qqfunwin26.com Open in urlscan Pro
104.21.89.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qqfunwin26.com/
Effective URL:
https://qqfunwin26.com/Restrict
Submission: On February 10 via automatic, source certstream-suspicious (February 10th 2023, 5:06:36 pm UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 104.21.89.161, located in and belongs to CLOUDFLARENET, US. The main domain is qqfunwin26.com.
TLS certificate: Issued by GTS CA 1P5 on February 10th 2023. Valid for: 3 months.

This is the only time qqfunwin26.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	104.21.89.161 104.21.89.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
15	3

12 104.21.89.161 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qqfunwin26.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	qqfunwin26.com 1 redirects qqfunwin26.com	341 KB
3	gstatic.com fonts.gstatic.com	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	993 B
15	3

	Domain	Requested by
12	qqfunwin26.com	1 redirects qqfunwin26.com
3	fonts.gstatic.com	qqfunwin26.com
1	fonts.googleapis.com	qqfunwin26.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
*.qqfunwin26.com GTS CA 1P5	`2023-02-10` - `2023-05-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qqfunwin26.com/Restrict
Frame ID: 6818F9C6999572882338C4A4FA91FFC9
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QQFUNWIN | Restrict

Page URL History Show full URLs

https://qqfunwin26.com/ HTTP 302
https://qqfunwin26.com/Restrict Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

385 kB
Transfer

866 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qqfunwin26.com/ HTTP 302
https://qqfunwin26.com/Restrict Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Restrict Show response
qqfunwin26.com/
Redirect Chain

https://qqfunwin26.com/
https://qqfunwin26.com/Restrict

7 KB
3 KB

301ms
301ms

Document
text/html

104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qqfunwin26.com/Restrict

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d3fde6847f37ba0be151555a655b76247301a298545fbd737a801bd3d5780f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 79766f805e736901-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 17:06:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ldubg%2FczqGXDyEkfqb7v0zZmqAYpd%2BxKbd9mBh4VVshWy6XAg9j8NKtO9USlsuCxBG4ZZnXnqPVmhW%2F%2FODHCZbva%2BLFXk6OgPqDmAIuitQKbI9TYtIKl%2FWHfy2ejcMQF7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 79766f7cfa296901-FRA
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 17:06:28 GMT
location: /Restrict
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctdUcy%2FsdjbIuXx%2FLRhlRv7plSpRwDjX1avJ7nNJkzyOAMcUZhGDw8jGPOJGmd9x6T%2Bw%2BrWqnY7E1aVhmVRLCKgLkf9xx4jJUvR7cdmIIM0CQHY32ZAvm%2Fsd5oUpFeSA0A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 style.css
qqfunwin26.com/Content/Web/common/css/ 252 KB
40 KB 1501ms
1500ms Stylesheet
text/css 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qqfunwin26.com/Content/Web/common/css/style.css

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Restrict

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d6dd803fb33b1cf50f8427b99f9cbf5a4768bb1020f91e7f60c3eca9f37344df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Restrict
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:30 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 11:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"02d89f11a3ad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRQox23837x10MNnuMbtF4hL%2BEthtO1YvTXtLGEfJb5KCPm6bOnHZJYBgqcnsPWcXOXTbrPEHoNeS%2FKeJbnIb4mrn%2BxF5fKd7qMgaJdoDGBhjHQDtRDkakz1%2B%2BrMsjluGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 79766f82a9186901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 theme.css
qqfunwin26.com/Content/Web/common/css/ 60 KB
11 KB 1032ms
1031ms Stylesheet
text/css 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qqfunwin26.com/Content/Web/common/css/theme.css

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Restrict

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1e9a8da70122a7b3154e2f7bcbfbddeaaa334010c0d2cbaa2ee292f18e825b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Restrict
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:29 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 11:05:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"098cee61a3ad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9AFG2%2FSHRGeuw8zjpugAnN5ljaawn39KBoKlXDrQbjYI8%2BvYxQPgmkuk7lwunRa%2BFdgT4fFe0iMrS92VCqXRiEcjpnW%2FPNOghG4WAhF22b9nKmt5GVfXsJrvPsq%2FdbB%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 79766f82a91b6901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 site.css
qqfunwin26.com/Content/Web/common/css/ 4 KB
1 KB 569ms
568ms Stylesheet
text/css 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qqfunwin26.com/Content/Web/common/css/site.css

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Restrict

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

901d6cf924c81123702eae7580f8cd8b1f6d9f337aff708234bedfaf96042f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Restrict
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:29 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 11:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"02d89f11a3ad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkWFnZjxvWUfc0Yx1xT86gldtJyVn3mG3ZyReqiBqbk7SM1xIuL%2FmdaWrC7vO5wIl3Mb%2FC71EbZLXhQOU5IYrQ9k6AVN%2FZQQu4pufpBLkiare4Nq1A6bXpP83qF5AQ%2B2hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 79766f82a91f6901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
993 B 288ms
74ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway|Orbitron

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Restrict

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1b5b741161a9a24b739986b19838895cead39b1c7005abd52fdfbcf4eea8fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 17:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 17:06:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Feb 2023 17:06:29 GMT

GET
H3 200 logo_2.png
qqfunwin26.com/Content/Web/common/images/ 19 KB
19 KB 782ms
781ms Image
image/png 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qqfunwin26.com/Content/Web/common/images/logo_2.png?v=0e03d8098678936afc4632176508e17d221857ec

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Restrict

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

df2585016a92e13980dd42bc01d82cb8b28c5fcade2e30b207147675f621081a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Restrict
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:29 GMT
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19283
last-modified: Fri, 10 Feb 2023 09:16:47 GMT
server: cloudflare
etag: "68af7766303dd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrO%2FMA9lB3aCRvMxQKqrXeAHD3AggwLkXo4l6SQzhxDvgbtFCfUn0okPpenUFJETT3MCcDZlB6NLgNHkUdLLcy1IcZNS4Oy2pE8Yx%2FHzZhvRFQaIzlEo8zTgxaI4x3atOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79766f82b9456901-FRA

GET
H3 200 jquery.js Show response
qqfunwin26.com/Content/Web/Scripts/libs/jquery/ 290 KB
87 KB 1527ms
1527ms Script
application/javascript 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qqfunwin26.com/Content/Web/Scripts/libs/jquery/jquery.js

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Restrict

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cc8c085657a1166b67221cbf042563832f90ea409211548e14c3299356ea1399

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Restrict
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:30 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 11:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"02d89f11a3ad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9540AyArPjvclQ3meZ2gkex2WxT%2FDUvcs31Uw0IKBY08zkzo7uKDhqJzpEX%2BxhXQhuHm7M5jpcYt1lp9cjycb0I1nwEdZ73peWdkgt4gI6zryWqQ%2BfrgDdOeHmrFzmnKcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 79766f82b9446901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dark_footer.css
qqfunwin26.com/Content/Web/common/css/ 13 KB
2 KB 546ms
546ms Stylesheet
text/css 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qqfunwin26.com/Content/Web/common/css/dark_footer.css

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Content/Web/common/css/theme.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7627333ca1877d09c3235537bcaeadfd5be5eb6cf56212ddec215f2be1a85814

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Content/Web/common/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:30 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 11:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"02d89f11a3ad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96%2BP0VvlL%2BtgQzRI4ctCfGMs7ZSsaJKn7S%2FFpnlCRJg24aPaD30qAomRnDN%2F3ssV3EfOdL9KVXu3miZge0lKcbw1IElXL%2FKX0Dkd%2F0lu0S%2FV4rHS4IZRuxYsguAZskGkPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 79766f8919976901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dark_modle.css
qqfunwin26.com/Content/Web/common/css/ 3 KB
1014 B 547ms
546ms Stylesheet
text/css 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qqfunwin26.com/Content/Web/common/css/dark_modle.css

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Content/Web/common/css/theme.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ed7bae1a0350433aa4b5c2bc5cbe7f45b030437c7d63de48a61000240cbed295

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Content/Web/common/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:30 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 11:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"02d89f11a3ad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqPbKuoxA%2BbcLbJUIiVzB%2FloMIpHu26aN8cvAKe886r%2F1mwdLCpCCibkt2p9IdXpE9tpe4BPPPmLvnP8TCYIETqrYsSV%2FuKbv2AA5%2FUHvUdGnmkj3hChiaaVnjy5wQIXdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 79766f8919986901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 restrict_bg.jpg
qqfunwin26.com/Content/Web/common/images/ 115 KB
115 KB 1523ms
1522ms Image
image/jpeg 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qqfunwin26.com/Content/Web/common/images/restrict_bg.jpg

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Content/Web/common/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f7e74f340bf3bc720455c1d0faab3385f02790f31227ea6c864cd76fc2e76c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Content/Web/common/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:31 GMT
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117665
last-modified: Mon, 06 Feb 2023 11:05:20 GMT
server: cloudflare
etag: "098cee61a3ad91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCudNo5tEtLrEYQRkt7lfTAnbjcw%2B96iwGb4RYEqfd33yecwX366JtoVOVYqJznu%2B2IytaS6FbxHuCBbxuEovvlD31ZIetRPDorzSou%2FvlU4jMSMrSjch510fOcwHMiMwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79766f8c9d3c6901-FRA

GET
H3 200 icon_contact.png
qqfunwin26.com/Content/Web/common/images/ 2 KB
2 KB 544ms
544ms Image
image/png 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qqfunwin26.com/Content/Web/common/images/icon_contact.png

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Content/Web/common/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3b0a0ca398291ccd2279d18fb45f683851e03f96bd58be28cc694f580ffe471b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qqfunwin26.com/Content/Web/common/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:30 GMT
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1794
last-modified: Mon, 06 Feb 2023 11:05:38 GMT
server: cloudflare
etag: "02d89f11a3ad91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd26%2FN6A0TeZafaiQwnNGuZuoTCCZ8%2FzRcYtCBcxU%2FsamTrcr2G7%2B3ynDMOPQFG%2Bg7XFhYIGLq0U2ogpxML%2By1H%2B3nQeXD7Q8ejM%2F95LibpTIsZ6K7lbaTBWrteNbf8VOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79766f8c9d3f6901-FRA

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 181ms
53ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Content/Web/common/css/site.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqfunwin26.com/
Origin: https://qqfunwin26.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 00:21:37 GMT
x-content-type-options: nosniff
age: 60293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 00:21:37 GMT

GET
H3 200 Montserrat-Regular.woff
qqfunwin26.com/Content/Web/common/fonts/ 58 KB
59 KB 1008ms
1007ms Font
font/x-woff 104.21.89.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qqfunwin26.com/Content/Web/common/fonts/Montserrat-Regular.woff

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Content/Web/common/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.89.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d815b553fbf83d44f0e735e673ab0e98898b653974cd8edb65ac19421e984fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://qqfunwin26.com/Content/Web/common/css/style.css
Origin: https://qqfunwin26.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:06:31 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 11:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"02d89f11a3ad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAIcJ9MOdMfhtXHBhOpFWd0wr73kzyn12nfufeKoZ7DOBH5mLXQCtmeyAVkQgLwuSotfxTwb0AbCXSnip6yk7Jn0MLbm%2BdUPObQmOLBKtAcmicgY239s18zg%2FsbOrEL45Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/x-woff
cache-control: max-age=2678400
cf-ray: 79766f8c9d466901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/ 17 KB
17 KB 191ms
71ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Content/Web/common/css/site.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66ebd4ac253961eb0f81cd79787f1121e7dca85ecd5ad4ea4b513b43f7eb3332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqfunwin26.com/
Origin: https://qqfunwin26.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:53:40 GMT
x-content-type-options: nosniff
age: 342770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16952
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 17:53:40 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/ 7 KB
7 KB 53ms
52ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

Requested by

Host: qqfunwin26.com
URL: https://qqfunwin26.com/Content/Web/common/css/site.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2852d2462d64cf4179aa9397380ee32b82fea35d0a79dfd9ad94cca5cde0859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqfunwin26.com/
Origin: https://qqfunwin26.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 02:23:21 GMT
x-content-type-options: nosniff
age: 398589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6688
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 02:23:21 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qqfunwin26.com/	1970-01-20 18:19:44	Name: language Value: id-ID

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
qqfunwin26.com
104.21.89.161
2a00:1450:400d:802::200a
2a00:1450:400d:806::2003
1e9a8da70122a7b3154e2f7bcbfbddeaaa334010c0d2cbaa2ee292f18e825b66
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3b0a0ca398291ccd2279d18fb45f683851e03f96bd58be28cc694f580ffe471b
66ebd4ac253961eb0f81cd79787f1121e7dca85ecd5ad4ea4b513b43f7eb3332
7627333ca1877d09c3235537bcaeadfd5be5eb6cf56212ddec215f2be1a85814
901d6cf924c81123702eae7580f8cd8b1f6d9f337aff708234bedfaf96042f93
cc8c085657a1166b67221cbf042563832f90ea409211548e14c3299356ea1399
d3fde6847f37ba0be151555a655b76247301a298545fbd737a801bd3d5780f81
d6dd803fb33b1cf50f8427b99f9cbf5a4768bb1020f91e7f60c3eca9f37344df
d815b553fbf83d44f0e735e673ab0e98898b653974cd8edb65ac19421e984fa5
df2585016a92e13980dd42bc01d82cb8b28c5fcade2e30b207147675f621081a
e2852d2462d64cf4179aa9397380ee32b82fea35d0a79dfd9ad94cca5cde0859
ed7bae1a0350433aa4b5c2bc5cbe7f45b030437c7d63de48a61000240cbed295
f1b5b741161a9a24b739986b19838895cead39b1c7005abd52fdfbcf4eea8fd5
f7e74f340bf3bc720455c1d0faab3385f02790f31227ea6c864cd76fc2e76c5e

qqfunwin26.com Open in urlscan Pro 104.21.89.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

385 kBTransfer

866 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

qqfunwin26.com Open in urlscan Pro
104.21.89.161 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

385 kB
Transfer

866 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions