www.qbet.com Open in urlscan Pro
18.245.113.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iK...
Effective URL:
https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Submission: On December 13 via api (December 13th 2024, 7:09:14 am UTC) from US — Scanned from NL

Summary HTTP 129 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 12 domains to perform 129 HTTP transactions. The main IP is 18.245.113.62, located in United States and belongs to AMAZON-02, US. The main domain is www.qbet.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 18th 2024. Valid for: a year.

This is the only time www.qbet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	88.208.22.1 88.208.22.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	37.114.46.212 37.114.46.212	58087 (FlorianKo...) (FlorianKolb Florian Kolb)
2 14	104.18.22.222 104.18.22.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2600:9000:225... 2600:9000:2250:1600:15:ca88:9240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	104.18.192.136 104.18.192.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	18.245.113.62 18.245.113.62	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	3.160.156.89 3.160.156.89	16509 (AMAZON-02) (AMAZON-02)
2	34.49.206.188 34.49.206.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	216.198.53.3 216.198.53.3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
129	10

2 88.208.22.1 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
PTR: mail.armadaboard.com

28899227-22554-ex.situnifecal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.114.46.212 (Germany)

ASN58087 (FlorianKolb Florian Kolb, DE)
PTR: 212.46.114.37.in-addr.arpa

redwingshere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.22.222 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

meherdewogoud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:1600:15:ca88:9240:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

superfunplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.192.136 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

record.qbetpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.245.113.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-113-62.dfw57.r.cloudfront.net

www.qbet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.156.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-89.fra60.r.cloudfront.net

d21jjud8qm9a0b.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.49.206.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.206.49.34.bc.googleusercontent.com

v9zh3uzt.apicdn.sanity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.198.53.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	meherdewogoud.com 2 redirects meherdewogoud.com — Cisco Umbrella Rank: 237439	32 KB
11	qbet.com www.qbet.com	653 KB
3	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2270 ekr.zdassets.com — Cisco Umbrella Rank: 2553	146 KB
2	sanity.io v9zh3uzt.apicdn.sanity.io	3 KB
2	superfunplay.com 2 redirects superfunplay.com — Cisco Umbrella Rank: 697000	1 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
2	redwingshere.xyz redwingshere.xyz — Cisco Umbrella Rank: 220818	999 B
2	situnifecal.com 1 redirects 28899227-22554-ex.situnifecal.com	4 KB
1	cloudfront.net d21jjud8qm9a0b.cloudfront.net	808 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	981 B
1	qbetpartners.com 1 redirects record.qbetpartners.com	524 B
0	google.com Failed ads.google.com Failed
129	12

	Domain	Requested by
14	meherdewogoud.com	2 redirects meherdewogoud.com
11	www.qbet.com	www.qbet.com
2	static.zdassets.com	www.qbet.com static.zdassets.com
2	v9zh3uzt.apicdn.sanity.io	www.qbet.com
2	superfunplay.com	2 redirects
2	my.rtmark.net	meherdewogoud.com
2	redwingshere.xyz	28899227-22554-ex.situnifecal.com
2	28899227-22554-ex.situnifecal.com	1 redirects
1	ekr.zdassets.com	static.zdassets.com
1	d21jjud8qm9a0b.cloudfront.net	www.qbet.com
1	fonts.googleapis.com	www.qbet.com
1	record.qbetpartners.com	1 redirects
0	ads.google.com Failed	28899227-22554-ex.situnifecal.com
129	13

This site contains no links.

Subject Issuer	Validity	Valid
*.situnifecal.com R11	`2024-11-19` - `2025-02-17`	3 months	crt.sh
redwingshere.xyz E6	`2024-12-07` - `2025-03-07`	3 months	crt.sh
meherdewogoud.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
qbet123.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.apicdn.sanity.io Sectigo RSA Domain Validation Secure Server CA	`2024-09-18` - `2025-09-18`	a year	crt.sh
zdassets.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Frame ID: B5A205D726E282814DF4F45AAE1203B2
Requests: 120 HTTP requests in this frame

Frame: https://www.qbet.com/assets/qbet-spinner-fb9e169a.svg
Frame ID: 308B7A3DF84FD76362A7573E65D908C6
Requests: 1 HTTP requests in this frame

Frame: https://www.qbet.com/assets/qbet-spinner-fb9e169a.svg
Frame ID: 17A26A238B5C0D84E3134A677310C73F
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-5a3d0ee.js
Frame ID: 4BD9F0562BF90699AE1E7E3EDDBFCFA7
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QBet.com

Page URL History Show full URLs

https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3l... Page URL
https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3l... HTTP 307
https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM0o7nEAABAAADCjq0nAQEoQIA1dkBAPnJs_MMAA... Page URL
https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083 Page URL
https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://superfunplay.com/d30b179e-92f0-46b7-9b86-d89d5c582dcd?zoneid=6118780&device=desktop&browser=c... HTTP 307
https://superfunplay.com/d30b179e-92f0-46b7-9b86-d89d5c582dcd/2?zoneid=6118780&device=desktop&browser... HTTP 302
https://record.qbetpartners.com/_5srDiZbuMbrP2s46Cv8UUWNd7ZgqdRLk/13/?s2s.req_id=whlj0g4g7qck37963umrk6cm HTTP 301
https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2W... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

129
Requests

27 %
HTTPS

18 %
IPv6

12
Domains

13
Subdomains

10
IPs

4
Countries

840 kB
Transfer

2383 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw?kws=laura%2Clove%2Ckatrina%2Cvideos%2Cporno%2Cgratis&abl=0&fsb=0&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Page URL
https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw?kws=laura%2Clove%2Ckatrina%2Cvideos%2Cporno%2Cgratis&abl=0&fsb=0&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%25...+312+...e%22%2C%22%5B%5D%22%5D&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2232%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Fri%20Dec%2013%202024%2008%3A09%3A09%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM0o7nEAABAAADCjq0nAQEoQIA1dkBAPnJs_MMAAE&subid2=3463243001 Page URL
https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083 Page URL
https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://superfunplay.com/d30b179e-92f0-46b7-9b86-d89d5c582dcd?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=NL&region=ov&zonetype={zone_type}&useractivity=high&campaignid=8838981&banner=22492808&cost=0.001995&visitor_id=891332509605040806 HTTP 307
https://superfunplay.com/d30b179e-92f0-46b7-9b86-d89d5c582dcd/2?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=NL&region=ov&zonetype={zone_type}&useractivity=high&campaignid=8838981&banner=22492808&cost=0.001995&visitor_id=891332509605040806 HTTP 302
https://record.qbetpartners.com/_5srDiZbuMbrP2s46Cv8UUWNd7ZgqdRLk/13/?s2s.req_id=whlj0g4g7qck37963umrk6cm HTTP 301
https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw?kws=laura%2Clove%2Ckatrina%2Cvideos%2Cporno%2Cgratis&abl=0&fsb=0&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%25...+312+...e%22%2C%22%5B%5D%22%5D&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2232%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Fri%20Dec%2013%202024%2008%3A09%3A09%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM0o7nEAABAAADCjq0nAQEoQIA1dkBAPnJs_MMAAE&subid2=3463243001

Request Chain 10

https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw
28899227-22554-ex.situnifecal.com/ 8 KB
3 KB 53ms
15ms Document
text/html 88.208.22.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw?kws=laura%2Clove%2Ckatrina%2Cvideos%2Cporno%2Cgratis&abl=0&fsb=0&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS: mail.armadaboard.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html
date: Fri, 13 Dec 2024 07:09:09 GMT
expires: Fri, 13 Dec 2024 07:09:09 UTC
last-modified: Fri, 13 Dec 2024 07:09:09 UTC
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
server: nginx
vary: Accept-Encoding

HEAD /
ads.google.com/ 0
0

GET
H/1.1

200
OK

3
redwingshere.xyz/go/4310/
Redirect Chain

https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw?kws=laura%2Clove%2Ckatrina%2...
https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM0o7nEAABAAADCjq0nAQEoQIA1dkBAPnJs_MMAAE&subid2=3463243001

291 B
829 B

152ms
41ms

Document
text/html

37.114.46.212
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM0o7nEAABAAADCjq0nAQEoQIA1dkBAPnJs_MMAAE&subid2=3463243001
Requested by: Host: 28899227-22554-ex.situnifecal.com
URL: https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw?kws=laura%2Clove%2Ckatrina%2Cvideos%2Cporno%2Cgratis&abl=0&fsb=0&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.114.46.212 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 212.46.114.37.in-addr.arpa
Software: nginx/1.24.0 (Ubuntu) / PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Resource Hash

Request headers

Referer: https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw?kws=laura%2Clove%2Ckatrina%2Cvideos%2Cporno%2Cgratis&abl=0&fsb=0&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory: 8

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: identity
Content-Length: 291
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Dec 2024 07:09:09 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 13 Dec 2024 07:09:09 GMT
Pragma: no-cache
Server: nginx/1.24.0 (Ubuntu)
X-Powered-By: PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 13 Dec 2024 07:09:09 GMT
expires: Fri, 13 Dec 2024 07:09:09 UTC
last-modified: Fri, 13 Dec 2024 07:09:09 UTC
location: https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM0o7nEAABAAADCjq0nAQEoQIA1dkBAPnJs_MMAAE&subid2=3463243001
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: no-referrer
server: nginx

GET
H2 200 7482447 Show response
meherdewogoud.com/4/ 31 KB
14 KB 74ms
35ms Document
text/html 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a06b79961058c9261d777c3f4e80d89217a82c93655ae84dde0abe2d8c0d842

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f1420872dd80bba-AMS
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 13 Dec 2024 07:09:09 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H/1.1 200
OK favicon.ico
redwingshere.xyz/ 0
170 B 25ms
25ms Other
text/html 37.114.46.212
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.114.46.212 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 212.46.114.37.in-addr.arpa
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Date: Fri, 13 Dec 2024 07:09:09 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx/1.24.0 (Ubuntu)
Connection: keep-alive

GET
H3 200 img.gif
my.rtmark.net/ 43 B
874 B 44ms
26ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0081315cb594405ce3e545d2c3cecafe&z=7482447&p_rid=429be946-73ef-489d-86db-0f786a78c481&p_src=sf

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsUz5qM8oO8fO4wURxy8V0sS9MbkY5CSeKG%2BFdZWDp89pHFc00Bh4KYZpL3s4hlqkdoZ6Zcbv0gzbs2XFB7x2K7Qdb0HIQeZK8EaCg5KLbqDvZZBi0mctI9e1iTIXbRQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14600&min_rtt=14490&rtt_var=5512&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4089&recv_bytes=4390&delivery_rate=215472&cwnd=12000&unsent_bytes=0&cid=423b706ae32a57be&ts=28&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 07:09:09 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f1420878cd5fb81-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 sftouch
meherdewogoud.com/ 43 B
152 B 28ms
28ms Image
image/gif 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meherdewogoud.com/sftouch?userId=0081315cb594405ce3e545d2c3cecafe&z=7482447&p_rid=429be946-73ef-489d-86db-0f786a78c481&p_src=sf&branchId=0&rb=RXHirQepuqmEDmMzLrn7mhqlEaQezvDZbLv47IUov_T7VOpa-6G9QaFO8uo2S0pzhkjmr4ZewoAvB3AU_YS1_neDsMrT12OxQHMDbCbaj2EiMPgIFHjJq6tMwE7YcQmKK_K34cpoJSPgnrvwxIT3z36WiEvS0DHgjiRAEtghDf7UHGcTCeVzk2daTzEglgcy2oYEe8fUdDdanf6EkrEULiQk45EJ_h0cT3pNgndntB2qRZdnFFqefRUS9rXKR9tbt3puXfUD4S5vo3EzDIFMERcPQ66KgykH4A-OO616Y0E1QEtgjt1AN7h03dv3jTEkoQEm8VWNXm4ua604SQ4-nzDFcUE=&w_img=1

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 13 Dec 2024 07:09:09 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: caf008701f38997bdcaa08c0b331740c
cf-ray: 8f1420879e650bba-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H2 200 add Show response
meherdewogoud.com/log/ 12 B
234 B 28ms
27ms XHR
application/json 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=429be946-73ef-489d-86db-0f786a78c481

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
cf-ray: 8f1420879e6f0bba-AMS
access-control-allow-origin: https://meherdewogoud.com
alt-svc: h3=":443"; ma=86400
content-length: 12
date: Fri, 13 Dec 2024 07:09:09 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H2 200 add Show response
meherdewogoud.com/async_log/ 0
42 B 28ms
27ms XHR
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=429be946-73ef-489d-86db-0f786a78c481

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f1420879e700bba-AMS
access-control-allow-origin: https://meherdewogoud.com
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 13 Dec 2024 07:09:09 GMT
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
meherdewogoud.com/ 0
248 B 26ms
26ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meherdewogoud.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 189214
cf-ray: 8f142087bfceb902-AMS
expires: Mon, 11 Dec 2034 07:09:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 13 Dec 2024 07:09:09 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3

200

6118780 Show response
meherdewogoud.com/4/
Redirect Chain

https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

31 KB
14 KB

212ms
212ms

Document
text/html

104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

927ace5f92c917d567b5e6488fd54cd801bb6bcdbc40fa422fc12ab6d0e5ee8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://meherdewogoud.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f1420881839b902-AMS
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 13 Dec 2024 07:09:09 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://meherdewogoud.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f142087e802b902-AMS
content-length: 0
date: Fri, 13 Dec 2024 07:09:09 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://meherdewogoud.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 48b42cf4d4ea2b13ceff0960c15a75b5

GET
H3 204 favicon.ico
meherdewogoud.com/ 0
0 0ms
0ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meherdewogoud.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 189214
cf-ray: 8f142087bfceb902-AMS
expires: Mon, 11 Dec 2034 07:09:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 13 Dec 2024 07:09:09 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 sftouch
meherdewogoud.com/ 43 B
562 B 33ms
33ms Image
image/gif 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meherdewogoud.com/sftouch?userId=0081319ec16f47ccf3ec7bda515f9ff6&z=6118780&p_rid=d8eb9cdc-bc2d-4421-8052-bef8d1ce0876&p_src=sf&branchId=0&rb=Wx8npjFGxd9k3WBcQPqEQjabCoM0jRzcyWAF9NnMLRnIhMmkBK6nZYw53OXoIkETWg6EaqSDyY4xkO-H-qKLTFzAze9_zS-xVU1AuxDmA7gcZ9RVZkUPjXunyXQpRDlKOtT3dYwYzoTVq3xS87ILgxMp_RIKhmROpZqqeBM3XU4WSchxYfu6zGpeDnMf16xiMCo2WhSZ5i5br_-u1JuPpLSxNWHD45KXjKKrWiw49VsYvDWEo3eYfJRicE_t_8tJtKPsyCyTtMBA4Pqwh22AhLMM49JanEBF-fbdJuRVMNv-710fA6hiNbL6Q_k=&w_img=1

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 13 Dec 2024 07:09:10 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 4b26a95c8c01748294b2becd29462c8a
cf-ray: 8f14208999c0b902-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
meherdewogoud.com/log/ 12 B
336 B 26ms
24ms XHR
application/json 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d8eb9cdc-bc2d-4421-8052-bef8d1ce0876

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 13 Dec 2024 07:09:10 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8f142089b9ddb902-AMS
access-control-allow-origin: https://meherdewogoud.com
content-length: 12
server: cloudflare

GET
H3 200 img.gif
my.rtmark.net/ 43 B
840 B 26ms
26ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0081319ec16f47ccf3ec7bda515f9ff6&z=6118780&p_rid=d8eb9cdc-bc2d-4421-8052-bef8d1ce0876&p_src=sf

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O64DpK%2Ff5h6IMdq7eyMh1nM6Bomztas7VKPp24nPs8zOUZILSuQMSXPuuuJYDRX%2Fc2Sc5MJhOadbYYYwJYIfg6I%2BdY6nJVfD5g2i772i7uFTqJFVF3KtMCv3c9gkclxF"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14531&min_rtt=14282&rtt_var=2415&sent=13&recv=11&lost=0&retrans=0&sent_bytes=5038&recv_bytes=4962&delivery_rate=63675&cwnd=12000&unsent_bytes=0&cid=423b706ae32a57be&ts=376&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 07:09:10 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f142089b9fbfb81-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
meherdewogoud.com/async_log/ 0
292 B 27ms
25ms XHR
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d8eb9cdc-bc2d-4421-8052-bef8d1ce0876

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f142089c9e6b902-AMS
access-control-allow-origin: https://meherdewogoud.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Fri, 13 Dec 2024 07:09:10 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
meherdewogoud.com/ 0
0 0ms
0ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meherdewogoud.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 189214
cf-ray: 8f142087bfceb902-AMS
expires: Mon, 11 Dec 2034 07:09:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 13 Dec 2024 07:09:09 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2

200

Primary Request spribe:aviator Show response
www.qbet.com/en-UN/online-casino/play/softswiss/
Redirect Chain

https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false
https://superfunplay.com/d30b179e-92f0-46b7-9b86-d89d5c582dcd?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=NL&region=ov&zonetype={zone_type}&useractivity=high&campaignid=8838981&ba...
https://superfunplay.com/d30b179e-92f0-46b7-9b86-d89d5c582dcd/2?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=NL&region=ov&zonetype={zone_type}&useractivity=high&campaignid=8838981&...
https://record.qbetpartners.com/_5srDiZbuMbrP2s46Cv8UUWNd7ZgqdRLk/13/?s2s.req_id=whlj0g4g7qck37963umrk6cm
https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

2 KB
3 KB

1161ms
899ms

Document
text/html

18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eef0c1bafe4451cd7355a0a8f2324e8781f693b5aa1e01abeea843ce0da9676f

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://meherdewogoud.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 2392
content-type: text/html
date: Fri, 13 Dec 2024 07:09:12 GMT
etag: "bcaba6591a6eabd6ea8591270c4c0298"
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
location: /en-LL
server: AmazonS3
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-amz-cf-id: JVlHQLwVzMQKouD315l4qvT7K-15dQWXKLIimNozj8jlebyGDLdKWQ==
x-amz-cf-pop: DFW57-P8
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront

Redirect headers

access-control-allow-origin: *
cache-control: private, no-cache, must-revalidate
cf-cache-status: BYPASS
cf-ray: 8f14208c1bf2775d-AMS
content-type: text/html; charset=utf-8
date: Fri, 13 Dec 2024 07:09:10 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: ZBan

GET
H3 204 favicon.ico
meherdewogoud.com/ 0
0 0ms
0ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meherdewogoud.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 189214
cf-ray: 8f142087bfceb902-AMS
expires: Mon, 11 Dec 2034 07:09:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 13 Dec 2024 07:09:09 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2 200 OpenSans-Regular.ttf
www.qbet.com/fonts/ 95 KB
56 KB 508ms
507ms Font
font/ttf 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/fonts/OpenSans-Regular.ttf
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.qbet.com
Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

Response headers

x-amz-cf-pop: DFW57-P8
content-encoding: br
etag: W/"3ed9575dcc488c3e3a5bd66620bdf5a4"
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: sbKSbxTxvg3ChhmAYnPD-04IrrHC0S4-YHo0eunkMweN0wvzxU7OTQ==
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: font/ttf
vary: Accept-Encoding
server: AmazonS3
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 OpenSans-SemiBold.ttf
www.qbet.com/fonts/ 98 KB
58 KB 508ms
507ms Font
font/ttf 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/fonts/OpenSans-SemiBold.ttf
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.qbet.com
Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

Response headers

x-amz-cf-pop: DFW57-P8
content-encoding: br
etag: W/"ba5cde21eeea0d57ab7efefc99596cce"
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Nl1NyIGwWXuJ52mzRqamfo0imVQo2_F_H3UTGCJWZq3W2kuYfaNsYQ==
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: font/ttf
vary: Accept-Encoding
server: AmazonS3
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
981 B 106ms
34ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;1,900&display=swap

Requested by

Host: www.qbet.com
URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f3f6a4e5b17ae783af126298361d2fb9f5bd59bac5b12610e389ffa898830ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.qbet.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 07:09:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 07:09:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 07:02:49 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 index-39bf3d29.js Show response
www.qbet.com/assets/ 1 MB
323 KB 531ms
530ms Script
application/javascript 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/assets/index-39bf3d29.js
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47ab8e7c2b370c44faa454f607e71b244430e471eaaadd6cc9311fb9818405bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.qbet.com
Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

Response headers

x-amz-cf-pop: DFW57-P8
content-encoding: br
etag: W/"b37ee3bede7c2f4e18ab0a411d4dbb99"
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 8BWKv6mJxtE4h4peYndy0WWYw6euqtyBhvcOJLeAOO9o0U5Rlxq90A==
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 index-67ca4170.css
www.qbet.com/assets/ 66 KB
12 KB 534ms
534ms Stylesheet
text/css 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/assets/index-67ca4170.css
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67ca41704739d07927d57c1b5ea91e05eb5cd8d62ef834746b872503c332592d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

Response headers

x-amz-cf-pop: DFW57-P8
content-encoding: br
etag: W/"6f7507b0ccc67ca62ae3fcbfa103234c"
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: aHsv35vNbm-HZ7mhEGYEN7DrTk73M3y4quRZwNzujiQ2skl-8WgKCw==
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: text/css
vary: Accept-Encoding
server: AmazonS3
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 OpenSans-Bold.ttf
www.qbet.com/fonts/ 0
58 KB 625ms
624ms Other
font/ttf 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/fonts/OpenSans-Bold.ttf
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.qbet.com
Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

Response headers

x-amz-cf-pop: DFW57-P8
content-encoding: br
etag: W/"1025a6e0fb0fa86f17f57cc82a6b9756"
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: N6apiLZw_PXh-31IBxYaG2gQ5-_QiHjMrJKHOFawpaK9lYr4wlpVPw==
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: font/ttf
vary: Accept-Encoding
server: AmazonS3
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 OpenSans-ExtraBold.ttf
www.qbet.com/fonts/ 0
71 KB 625ms
625ms Other
font/ttf 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/fonts/OpenSans-ExtraBold.ttf
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.qbet.com
Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

Response headers

x-amz-cf-pop: DFW57-P8
content-encoding: br
etag: W/"f0af8434e183f500acf62135a577c739"
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: fEj3fPSNjJIQGiK0t2GYEeIFfLoBnPnV0CISPxQ60kIn_ITe2A_AcA==
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: font/ttf
vary: Accept-Encoding
server: AmazonS3
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 backlistedIP-9ed3b537.js Show response
www.qbet.com/assets/ 158 KB
31 KB 510ms
510ms Script
application/javascript 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/assets/backlistedIP-9ed3b537.js
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/assets/index-39bf3d29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83c0d9f657333651deeacfbcf1a749b3ee4d6fd5041a72de511a3ae5b7eb58c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.qbet.com
Referer: https://www.qbet.com/assets/index-39bf3d29.js

Response headers

x-amz-cf-pop: DFW57-P8
content-encoding: br
etag: W/"8b0c80725daa24516dbd0130f58d6eb1"
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: wQFgt8BooBPCVVx2L2s_rJkb48PgdZWXYUSz4ww8dPKJ6GVeGefEMw==
date: Fri, 13 Dec 2024 07:09:14 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 qbet-spinner-fb9e169a.svg Show response
www.qbet.com/assets/ Frame 308B 33 KB
11 KB 542ms
542ms Document
image/svg+xml 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/assets/qbet-spinner-fb9e169a.svg
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb9e169a039c23591ac79a9db0c8d81280b8491629b4e1790207a22ee974d2a6

Request headers

Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: image/svg+xml
date: Fri, 13 Dec 2024 07:09:14 GMT
etag: W/"0d0dfbf03bcf5b9db3c12496b0606adc"
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-amz-cf-id: nAHZid7IYOu1LPEJW7tHJADQ12J9-8RLExYbUEqsMuYKyT2BALcjiw==
x-amz-cf-pop: DFW57-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 default.json Show response
www.qbet.com/locales/en/ 145 KB
30 KB 523ms
523ms Fetch
application/json 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/locales/en/default.json
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/assets/index-39bf3d29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bc77bece53bfc8ebdc0f339c0815f248fe269d5f4733ba063c6c5e8da2c4d0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

Response headers

x-amz-cf-pop: DFW57-P8
content-encoding: br
etag: W/"64a3100384a6f1556f88fb9af448cb37"
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: a3XdjO4Rx_yd8cgn6DpqcIG3omSbYGI8oK_7miFyBdr7RslaG_gl4w==
date: Fri, 13 Dec 2024 07:09:14 GMT
content-type: application/json
vary: Accept-Encoding
server: AmazonS3
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
x-amz-server-side-encryption: AES256

GET favicon.ico
www.qbet.com/ 0
0

GET ThirdPartyScripts-933f7a09.js
www.qbet.com/assets/ 0
0

GET GTM-b77527d5.js
www.qbet.com/assets/ 0
0

GET helper-bb65db95.js
www.qbet.com/assets/ 0
0

GET types-464bc3ad.js
www.qbet.com/assets/ 0
0

GET MaxAttemptsModal-4a6712f1.js
www.qbet.com/assets/ 0
0

GET ButtonsGroupRow-369b0aae.js
www.qbet.com/assets/ 0
0

GET SecondaryButton-8962a02b.js
www.qbet.com/assets/ 0
0

GET index-609e5978.js
www.qbet.com/assets/ 0
0

GET FormHeader-81c840c2.js
www.qbet.com/assets/ 0
0

GET ArrowBack-17d9eff0.js
www.qbet.com/assets/ 0
0

GET createSvgIcon-d0e2434a.js
www.qbet.com/assets/ 0
0

GET ownerDocument-d83e78db.js
www.qbet.com/assets/ 0
0

GET useControlled-0ab60c8b.js
www.qbet.com/assets/ 0
0

GET ownerWindow-2b656165.js
www.qbet.com/assets/ 0
0

GET Close-0af684c4.js
www.qbet.com/assets/ 0
0

GET utils-1d20928c.js
www.qbet.com/assets/ 0
0

GET Dialog-a252d296.js
www.qbet.com/assets/ 0
0

GET Modal-b6a67ae4.js
www.qbet.com/assets/ 0
0

GET styles-b2df0dd1.js
www.qbet.com/assets/ 0
0

GET ToastNotificationContainer-5821b6ce.js
www.qbet.com/assets/ 0
0

GET IconButton-e5eceb3f.js
www.qbet.com/assets/ 0
0

GET ScrollToTopOnRouteChange-e656da6f.js
www.qbet.com/assets/ 0
0

GET CookiesNotification-47bf8cc4.js
www.qbet.com/assets/ 0
0

GET index-ef5c383f.js
www.qbet.com/assets/ 0
0

GET LinkToCallback-b220fbef.js
www.qbet.com/assets/ 0
0

GET FormattedText-00c94b28.js
www.qbet.com/assets/ 0
0

GET AccordionContainer-d8191ec7.js
www.qbet.com/assets/ 0
0

GET ExternalLink-4c4c4a5f.js
www.qbet.com/assets/ 0
0

GET FormControlLabel-a1f603bf.js
www.qbet.com/assets/ 0
0

GET useFormControl-97168859.js
www.qbet.com/assets/ 0
0

GET Checkbox-3be46005.js
www.qbet.com/assets/ 0
0

GET PlayerIdleTimerModal-9d885a60.js
www.qbet.com/assets/ 0
0

GET index-77e9259d.js
www.qbet.com/assets/ 0
0

GET usePlayerCurrencySymbol-cad26386.js
www.qbet.com/assets/ 0
0

GET FormControl-6b85370f.js
www.qbet.com/assets/ 0
0

GET utils-96e9bc42.js
www.qbet.com/assets/ 0
0

GET Select-cadbfb21.js
www.qbet.com/assets/ 0
0

GET react-is.production.min-6b83ade0.js
www.qbet.com/assets/ 0
0

GET Grow-7a67f1a9.js
www.qbet.com/assets/ 0
0

GET InputBase-74070351.js
www.qbet.com/assets/ 0
0

GET TextField-98958932.js
www.qbet.com/assets/ 0
0

GET MenuItem-a70429d1.js
www.qbet.com/assets/ 0
0

GET types-0ed0a306.js
www.qbet.com/assets/ 0
0

GET index-e888a047.js
www.qbet.com/assets/ 0
0

GET Hidden-8ead1694.js
www.qbet.com/assets/ 0
0

GET helpers-6f1a52e9.js
www.qbet.com/assets/ 0
0

GET types-8e94b538.js
www.qbet.com/assets/ 0
0

GET Flag-c36345ed.js
www.qbet.com/assets/ 0
0

GET sanity-b27b2bc3.js
www.qbet.com/assets/ 0
0

GET countrylist-83bc0eec.js
www.qbet.com/assets/ 0
0

GET Icon-eef7be3d.js
www.qbet.com/assets/ 0
0

GET ExpandMore-0fa3b105.js
www.qbet.com/assets/ 0
0

GET debounce-035e3779.js
www.qbet.com/assets/ 0
0

GET Slide-17465c57.js
www.qbet.com/assets/ 0
0

GET Tabs-219274e8.js
www.qbet.com/assets/ 0
0

GET QBET-logo-bd0b1609.js
www.qbet.com/assets/ 0
0

GET types-1cdffc0e.js
www.qbet.com/assets/ 0
0

GET Caroussel-4938637a.js
www.qbet.com/assets/ 0
0

GET Caroussel-dda51415.css
www.qbet.com/assets/ 0
0

GET constants-782f69cf.js
www.qbet.com/assets/ 0
0

GET index.esm-aa528c6b.js
www.qbet.com/assets/ 0
0

GET useCountDownTimer-4101855b.js
www.qbet.com/assets/ 0
0

GET index-b7eeafff.js
www.qbet.com/assets/ 0
0

GET Dropdown-4cab0c1a.js
www.qbet.com/assets/ 0
0

GET date-2f11ad5a.js
www.qbet.com/assets/ 0
0

GET CircularProgress-cb273d95.js
www.qbet.com/assets/ 0
0

GET DatePickerLocalizationProvider-ba060a02.js
www.qbet.com/assets/ 0
0

GET Button-8a9ec2cc.js
www.qbet.com/assets/ 0
0

GET selectors-8d81669c.js
www.qbet.com/assets/ 0
0

GET index-b50a92d4.js
www.qbet.com/assets/ 0
0

GET GameErrorWrapper-08510f5b.js
www.qbet.com/assets/ 0
0

GET useCloseGame-09098977.js
www.qbet.com/assets/ 0
0

GET useGameIframeStyles-90b84720.js
www.qbet.com/assets/ 0
0

GET casino-types-422100cb.js
www.qbet.com/assets/ 0
0

GET styles-3249c766.js
www.qbet.com/assets/ 0
0

GET index-bcab6ca4.js
www.qbet.com/assets/ 0
0

GET PageMeta-c8b8437f.js
www.qbet.com/assets/ 0
0

GET helpers-b0b532ae.js
www.qbet.com/assets/ 0
0

GET index-41412958.js
www.qbet.com/assets/ 0
0

GET UnderlineLinkRenderer-17b16fb9.js
www.qbet.com/assets/ 0
0

GET index-05e80e6e.js
www.qbet.com/assets/ 0
0

GET QBET-footer-81dbd972.js
www.qbet.com/assets/ 0
0

GET styles-7717c06f.js
www.qbet.com/assets/ 0
0

GET
H2 200 context Show response
d21jjud8qm9a0b.cloudfront.net/prod/api/v1/player/access/ 379 B
808 B 174ms
119ms XHR
application/json 3.160.156.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21jjud8qm9a0b.cloudfront.net/prod/api/v1/player/access/context
Requested by: Host: www.qbet.com
URL: https://www.qbet.com/assets/index-39bf3d29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 98d300302feb93b9ee97dc947d9c0b603386abb0c20ff94b494fc8fe9cfc2de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.qbet.com/

Response headers

x-amz-apigw-id: Ct-QFHVNjoEEZug=
x-amzn-trace-id: Root=1-675bdd99-5a52458001fff60e1335dd4a
x-amzn-requestid: ccd4fb07-018e-480c-aaeb-b1f60c4fd28d
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront), 1.1 c0db8c417b5a375429fc7f3c54841604.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 379
x-amz-cf-id: bVHJx1cjj2lC2ZVWzRJvd9bP713tuwaj37XxxSE8oruqLIFrAEhkug==
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P3, FRA60-P7

GET context
d21jjud8qm9a0b.cloudfront.net/prod/api/v1/player/access/ 0
0

GET
H2 200 / Show response
v9zh3uzt.apicdn.sanity.io/v1/data/query/production/ 22 KB
3 KB 62ms
24ms XHR
application/json 34.49.206.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://v9zh3uzt.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22information%22%20%26%26%20!(%22UN%22%20in%20excludedMarkets%5B%5D-%3Eid)%20%26%26%20!(%22en-UN%22%20in%20excludedMarkets%5B%5D-%3Eroute)%5D%20%7C%20order(_createdAt%20asc)%7B%0A%20%20%20%20%20%20...%2C%0A%20%20%20%20%20%20%22title%22%3A%20%7B%20%0A%20%20%20%20%20%20%20%20%22en%22%3A%20title.en%2C%20%0A%20%20%20%20%20%20%20%20%22en%22%3A%20title.en%0A%20%20%20%20%20%20%7D%2C%20%0A%20%20%20%20%20%20%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%0A%20%20%20%20%7D%0A%20%20

Requested by

Host: www.qbet.com
URL: https://www.qbet.com/assets/index-39bf3d29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.206.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.206.49.34.bc.googleusercontent.com

Software

Resource Hash

70b87ca6511f2122992891b9e84aaccb383f7dcc001f5dd7a3ab6ae0847a3984

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.qbet.com/

Response headers

access-control-max-age: 600
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
content-encoding: br
sanity-gateway: k8s-gcp-eu-w1-prod-ing-01
sanity-query-hash: FvSpc0Pz4Zk uxvbys1qyTQ
server-timing: api;dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=3600
date: Fri, 13 Dec 2024 06:47:54 GMT
content-type: application/json; charset=utf-8
vary: accept-encoding, origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=3600
x-sanity-age: 1279
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://www.qbet.com
content-length: 2568
x-sanity-shard: gcp-eu-w1-01-prod-1034

GET
H2 200 / Show response
v9zh3uzt.apicdn.sanity.io/v1/data/query/production/ 411 B
770 B 61ms
23ms XHR
application/json 34.49.206.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://v9zh3uzt.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22contact-us%22%20%26%26%20!(%22UN%22%20in%20excludedMarkets%5B%5D-%3Eid)%20%26%26%20!(%22en-UN%22%20in%20excludedMarkets%5B%5D-%3Eroute)%5D%20%7C%20order(_createdAt%20asc)%7B%0A%20%20%20%20%20%20...%2C%0A%20%20%20%20%20%20%22title%22%3A%20%7B%20%0A%20%20%20%20%20%20%20%20%22en%22%3A%20title.en%2C%20%0A%20%20%20%20%20%20%20%20%22en%22%3A%20title.en%0A%20%20%20%20%20%20%7D%2C%20%0A%20%20%20%20%20%20%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%0A%20%20%20%20%7D%0A%20%20

Requested by

Host: www.qbet.com
URL: https://www.qbet.com/assets/index-39bf3d29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.206.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.206.49.34.bc.googleusercontent.com

Software

Resource Hash

5cf2fb520588a4a96c2ebbecb485eaa8bf1161ef1b3756d799fd8b2d9e0a9178

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.qbet.com/

Response headers

access-control-max-age: 600
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
content-encoding: br
sanity-gateway: k8s-gcp-eu-w1-prod-ing-01
sanity-query-hash: OvugRZFrDN4 uxvbys1qyTQ
server-timing: api;dur=6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=3600
date: Fri, 13 Dec 2024 06:47:54 GMT
content-type: application/json; charset=utf-8
vary: accept-encoding, origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=3600
x-sanity-age: 1279
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: https://www.qbet.com
content-length: 201
x-sanity-shard: gcp-eu-w1-01-prod-1034

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 68ms
31ms Script
application/javascript 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=79fd3bba-deff-48dc-ab98-d9c7be3c5b76

Requested by

Host: www.qbet.com
URL: https://www.qbet.com/assets/index-39bf3d29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.qbet.com/

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"c88d625098ddb649cf216dba2e52435c"
x-amz-version-id: C4qpYKgeT8.DeRlre_wbz3El4DCj0uok
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bkh03thuC4%2BHp55PJd53Ju6WOqPcI3P1DL7%2FDnvQHD6sxCpXa3ZH1b7UJiVqzOS9QI%2B67Y89cq28vEi%2BG492BPDrdCrlxI0EvNvF1f5JEPl2n2rReA4qqytu99xjh2Wu69wcjq0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 09:45:04 GMT
vary: Accept-Encoding
x-amz-id-2: e4kxBc6oz8L7X4HA/eVGcPul1RhNWpgf8QgOTgKtQhBZ+eoe2SxPFG1UTKuuxlN9AQZkfc6EAl25uONmOx8e9AQ35p8ll5SZ
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=3600, s-maxage=60
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0Z8P61KWRMSK6HFM
cf-ray: 8f1420a06c8a6698-AMS
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 qbet-spinner-fb9e169a.svg Show response
www.qbet.com/assets/ Frame 17A2 33 KB
0 0ms
0ms Document
image/svg+xml 18.245.113.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qbet.com/assets/qbet-spinner-fb9e169a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.113.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-113-62.dfw57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb9e169a039c23591ac79a9db0c8d81280b8491629b4e1790207a22ee974d2a6

Request headers

Referer: https://www.qbet.com/en-UN/online-casino/play/softswiss/spribe:aviator?aff=sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: image/svg+xml
date: Fri, 13 Dec 2024 07:09:14 GMT
etag: W/"0d0dfbf03bcf5b9db3c12496b0606adc"
last-modified: Fri, 13 Dec 2024 04:15:47 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7162ad114a2620a596cd6cd391ad1032.cloudfront.net (CloudFront)
x-amz-cf-id: nAHZid7IYOu1LPEJW7tHJADQ12J9-8RLExYbUEqsMuYKyT2BALcjiw==
x-amz-cf-pop: DFW57-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 79fd3bba-deff-48dc-ab98-d9c7be3c5b76 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 83ms
34ms Fetch
application/json 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/79fd3bba-deff-48dc-ab98-d9c7be3c5b76

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=79fd3bba-deff-48dc-ab98-d9c7be3c5b76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf30721b4cbeffe15e4048f2654738c04e59d8c02c8d0dd26332d1b3a5a90fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.qbet.com/

Response headers

access-control-max-age: 7200
x-request-id: 8f0dfd0a3816b972-SEA, 8f0dfd0a3816b972-SEA, 8f0dfd0a3816b972-SEA
access-control-expose-headers
content-encoding: br
cf-cache-status: HIT
etag: W/"cf30721b4cbeffe15e4048f2654738c0"
age: 13
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z1s4k93or5hQ66N8Cf9UvXDK6L5aNCuvTdG%2FNh3evM3uQThtCbpnorW7oRWthFZfQxpIuw%2BNILQ4Yrf7wkvSoptZzxuDSKozyISyCaX6zLT1bzO9dEJk9k4uL9CfEouhMqo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.013306
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
cdn-cache-control: max-age=60
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f1420a0ede39f72-AMS
access-control-allow-origin: *
x-zendesk-zorg: yes, yes
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 web-widget-main-5a3d0ee.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 4BD9 444 KB
140 KB 49ms
49ms Script
application/javascript 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-5a3d0ee.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=79fd3bba-deff-48dc-ab98-d9c7be3c5b76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaf750ae51c2fbca6514d85ae4268988cc68b24ff53868443fd9869f68c632c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"5d8443b907d4396e9f5352b082ffbc9b"
x-amz-version-id: dZD29sGwNmPZtqbXeFPwvVwCWnHcJ_Mi
age: 64397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5FHisTSX01SWtp%2FLJqtcemc4ZmXv4bWg5nNJsHFoZxt6PKtW1LM6%2FTD9TvRt%2BWWznb3DiZKiQVCF13dhYycCG8h6FaDEx2us3awp4mcbZMPRnsi1rEwHlr546cvlL3FORCSotw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Fri, 12 Dec 2025 11:49:58 GMT
date: Fri, 13 Dec 2024 07:09:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 11:49:59 GMT
vary: Accept-Encoding
x-amz-id-2: f5LZTnxhe31xfkhEVd0/Y1NE1WToo6DYjFp7klPE8PfE5ERhkAuBlxTzm+4EeWrh270g7hekPJY=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T0ZKQXNFBSS6X619
cf-ray: 8f1420a12d516698-AMS
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET en-us-json-5a3d0ee.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 4BD9 0
0

GET web-widget-9606-5a3d0ee.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4BD9 0
0

GET web-widget-7437-5a3d0ee.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4BD9 0
0

GET web-widget-3190-5a3d0ee.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4BD9 0
0

GET web-widget-8173-5a3d0ee.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4BD9 0
0

GET web-widget-9961-5a3d0ee.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4BD9 0
0

GET background-error-5186e425.jpg
www.qbet.com/assets/ 0
0

GET OpenSans-SemiBold-5e8d9e1a.ttf
www.qbet.com/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.google.com
URL: https://ads.google.com/

Domain: www.qbet.com
URL: https://www.qbet.com/favicon.ico

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ThirdPartyScripts-933f7a09.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/GTM-b77527d5.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/helper-bb65db95.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/types-464bc3ad.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/MaxAttemptsModal-4a6712f1.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ButtonsGroupRow-369b0aae.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/SecondaryButton-8962a02b.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-609e5978.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/FormHeader-81c840c2.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ArrowBack-17d9eff0.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/createSvgIcon-d0e2434a.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ownerDocument-d83e78db.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/useControlled-0ab60c8b.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ownerWindow-2b656165.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Close-0af684c4.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/utils-1d20928c.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Dialog-a252d296.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Modal-b6a67ae4.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/styles-b2df0dd1.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ToastNotificationContainer-5821b6ce.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/IconButton-e5eceb3f.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ScrollToTopOnRouteChange-e656da6f.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/CookiesNotification-47bf8cc4.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-ef5c383f.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/LinkToCallback-b220fbef.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/FormattedText-00c94b28.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/AccordionContainer-d8191ec7.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ExternalLink-4c4c4a5f.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/FormControlLabel-a1f603bf.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/useFormControl-97168859.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Checkbox-3be46005.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/PlayerIdleTimerModal-9d885a60.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-77e9259d.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/usePlayerCurrencySymbol-cad26386.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/FormControl-6b85370f.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/utils-96e9bc42.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Select-cadbfb21.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/react-is.production.min-6b83ade0.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Grow-7a67f1a9.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/InputBase-74070351.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/TextField-98958932.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/MenuItem-a70429d1.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/types-0ed0a306.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-e888a047.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Hidden-8ead1694.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/helpers-6f1a52e9.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/types-8e94b538.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Flag-c36345ed.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/sanity-b27b2bc3.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/countrylist-83bc0eec.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Icon-eef7be3d.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/ExpandMore-0fa3b105.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/debounce-035e3779.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Slide-17465c57.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Tabs-219274e8.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/QBET-logo-bd0b1609.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/types-1cdffc0e.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Caroussel-4938637a.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Caroussel-dda51415.css

Domain: www.qbet.com
URL: https://www.qbet.com/assets/constants-782f69cf.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index.esm-aa528c6b.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/useCountDownTimer-4101855b.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-b7eeafff.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Dropdown-4cab0c1a.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/date-2f11ad5a.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/CircularProgress-cb273d95.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/DatePickerLocalizationProvider-ba060a02.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/Button-8a9ec2cc.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/selectors-8d81669c.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-b50a92d4.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/GameErrorWrapper-08510f5b.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/useCloseGame-09098977.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/useGameIframeStyles-90b84720.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/casino-types-422100cb.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/styles-3249c766.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-bcab6ca4.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/PageMeta-c8b8437f.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/helpers-b0b532ae.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-41412958.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/UnderlineLinkRenderer-17b16fb9.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/index-05e80e6e.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/QBET-footer-81dbd972.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/styles-7717c06f.js

Domain: d21jjud8qm9a0b.cloudfront.net
URL: https://d21jjud8qm9a0b.cloudfront.net/prod/api/v1/player/access/context

Domain: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-5a3d0ee.js

Domain: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-9606-5a3d0ee.js

Domain: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-7437-5a3d0ee.js

Domain: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-3190-5a3d0ee.js

Domain: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-8173-5a3d0ee.js

Domain: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-9961-5a3d0ee.js

Domain: www.qbet.com
URL: https://www.qbet.com/assets/background-error-5186e425.jpg

Domain: www.qbet.com
URL: https://www.qbet.com/assets/OpenSans-SemiBold-5e8d9e1a.ttf

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
redwingshere.xyz/	1970-01-21 01:42:14	Name: mobitck Value: 1
my.rtmark.net/	1970-01-21 10:26:49	Name: ID Value: 0081315cb594405ce3e545d2c3cecafe
meherdewogoud.com/	1970-01-21 10:26:49	Name: oaidts Value: 1734073749
meherdewogoud.com/	1970-01-21 10:26:49	Name: OAID Value: 0081315cb594405ce3e545d2c3cecafe
meherdewogoud.com/	1970-01-21 01:51:18	Name: syncedCookie Value: true
.superfunplay.com/	1970-01-21 01:42:40	Name: d30b179e-92f0-46b7-9b86-d89d5c582dcd-v4 Value: JzMHWLLdxUpbGOyJjZyUWPVPpAyC0SpBx8dNP1njMZA
.superfunplay.com/	1970-01-21 10:26:49	Name: cc-v4 Value: pZzuq8DNBqg3b7lYfGZtMPoUljbMZ5fPAnGF%2F8akHLYiOe4bNRZlVQHqJKKk3nXWhNECM88jmoCh%2ByIPtdkVrWbqlsdg%2FyxNVWK5i7H%2FgcjTABuAE2zBvOMe0Qa7TtadoASbJWUbJ8Q914S2vidQjg%3D%3D
record.qbetpartners.com/	1970-01-21 10:26:49	Name: VID1 Value: Jy1TKFQtIyhWLWBgYApgCg%3D%3D
.qbetpartners.com/	1970-01-21 10:26:49	Name: ZBan Value: sxwgFcFY385HIRK-ucLc2WNd7ZgqdRLk

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://28899227-22554-ex.situnifecal.com/jSZHCIE2NAroZtczvVjGJyVPldkRvoHRdq1WOMjNGM4SNsqS94tU8JyMA9Nnc9fKkIwGJ_Mk0f3leuuzHOKnYBaKm6elu7iKdAYfT7xOMNiMwB3wr8Ka9J2Q7tz-Rw?kws=laura%2Clove%2Ckatrina%2Cvideos%2Cporno%2Cgratis&abl=0&fsb=0&pageUri=https%3A%2F%2Fen.4freedom.click%2Fv%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A08C036C3E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://meherdewogoud.com/4/7482447?var=4310_3463243001&ymid=15dqfikpg0083 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D006C3E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A08C036C3E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Amsterdam&bto=-60&bar=x(Line 81) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D006C3E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A08C036C3E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28899227-22554-ex.situnifecal.com
ads.google.com
d21jjud8qm9a0b.cloudfront.net
ekr.zdassets.com
fonts.googleapis.com
meherdewogoud.com
my.rtmark.net
record.qbetpartners.com
redwingshere.xyz
static.zdassets.com
superfunplay.com
v9zh3uzt.apicdn.sanity.io
www.qbet.com
ads.google.com
d21jjud8qm9a0b.cloudfront.net
static.zdassets.com
www.qbet.com
104.18.192.136
104.18.22.222
18.245.113.62
188.114.97.3
216.198.53.3
2600:9000:2250:1600:15:ca88:9240:93a1
2a00:1450:4001:809::200a
3.160.156.89
34.49.206.188
37.114.46.212
88.208.22.1
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
0bc77bece53bfc8ebdc0f339c0815f248fe269d5f4733ba063c6c5e8da2c4d0a
47ab8e7c2b370c44faa454f607e71b244430e471eaaadd6cc9311fb9818405bb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5cf2fb520588a4a96c2ebbecb485eaa8bf1161ef1b3756d799fd8b2d9e0a9178
5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684
67ca41704739d07927d57c1b5ea91e05eb5cd8d62ef834746b872503c332592d
6a06b79961058c9261d777c3f4e80d89217a82c93655ae84dde0abe2d8c0d842
70b87ca6511f2122992891b9e84aaccb383f7dcc001f5dd7a3ab6ae0847a3984
83c0d9f657333651deeacfbcf1a749b3ee4d6fd5041a72de511a3ae5b7eb58c3
927ace5f92c917d567b5e6488fd54cd801bb6bcdbc40fa422fc12ab6d0e5ee8e
98d300302feb93b9ee97dc947d9c0b603386abb0c20ff94b494fc8fe9cfc2de5
9f3f6a4e5b17ae783af126298361d2fb9f5bd59bac5b12610e389ffa898830ab
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
cf30721b4cbeffe15e4048f2654738c04e59d8c02c8d0dd26332d1b3a5a90fdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf750ae51c2fbca6514d85ae4268988cc68b24ff53868443fd9869f68c632c1
eef0c1bafe4451cd7355a0a8f2324e8781f693b5aa1e01abeea843ce0da9676f
fb9e169a039c23591ac79a9db0c8d81280b8491629b4e1790207a22ee974d2a6
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

www.qbet.com Open in urlscan Pro 18.245.113.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

27 %HTTPS

18 %IPv6

12 Domains

13 Subdomains

10 IPs

4 Countries

840 kBTransfer

2383 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.qbet.com Open in urlscan Pro
18.245.113.62 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

27 %
HTTPS

18 %
IPv6

12
Domains

13
Subdomains

10
IPs

4
Countries

840 kB
Transfer

2383 kB
Size

9
Cookies

129 HTTP transactions
0 data transactions