3f9a72563228a02dc
c0f171f21fdab975b904fe917ed65ed581318e650c5293deef4a81528e329e9c
c138f5424629d2a5ca8504b783784078b326a7a8426ce38386e4f4a419047b93
c2ebefe4601d5c0739e24e93436ff97f93e0f5bb3782e0f93cfb48811f18a05d
c34952ec20476833833b0d39326c2a85bd26f1ab04b355187f53eacddbdb7c77
c413164a9b4ed42792a4fe35e0d5787dc48aa26ffc99159ec329b47b665b8269
c42688c6b7c3ede14a89c83ed21e2bee0a9ef6b36efd49e975841250c3ecd63b
c64c1bb9f01e55f12929d8d01690bc3f8736249530cb84fce3038559d29b6f27
c64dc65c651ac72ae6e2469ab7e5f8868ff34986b109652487cb8854bf25716d
c675e6cf81d73d4158f4284a764302c47687ac7f6fb6f4929dee2a8e76809e30
c69330104835be5c6ef333bc402f53092e60164e83f42001901fbb3100f16b97
c8376dce9f8f52703122c1a1c1b4eef46ef2da39c4574685ff1bbca76b4fa335
c8afca9512d3621d70ef92f344d7038b85116758f29d7f8880bca9f4d77f1de2
c97995267e0c2da1ded20bd58c8063750e48c2b107b32411f12b2f10636212b2
c9f262287849334dc8011d608935f66e34b77085857f493e6a4407bda0eba209
cb07c03575d9216bbc7f32e716129101e0dd878a19a0adbc249656f47cf1a3a3
cb91e5a485f9cb8d412446bed3cd1b84c7df47f308d30be5b6399722d6717c53
cd2d09424be5f5eb1d42c8257c50cc1fe27e8184a72eedee8383edcfc84e44a7
cdc77956a4ec1d04967dcef14d1de3c6fa82d8d3e0d671b1c7e328f63661bf23
ce3281cf251f71a1b63f270724d473727d48d412baeb1f67a6fec2c170592be2
cf364725e43f8e13a2ef4fd655ad9455a89921cee588624134f2b6dd660744ed
cf3d3c393d6648a70ff135348b8f09a763b675d6b106e38bd9b5a73c2d6577ae
cf3f64e557664715822118f634f01674945e63c8cec05f7e87831137e630a1fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf597a3f14106e6e9ed69f14b80dca252bd0bc3c5542f03155539d607e8e10a5
d1d3ebdb0a13d47d07c440c8dbd6dcaa96a58ec8ac53446a140497c2013c2567
d2dccb7019dff8b98265aee043f800ba56e6dfc5fa26dcf7ea029dfff8825f36
d3b5cd13a5a87b250858d9e06163cd9291df802f9df9bab4e7a1fb7fcd0df5ec
d44a77af748ee535171bfd04986e6e4c474bb989284e0c828ecb54fe8ceecb70
d6d6a9b90bdd341f52f1c5dd52286c116bd7fbb8af3a325a716ae29b71a376c5
d71c14d66d40edec2cdf95f0d0354a3f7d915413d4503d34f00151ddbc0f4a07
d83979120aea89605f3fef94e0acbdc5724473cbd9084b27bea5ffd899839f79
da506c8a9c8a9f31aa00eaeef23d49764b9ace97158a1a0a7aa628e6d446b0fb
dae82102158a00126d6386338f5729f70962283d5faf3f0d109c5974a0b67629
dbcbdacde7ac192393e1200a9b00c7958bb08dac022092e1424fa47989296c73
dbde216af37a4c3b99b0cf2955a5045ded2d17cfb5e96da4226e986a2e4cf3dd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7cf33a0c90169057203c9191c75cbd31306880fcf33203cf5158b96b0e662e
deb831d7be3c3cf3ece0a36846a16187987a318b8ee6fb304ccf492466fd3dc8
df2b4dfc7e9d7d2f321750c35c586c1a5606f0b65cd7c7a43304249ad8dde209
dfa1caff97f8f5ced70fc7aef1870d091bdf32616748b1b4ba5bdde5f336002f
dfbca6040f3d8352da55124ac60a7f6b2535173a3b47bec0c9323b71a5b775a1
e1597b04801911df295990c65d1932c2cb0cc91a304c8127419bca00f804ae12
e17efc9807190079c37d6cfa06df1a6748750cf956dedc4bfdc257475c72bfa4
e25255eebea642aff44efb043effce8c130965162d70463f34ee8e7408c30508
e297ed4f454d334c906e98fbff8f880b9f9d9bec25755d4cd994c9e104d6fedb
e2a399b035f9774d3ee9bf4ae99dd261a1e5abe94b321c71c61b3edfd84b5b4d
e2bd2875521e41f499f90de3aa5bb55c195f011a8e186dcc72cf608ec8e8485b
e3782d42c013742311733c9d666146bc5ee7b43e484cbb1cad18e403e5f8f7b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f63b66b05fb2dbd61e2be4a961ae7a8b67e82b0fae5dc9de9f18597381666a
e4d053ad19ac0f9a306b470ab5a507d03f53860e7b64157f43ceef9d9f7a1088
e56d883115ac449f6460cbab8cba4dc92efaf906a10d8ffd31471282e695c301
e5d94f01fd8cd981adbedb5fc397328c3506733e5e0ad7c6c4a70d55eea04093
e633a579f1df557d2d9e90c93ad222dea5c8e8193c1a085fcbb1f05274ed0197
e81925af97f3e8821604ebaa3cb625012d8eb2bf15edb7d5dc8dce3ac41f9449
e83ee36b99f5b99694fb14962ac5cd6e2d4e5258f1ed66800c9faa9b53431a55
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eedbdcd7b8acfbd5ee57f6bbfc862dbd202cccec3884a3503b71b538064cb825
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef68efdb442844721f8f5e8343e6c021dbe640572c7fb84481386dc08ff219db
ef73dba5bbbc5efe6842b89586d4293e25296937b842b8b942fe583c9f2bf3a9
ef7b483c3b575577f683cf3849e3a79a5385b9844b630adcdc31149900606460
f04bd9bbfbeb00e309f51d8d6cc6d990caa9c4cbfd9170f51efd232f6580dcb8
f0b997a2cf7bfceb289ff0acd6e4799b72af3ce3361b70411e3b53884a6499bc
f1fe21b0bc502937ca6c447ceebdfc4671f21c6be720a112143a486efdacc093
f2714a441b8b3609c365b8570c4e08fc5bac9d6866f842d0029d905b01df398e
f3613c7c5b215ff02db94cdded93b6bdba644f59836e948f075a00ef36cf746e
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f50678facee42859cf140739d1fc46f4433a8f6fbc0c1d9f01de3d36cc313fb5
f5cb2cf05f6698df24cfd83ae39f05f17c2b46cc3d28faaf99b42393e7b33013
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f7f784c882e926082511adb84468522f5b4ddb936e151b984fefeb30fea62166
f8522b134acc65a6c69fe47dca21cf7cd3ca815b80db6a900c1e1b4b0c091645
f93a7d15f544c8733a8dc610901f65db0a52a4e3c5c9555c274691e2a8262631
f9c9f6c70ddd55d39e67461890729c9e0bf8e426e2e02122b4699f9783dd7c1a
fba567510c78e74f786a08758c04c5ea612bd27ee9c775c5fb4753e57c1df6ab
fd644f4d4edfa6684b7266e28e21a3f4c13fd3bb56109335727870efe69535cc
fed78f25c202e5ce5a6578c716478d85dc1af4c458942ff2aa1c3dfa8dae9b52
fef86e3158c682926a1a0bdb1d74d83207c363d0fb125ce12dbd9e37966f56bd
ff94aac9e2aba6d9fefa11d478cb79b634b658a54f1f93865ce3b6826d2c2da7

quickwin765412.com Open in urlscan Pro 94.242.229.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

371 Requests

92 %HTTPS

26 %IPv6

76 Domains

103 Subdomains

79 IPs

12 Countries

6062 kBTransfer

15867 kBSize

72 Cookies

0 Outgoing links

Redirected requests

371 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

quickwin765412.com Open in urlscan Pro
94.242.229.244 Public Scan

Screenshot
Live screenshot

Full Image

371
Requests

92 %
HTTPS

26 %
IPv6

76
Domains

103
Subdomains

79
IPs

12
Countries

6062 kB
Transfer

15867 kB
Size

72
Cookies

371 HTTP transactions
7 data transactions