urlscan.io logo urlscan.io
SecurityTrails logo

qqslotthr.com Open in urlscan Pro
172.67.192.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://qqslotthr.com/
Effective URL: https://qqslotthr.com/
Submission: On April 18 via manual from KH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 172.67.192.99, located in United States and belongs to CLOUDFLARENET, US. The main domain is qqslotthr.com.
TLS certificate: Issued by GTS CA 1P5 on April 2nd 2024. Valid for: 3 months.
This is the only time qqslotthr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 172.67.192.99 13335 (CLOUDFLAR...)
3 104.16.89.20 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2600:9000:26e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:26e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
23 8
12    172.67.192.99 (United States)

ASN13335 (CLOUDFLARENET, US)
qqslotthr.com
3    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:20::ac43:497e (United States)

ASN13335 (CLOUDFLARENET, US)
d3js.org
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2600:9000:26e8:2c00:19:d543:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.respond.io
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:26e8:8200:19:d543:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.respond.io
cdn.chatapi.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 qqslotthr.com
qqslotthr.com
1 MB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
49 KB
2 chatapi.net
cdn.chatapi.net — Cisco Umbrella Rank: 195456
1 KB
2 respond.io
cdn.respond.io — Cisco Umbrella Rank: 181862
45 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 767
30 KB
1 d3js.org
d3js.org — Cisco Umbrella Rank: 20300
54 KB
23 8
Domain Requested by
12 qqslotthr.com qqslotthr.com
3 cdn.jsdelivr.net qqslotthr.com
2 cdn.chatapi.net cdn.respond.io
2 cdn.respond.io qqslotthr.com
cdn.respond.io
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
1 code.jquery.com qqslotthr.com
1 d3js.org qqslotthr.com
23 8

This site contains links to these domains. Also see Links.

Domain
cepat.io
www.qqslot.com
Subject Issuer Validity Valid
qqslotthr.com
GTS CA 1P5		 2024-04-02 -
2024-07-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
d3js.org
GTS CA 1P5		 2024-04-11 -
2024-07-10		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.respond.io
Amazon RSA 2048 M02		 2023-12-09 -
2025-01-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://qqslotthr.com/
Frame ID: DB9A7B8D3AE820339BF3FF7F10893BAA
Requests: 21 HTTP requests in this frame

Frame: https://cdn.respond.io/widget/brand.html
Frame ID: 3B4079C935BFC27922BA7F629FFCB3A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mystery Envelope

Page URL History Show full URLs

  1. http://qqslotthr.com/ HTTP 307
    https://qqslotthr.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

23
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

1584 kB
Transfer

2162 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qqslotthr.com/ HTTP 307
    https://qqslotthr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qqslotthr.com/
Redirect Chain
  • http://qqslotthr.com/
  • https://qqslotthr.com/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866ec5dbc99498f117ac698604c3151085c566388af11d31a97bba2c062d88ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8764bbc9297939d3-FRA
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Thu, 18 Apr 2024 12:42:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxFO1FwbWf9kQjR6VrXqFyvusAGGJgeYcCY0vUstuG%2BdxIoLqYqZRamjZYcKX6C61pDGaDxcreFYSDloHBdSeldKi9NjDewPtUjH75nm7hp0RDvZPEOJeXX%2FJbtuiZjH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Cookie, Origin
x-content-type-options
nosniff
x-frame-options
ALLOWALL ALLOWALL

Redirect headers

Location
https://qqslotthr.com/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://qqslotthr.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
179206
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA, cache-lga21934-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0FxNsUkYUlPryOGuitlrVVyK8mgYJTiC%2BQ%2B%2Bz4YZvg%2FHWP3JafRkggdmizneDwcl7mgjbKDXjYCkFovGjWtT7PiFT8yy%2B2SOa8IDE1bNpenJ%2B9nR5bs5XPPPp8ekIe302M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8764bbcb0dd63bc3-WAW
style.css
qqslotthr.com/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qqslotthr.com/static/css/style.css
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b77b9400e39c8604fb1698bff3a751b15c517d9c664df2ce7e51fa649f2e8ee9
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 30 Mar 2024 06:38:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6607b37d-1a37"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neoZpKStwd%2BqrZiBYc4nhp2%2B4Zc4I%2FZWvpSMZELnSSNXZUFdjXVqLgH8pJeLS32DCB9NcXCotJiQ8U6mdUEQqYKbKZcjfpkVyJ25id%2BVELJGd55fa9E0FFybJrQ5ffMD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
8764bbcaab0d39d3-FRA
alt-svc
h3=":443"; ma=86400
style_envelop.css
qqslotthr.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qqslotthr.com/static/css/style_envelop.css
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8edf534545821ac912abea1bc58a23cebd64eb6ffdb99617cdbddb05e856a503
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Feb 2024 12:17:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65c617e4-97d"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asMIVbC6Gco2le3iZO3PTg72u9pmNHe3Cnv0tAlgMky56XbhST1XEoaSfbJ0H0571ZELcjZ1YFfBywv8MGFb8mTVwqukSwlvrJg4MvoGPHmLfiZrcvNP%2FxV%2B0zx7leha"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
8764bbcaab0e39d3-FRA
alt-svc
h3=":443"; ma=86400
title-ram.png
qqslotthr.com/static/img/ 		647 KB
647 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qqslotthr.com/static/img/title-ram.png
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75db5ff6810c660a7c36e70eec0bb85b36c81cd97c9ad78815e285369c2c5bf4
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:13 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Feb 2024 06:29:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65dd8158-a1a03"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zxgLwJIPDtvAiIQ6mx1nR1SEvUcYqDrlPEUjeA7zNJ2%2Bj2%2FrjoNSsGkeOYFQ1yuW8zkSHfCLH%2B3VtBU%2BAWwSRU2YZpijaqEUzffZ3uxO%2FNZofBfG7AIRMSV7wfJvg73m"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8764bbcaab0f39d3-FRA
alt-svc
h3=":443"; ma=86400
content-length
662019
envelope-cape-ram.png
qqslotthr.com/static/img/ 		328 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qqslotthr.com/static/img/envelope-cape-ram.png
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5feb74907ac59050ba97c100716de05788d8c52275aa59b46de50c235a2471c
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:13 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Feb 2024 06:29:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65dd8158-5205b"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZRNN8SUNvgIHxF0Jie2oUCvRSRfH%2FUobT7qfbEadL2Q%2B5iQNSQnsyWUWJTt7WWFqFcwir2OFVYK9BkjqbOmBArdUo72cc7JaVRH34ad1CaLfN%2Fu9CGgaVahlDuO4dDh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8764bbcaab1039d3-FRA
alt-svc
h3=":443"; ma=86400
content-length
335963
d3.v3.min.js
d3js.org/ 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3js.org/d3.v3.min.js
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c39718d1c0a3fb321676b3b7e29306c0907919a5716d5728bd1b08ae0169e7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-proxy-cache
HIT
date
Thu, 18 Apr 2024 12:42:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27
last-modified
Tue, 09 Apr 2024 03:37:19 GMT
server
cloudflare
x-github-request-id
2BAC:398C83:1D7C0E1:2768C5A:6614BA31
etag
W/"6614b7ef-250ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eoy61nGt501lsdsdJUnTUBwb8qxAfoQuP4pLUswHexnZOCUWSiHu%2FV722%2B4HLq90VOIG2AB%2BpzhPjJMgOrq6pAxWQE65jKRyuvJLfaIMFVVHR%2Bgz23TomGEpdRB4YhfGtN8HBj8U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
8764bbcb48349110-FRA
expires
Thu, 18 Apr 2024 12:31:34 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:13 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3400976
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga21981-LGA, cache-cph2320032-CPH
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1713444134.642083,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
59, 88195
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/popper.min.js
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://qqslotthr.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13932976
x-jsd-version
2.9.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230023-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"48a2-jut79x6Kl4uCoaGYAV8U1z0upZI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FxnK0%2B80auV%2BHEovVGTWJ%2BEtBsskq95vG1eWzwuoUE23lqDr%2BaMBXc8S29Pj9%2Bc7eDr1H7Jxs6orCyTaXdFvnt07kNnqNynggrcZv91aiBXYlbT1Y9QtHovkhBH8l4kCEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8764bbcb0dd13bc3-WAW
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.min.js
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://qqslotthr.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
288740
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230043-FRA, cache-lga21973-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"eab9-PwlPAQv7DAIqUbYneNQ2HRytP9Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSX6rheotCwpBEj8CLaHCTCDBQOlnurz8cek%2F19Xuh7CRtPMJHRnGCOgbd%2FPixk8UAiD9I0kzPLZuy17ROfQzi1SYYcNvFVmmZmFWdud%2Bs2Ggm%2BPg4igiLfGmdaO4vodBCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8764bbcb0dd53bc3-WAW
scripts.js
qqslotthr.com/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qqslotthr.com/static/js/scripts.js
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3f8ca86562dc57dbb9a8b2d8501ec00fe94c37f7f2b5374dd20d8a2a1b7be
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 30 Mar 2024 06:42:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6607b43f-2001"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r6zZRt3y0EnXDg%2BHGMKsVrgHlAteWbEyASSEEAizIV5PjPVv3qExrEnsrR%2B5Ch6YXzJWdfxojwI4AsRCgsX46BhAfRErwZMMxmC5io9h3BKOZDJ0r52x86ZF2lkG%2Fbwh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
8764bbcabb1a39d3-FRA
alt-svc
h3=":443"; ma=86400
confetti.js
qqslotthr.com/static/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qqslotthr.com/static/js/confetti.js
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d563a75c7d69d0321a121eae9579cb2f3589b9dea0fdcf6af152a9381934dc68
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Feb 2024 12:17:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65c617e4-1b61"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VO3DaFPpS73E%2BOLvpeCriTAZL9ZuEcK4ztk6Lk8Xq9bz2B1XqvujhnYsklpY4cu2nZ87gXt3KYSGhQgqw5YIcukY9Q2MFuhi6DJEFzgpdsbwnhD1GpLUkR5OmuvhuxRR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
8764bbcabb1b39d3-FRA
alt-svc
h3=":443"; ma=86400
widget.js
cdn.respond.io/widget/ 		126 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.respond.io/widget/widget.js?wId=f19ca30d-3c3f-4830-8439-8bed9a7bdb5b
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2c00:19:d543:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e015a492b9a9e1e79003256fdb4483c33c2bf5f3624f312625ee2794d71daa7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 08:23:30 GMT
Content-Encoding
br
Via
1.1 bb6970675ac5572387ab59ecc9abd23e.cloudfront.net (CloudFront)
Last-Modified
Thu, 18 Apr 2024 08:23:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P10
Age
15524
ETag
W/"a451cc35c30ed49ab14126a7d5d19c6f"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
uZONKYxmSh1ZdIskhYCErseZtikr9ha9Xy4rjP0E_WRZBxjEMm9bWw==
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 12:12:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 12:42:15 GMT
bg-ram2.jpg
qqslotthr.com/static/img/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qqslotthr.com/static/img/bg-ram2.jpg
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c70d15df32c5022c61289d0198ad1bdb05548c8547e9d2d0cd13a15563206b
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:16 GMT
cf-cache-status
HIT
last-modified
Sat, 30 Mar 2024 06:37:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6607b323-21b6c"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxFWvAgkcKosFEZFBFu1p0H9NNsVbCUFhB1c%2BXAlx87Y80eAt1qvTvYJmmIhqIVTe9qgdf704BQ7gwrDajxpHZcsB%2BIHJC5xqqxZNlsrtGR4ettPLre%2FksA4nPsOCb9G"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8764bbd749b839d3-FRA
alt-svc
h3=":443"; ma=86400
content-length
138092
voucher.png
qqslotthr.com/static/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qqslotthr.com/static/img/voucher.png
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f681bced4e70924d6f9d21f48bfe8eb73954fb6722dce3d2c17647075fba6702
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:15 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Feb 2024 12:17:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65c617e4-295c"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66LrF8pVtrqC6Ln15Tq%2FKHdW8CNtYs1906%2BGaLA%2Fr%2B8dLni78bxjIsNxi7QGk1ruJLWD04oDMrWtPdPefyW9bugl7zt%2BC3jwzduP8FPWFPHnb4BTWv00u64548B%2F7cwI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8764bbd749bb39d3-FRA
alt-svc
h3=":443"; ma=86400
content-length
10588
brand.html
cdn.respond.io/widget/ Frame 3B40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.respond.io/widget/brand.html
Requested by
Host: cdn.respond.io
URL: https://cdn.respond.io/widget/widget.js?wId=f19ca30d-3c3f-4830-8439-8bed9a7bdb5b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:8200:19:d543:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Age
15525
Connection
keep-alive
Content-Length
258
Content-Type
text/html
Date
Thu, 18 Apr 2024 08:23:30 GMT
ETag
"e36910a104673a5ce714015cae9ebbc1"
Last-Modified
Wed, 17 Apr 2024 09:13:51 GMT
Server
AmazonS3
Vary
Origin
Via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
n0PojUvmwfLU9F-APhz94i9SKno5n_WK_0TXQluM462jdg8Rl4VPdw==
X-Amz-Cf-Pop
FRA56-P10
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
popup.png
qqslotthr.com/static/img/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qqslotthr.com/static/img/popup.png
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de99dcbfbe1c4673d7675ccb86f1a348550002018971d848edaffba3cd0a9e9c
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:15 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Apr 2024 02:34:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"660f6318-1d86c"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTJ%2BX%2F3pZWdCkcDU5BIAOlz2Eua9Sa3FxxBY%2F8mRZd282omzJ7MZWpjRn814Ok6L1%2B9ULreadPB4p4zQ0eIA8SNsbMC8ZuozPzU5rWeotbpjgk0hZwwLO6jbm%2BrPrGyY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8764bbd7aa7e39d3-FRA
alt-svc
h3=":443"; ma=86400
content-length
120940
f19ca30d-3c3f-4830-8439-8bed9a7bdb5b
cdn.chatapi.net/integration/widgets/config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.chatapi.net/integration/widgets/config/f19ca30d-3c3f-4830-8439-8bed9a7bdb5b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:8200:19:d543:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://qqslotthr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Thu, 18 Apr 2024 12:42:15 GMT
Vary
Access-Control-Request-Headers
Via
1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
X-Amz-Cf-Id
P2XqvjDsmiMuoem1eCjYJJJmghowPSQ_LoiJeYpc0VsAPeRTzoz5wQ==
X-Amz-Cf-Pop
FRA56-P10
X-Cache
Miss from cloudfront
X-Powered-By
Express
f19ca30d-3c3f-4830-8439-8bed9a7bdb5b
cdn.chatapi.net/integration/widgets/config/ 		885 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.chatapi.net/integration/widgets/config/f19ca30d-3c3f-4830-8439-8bed9a7bdb5b
Requested by
Host: cdn.respond.io
URL: https://cdn.respond.io/widget/widget.js?wId=f19ca30d-3c3f-4830-8439-8bed9a7bdb5b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:8200:19:d543:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
602141e2442c995dc470e6ad281e16eb2c3aa379e62c8edcfe14ab99c9c0f846

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 12:42:16 GMT
Via
1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P10
X-Powered-By
Express
ETag
W/"375-2BrdGbtNQdRFtChu1tNOcWaE1YQ"
X-Cache
Miss from cloudfront
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
885
X-Amz-Cf-Id
e_HB28o5jmRN7I0w3cSAPCeIclZaa2QVqqEos-UTacr5IncY80-kcg==
/
qqslotthr.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qqslotthr.com/
Requested by
Host: qqslotthr.com
URL: https://qqslotthr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL, ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
server
cloudflare
x-frame-options
ALLOWALL, ALLOWALL
vary
Cookie, Origin
content-type
text/html; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tujcKxXzcmPz6e99zXXS%2BiX3bHk7hN863Sw4VQ34yvpYvrJv0ZhJRQrPRFcykbFKEQq3nBTgVogqzhnxejvNp0cHr%2B9RQb03NNFSPW1ZGhZoQqjGtTY2AwHqD5O6hBd5"}],"group":"cf-nel","max_age":604800}
cf-ray
8764bbddfbd739d3-FRA
alt-svc
h3=":443"; ma=86400
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://qqslotthr.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
463890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:50:46 GMT
favicon.ico
qqslotthr.com/static/img/ 		264 KB
125 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qqslotthr.com/static/img/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c947364d0ceec3824fbfbd2e0a55eee7b23b39aace0c9ad4a003ae7f17c824
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qqslotthr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:42:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Feb 2024 12:17:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65c617e4-4203e"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wnpo0XWiWdEqoBDtnlbuf3MS6Gn6KecMmw8XMUxj6Qtvkjz2rA%2F67N5ncKwQMoixq6zLyVCFiPH8cSJDhjATndOo81VHhQ4NTXLbN7hochfPIh0FcgaS6mSeZyD0iHoB"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
8764bbdf8e6339d3-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| d3 function| $ function| jQuery object| Popper number| uidEvent object| bootstrap function| close_popup function| checkFields function| showImgPrize function| callBackend function| openModal function| QrCreator

1 Cookies

Domain/Path Name / Value
qqslotthr.com/ Name: csrftoken
Value: gCr2J2lnGTU3V1Cpp8y08ESaADf3yAQi

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.chatapi.net
cdn.jsdelivr.net
cdn.respond.io
code.jquery.com
d3js.org
fonts.googleapis.com
fonts.gstatic.com
qqslotthr.com
104.16.89.20
172.67.192.99
2600:9000:26e8:2c00:19:d543:5240:93a1
2600:9000:26e8:8200:19:d543:5240:93a1
2606:4700:20::ac43:497e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a04:4e42:200::649
31c947364d0ceec3824fbfbd2e0a55eee7b23b39aace0c9ad4a003ae7f17c824
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
602141e2442c995dc470e6ad281e16eb2c3aa379e62c8edcfe14ab99c9c0f846
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
75db5ff6810c660a7c36e70eec0bb85b36c81cd97c9ad78815e285369c2c5bf4
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76c39718d1c0a3fb321676b3b7e29306c0907919a5716d5728bd1b08ae0169e7
866ec5dbc99498f117ac698604c3151085c566388af11d31a97bba2c062d88ee
8edf534545821ac912abea1bc58a23cebd64eb6ffdb99617cdbddb05e856a503
9e015a492b9a9e1e79003256fdb4483c33c2bf5f3624f312625ee2794d71daa7
b5feb74907ac59050ba97c100716de05788d8c52275aa59b46de50c235a2471c
b77b9400e39c8604fb1698bff3a751b15c517d9c664df2ce7e51fa649f2e8ee9
c1c70d15df32c5022c61289d0198ad1bdb05548c8547e9d2d0cd13a15563206b
d563a75c7d69d0321a121eae9579cb2f3589b9dea0fdcf6af152a9381934dc68
de99dcbfbe1c4673d7675ccb86f1a348550002018971d848edaffba3cd0a9e9c
e2d3f8ca86562dc57dbb9a8b2d8501ec00fe94c37f7f2b5374dd20d8a2a1b7be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f681bced4e70924d6f9d21f48bfe8eb73954fb6722dce3d2c17647075fba6702
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d