urlscan.io logo urlscan.io
SecurityTrails logo

qaly.online Open in urlscan Pro
172.67.164.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://qaly.online/
Effective URL: https://qaly.online/
Submission: On November 06 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 2 countries across 24 domains to perform 140 HTTP transactions. The main IP is 172.67.164.104, located in United States and belongs to CLOUDFLARENET, US. The main domain is qaly.online.
TLS certificate: Issued by GTS CA 1P5 on September 16th 2023. Valid for: 3 months.
This is the only time qaly.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.21.50.170 (None, )

ASN13335 (CLOUDFLARENET, US)
qaly.online
26    172.67.164.104 (United States)

ASN13335 (CLOUDFLARENET, US)
qaly.online
8    212.124.124.8 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., VG)
aj1559.online
3    172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net
www.googletagmanager.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    64.233.184.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f156.1e100.net
stats.g.doubleclick.net
4    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.de
www.gstatic.com
19    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
12    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads.g.doubleclick.net
2    171.244.56.108 (None, )

ASN- ()
server.zmedia.vn
16    216.58.212.129 (None, )

ASN- ()
tpc.googlesyndication.com
3    142.250.186.170 (None, )

ASN- ()
fonts.googleapis.com
3    142.250.186.34 (None, )

ASN- ()
www.googletagservices.com
2    142.250.184.228 (None, )

ASN- ()
www.google.com
1    142.250.185.227 (None, )

ASN- ()
fonts.gstatic.com
2    216.58.212.130 (None, )

ASN- ()
www.googleadservices.com
2    142.250.186.102 (None, )

ASN- ()
s0.2mdn.net
1    178.250.1.17 (None, )

ASN- ()
ads.eu.criteo.com
8    172.217.16.130 (None, )

ASN- ()
cm.g.doubleclick.net
4    172.64.151.101 (None, )

ASN- ()
dsum-sec.casalemedia.com
3    185.89.211.116 (None, )

ASN- ()
ib.adnxs.com
1    142.250.185.110 (None, )

ASN- ()
www.google-analytics.com
2    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
2    2.16.97.41 (None, )

ASN- ()
sync.teads.tv
2    3.75.62.37 (None, )

ASN- ()
ups.analytics.yahoo.com
2    178.250.1.3 (None, )

ASN- ()
static.criteo.net
Apex Domain
Subdomains		 Transfer
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com
426 KB
27 qaly.online
qaly.online
1 MB
21 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net
196 KB
8 aj1559.online
aj1559.online — Cisco Umbrella Rank: 60218
81 KB
4 casalemedia.com
dsum-sec.casalemedia.com
2 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
32 KB
3 adnxs.com
ib.adnxs.com
2 KB
3 googletagservices.com
www.googletagservices.com
179 KB
3 googleapis.com
fonts.googleapis.com
3 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
262 KB
2 criteo.net
static.criteo.net
3 KB
2 yahoo.com
ups.analytics.yahoo.com
569 B
2 teads.tv
sync.teads.tv
628 B
2 openx.net
us-u.openx.net
400 B
2 2mdn.net
s0.2mdn.net
121 KB
2 googleadservices.com
www.googleadservices.com
2 zmedia.vn
server.zmedia.vn
14 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
www.google-analytics.com
21 KB
1 criteo.com
ads.eu.criteo.com
cat.nl3.eu.criteo.com Failed
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
408 B
0 cloudflare.com Failed
cdnjs.cloudflare.com Failed
0 mytheresa.com Failed
cs.mytheresa.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
140 24
Domain Requested by
27 qaly.online 1 redirects qaly.online
19 pagead2.googlesyndication.com aj1559.online
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
qaly.online
www.googletagservices.com
server.zmedia.vn
16 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
qaly.online
12 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
qaly.online
8 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
8 aj1559.online qaly.online
aj1559.online
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
qaly.online
3 fonts.googleapis.com googleads.g.doubleclick.net
3 www.googletagmanager.com qaly.online
www.googletagmanager.com
2 static.criteo.net ads.eu.criteo.com
2 ups.analytics.yahoo.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 s0.2mdn.net qaly.online
2 www.googleadservices.com
2 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 server.zmedia.vn aj1559.online
1 www.google-analytics.com server.zmedia.vn
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
0 cdnjs.cloudflare.com Failed ads.eu.criteo.com
0 cs.mytheresa.com Failed ads.eu.criteo.com
0 cat.nl3.eu.criteo.com Failed ads.eu.criteo.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
140 31

This site contains no links.

Subject Issuer Validity Valid
*.qaly.online
GTS CA 1P5		 2023-09-16 -
2023-12-15		 3 months crt.sh
aj1559.online
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
server.zmedia.vn
R3		 2023-09-25 -
2023-12-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh

This page contains 23 frames:

Primary Page: https://qaly.online/
Frame ID: FB45DD14AC574E4657E8E2730E2D64DB
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 1D2A7A51BD4D6A533046DA1AE7FB9E53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1699262973&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fqaly.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833742&bpp=12&bdt=4932&idt=1086&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1493759020336&frm=20&pv=2&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1298
Frame ID: CE2AA103545F4B68BAAFF869D0E01423
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Frame ID: 1E370D7D0E1503584F6FCE67822CF080
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Frame ID: 778E3EC301D8DFD5EA155328617A6105
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E04C23C6BC8CD48E9D80903BF345D1CC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C5B42B80AC10C34F0CDA62A0606583C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: A89F9A310A5070605C1F2F2B7E028812
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 3B2567E4C885ED37CB74A9BA6CC06C5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 3FB61A4372277D42ED23338AF294CA5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 442457DA99772B4F69342A81BA87BA08
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: EFAEA9AA255B315409F09EE5D1F84F6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNXQg8gMQJJyJFW2s1OoAmUq8M0bQhh3hd-u4q-mDi5zFbQ0G1T7rb5mRxBQrkK_KgFfv8MZHshi-l9HqGiPkdFB0KLR5ii0_LYT6RE0tqBNgYBDSJwLUOJRW31EmocoGVyVh-A9WdoJHBTuIe4h4MteJZgfjyVrFkInBzf2p2kLHS1gSfo
Frame ID: A73A9FCC3937E851E0D989724A6E9395
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 82291760E45806193838C66329F31563
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUi5RAAOIqgEf4qaAA2Ri-pmYyo0m_B86JbO6w&u=%7CsWW%2F9cGvXBl72Ou8EEXDrf%2F7CuRywiQw%2Bo6yDVzabX8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANW_CtfDOy50yQjYpufCBH_kIesJtts_WVHL1g_ukIfgiby7pkF_U9iVog_u4zRqwaKO5pfEO2Noha9vWkY6Iwhqulp_pnaeiPO7FZLahi1x0Nz-b8e6DBF7f-o4TDC1JruD3WSpTSqF40ur5FtjkO4u1H9As7mx9D3XxAN8Xcx273MVe88bwIalZfWKOOh0BxuRgt3VtMdsj42otYcE7ND8dB55Oxi9fxPva4fcaIuQfRlmfF5C3OhedqqJ9lQTeUd0cD3OYIgzdONqOrQDM-pQwBrAESNcF3LTXffPxN2Yvn0hmJhpDjU9PZrFHDdHWf55_tJqUQfk_NCHqocbKRY4BQcX2ataof2u5q8Zik61gEjJuNUeO-bnKM4sORsF5TxHMYFTFL44BXRzbjUDa2SI_I-mwu2VEFeMGD6vU1aUToXeIy6mo_srP1_SRvWqUr6a4w321Rhd4QSCtkvA-mAXLUp27SYSw3Vmc16Y5GJxYOuj8K1B9XQK1iP3M614WONc75OZaQ8XFN8czp3kwyeLN1VHLzoNOObViRccfbcOM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCltbrRLlIZajFOJqV_tMPi6O2wALJntKxXM3x4t2IAcCNtwEQASAAYJUCggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAircdGgTAbI-qAMByAMCqgTuAU_QrUtxWWmzHo3HUeZtaPHj-BHtbXIejdiBfPBto8kQwpvgxmp5d9RZotxyxGzeyTcJKOcx5xtwRxE0gUQUEVvfXvbQoqRTK4SOvBSFSbwG7okLTebaXhqxSOQmwqKP6Hp3wRMz9OLzeuxK1BZ4jv_DtzE5VYa9LhMDmGf6c-QPL45URX2mB8woIv27n_E3Pb7esWrDCNNSQRts2udkkTKEbmAHCHmE60J4MZoxZ0jl3csQbNS3QkdiJlqfZ2wjO9dtVNLchLqFFg8HDTwMwOjrveAk7hQtp6Y0eV8kyKkDwMaA5VSdPfFq9k-uKcOABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kXkbK-TeWYUB2AezCiJK6nr7Ksw%26client%3Dca-pub-3619133031508264%26adurl%3D
Frame ID: C87E2715622D142CEC114E6D9DEB928B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNU2NRDlqFPXPyGbZ4Szuu1-9JSMDR8suI2FNjblT8kXmZ4LGD09nmwTF0L0t76Yc-1b_qMt45oAXUSVZQ6ourQ0mIokp92SdvjPqPS57rhVdQAGe78cXKS8EaQLW3NCdcauxHYe_8wfNdRNqI64QfUzdd7aHlAPtRRUT0gaNkKyjPIKWFc
Frame ID: BF8C6D0D9D36EC4CBAFABCD18ACF4A1B
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: D7B34DF4566D1C9D59D4723BE52B5CDE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNV1IGZU9HXcj_XECHrfw3UvDYKE9hvtuZoJsmX-CsJ03DUAamv-1N8JhqgjJdIQsqL94nPPejmmm3TWTuonYEhIasAORD7XSEuq0VR9Be5mm3a9VWqGIfdyhu6xGkzxw4YGo-u_p47pKLAqoEoyJ1ohYrj10RobQogA0_q7Ld7hKInTCLc
Frame ID: 172E85EDE585021BCFEDE480EFD004B4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 927A9B48FA2564A493434C25662B06F9
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CF88D4D400F0E2D3CFD0D89A0514FC19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=4867495553&adk=1754629098&adf=299928974&pi=t.ma~as.4867495553&w=300&lmt=1699262973&format=300x250&url=https%3A%2F%2Fqaly.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264841769&bpp=7&bdt=12959&idt=7&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D31f5ead40ea5a8c4%3AT%3D1699264835%3ART%3D1699264835%3AS%3DALNI_Maz4NSEKLRf_10yL2ZyQeoIv8H8-w&gpic=UID%3D00000cb6fddd7a72%3AT%3D1699264835%3ART%3D1699264835%3AS%3DALNI_MahXHjHqWSQ9f0SXrRciCTLLLr6kg&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C728x90&nras=6&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&psts=AOrYGsm79Aju0_vNxVv3hixDdG_ooeQ46mThh0HPxaRohx1P0ZtKr_2Pew-mO7r0QGYxDz-zjPHuEtkI2rGs3p17EFr8kg&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&xpc=Obr8S4H43t&p=https%3A//qaly.online&dtd=48
Frame ID: F21FC567BC3B661A5283FF52825E50C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Frame ID: 58D46171E269B53D8111FDA5A205DC1F
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0ADE547574E5FF300CC415D05CE55E06
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qaly.Online

Page URL History Show full URLs

  1. http://qaly.online/ HTTP 301
    https://qaly.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

78 %
HTTPS

0 %
IPv6

24
Domains

31
Subdomains

26
IPs

2
Countries

2682 kB
Transfer

5898 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qaly.online/ HTTP 301
    https://qaly.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CHRMNQ7lIZeHKDqGh_tMP2qO5kAzRsZ6FdNHivqSeEovi5pW8LhABIM7OhmhglQKgAaDst_QDyAEJqQI4lwhF1SmQPqgDAcgDywSqBPYBT9A_9euYtR-rGZWQWYdgyssj1CRBxkJRGghhle_5tgJ09CgNtXlFH-yEhVY1ozXfrL22eUZxQrhH3SqCh28ElvruCpH2dxxF2LeUowhm7AEV6Qa_KGPyDFdD8ag0Txzu4fahG-zkMqKe99bZWpw6va0E0PmTQ6Kt_ZMQcowd1psOG4z9BbgYw_k0aEMGHqZPvBvCX03mtKRJRQCGj4qLiFlIEgH0s-5Oz26PmAk7I1gvAnGazatfFYqKIrIGCnVFvIknNY66DL5m0myY86LoS8ppTTzqIovyWLZ6N6b1Z-0m6rdUtbJ3MLf99-9uTRmqCbbximrUwASKmcHb0AOIBY_656U0kgUECAQYAZIFBAgFGASgBi6AB8iTyAuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCbiwnSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkiaHR0cHM6Ly9wZ3dlYXIubmV0L2RlL2JsYWNrLW1vbnRoL4AKAcgLAaIMECoOCgy1uLEC5LSxAu61sQK4E-QD2BMC0BUBmBYBgBcBshccChoIABIUcHViLTM2MTkxMzMwMzE1MDgyNjQYAA&sigh=4JRwwdilaW0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNwqUPaoVvt9M7jFwpVHeycNVISIwq_8laiFYi4zlIh2q2nUIKV_WFHVkragopEsxmeC73d7Em4ym2DBl0gzjJQVbJVp69YhgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2287393747366152158%22,%22debug_reporting%22:true,%22destination%22:%22https://pgwear.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221049490976%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228567270622966920049%22}&andc=true
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATxj5xHGASgIDAnrVAPgDc&google_cver=1
Request Chain 110
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUi5SYHKoOIXUHZLjUc3ywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATxj5xHGASgIDAnrVAPgDc&google_cver=1
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEETQtJyhwOb-wLXFx1UIHnQ&google_cver=1
Request Chain 112
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDkwMzI4MTEzNjg4MjcyMw%3D%3D
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJGoVJ6FEcCWOS2ZTYuVazM&google_cver=1
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELC4N8Oh1bX47dy1EZCldeI&google_cver=1
Request Chain 124
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDMxYTY4MzYtOWEwYy00MDA0LTkyODQtMzY5NDFlNDQ2Mjdi
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPI9WR3LU8XQyUGhpmDWFw8&google_cver=1
Request Chain 127
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lR3h4ZkJORTJ1RWFtWWxLRzI3RWlHNWJUWEVuenNpUn5B

140 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qaly.online/
Redirect Chain
  • http://qaly.online/
  • https://qaly.online/
75 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6c4d7d0997a59f8698d7cb53dd63917bfe55cf6dc375b7dcb2db32b2cd4f8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=1745, public
cf-cache-status
DYNAMIC
cf-ray
821c7d5a2d931c34-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 10:00:28 GMT
last-modified
Mon, 06 Nov 2023 09:29:33 GMT
link
<https://qaly.online/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzMXv1Ys1hKITZdofeFgAuT%2BoWOZ4Qx36%2B%2BRxEnAsG2BkbCD1iDdze%2FqW4ObxFyAtOzbcVpBMFIM%2BBOg2k%2FpGWFdZZuy4NTouQ8Tx6zAfKCrJx%2B3TBL7fxjyYldNVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
821c7d48992e3826-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 06 Nov 2023 10:00:25 GMT
Expires
Mon, 06 Nov 2023 11:00:25 GMT
Location
https://qaly.online/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xucsQB4gy17hY7HGAeQ4q4MU134cB2LKhDDMK8%2FwA4vtcILuhVcyLAQSXXSmqzvyPrxFYO%2Bopn5pWOngzHU3c2dqdaenhsbpUF78%2B1WOsBSogUDpNO3xWuGzEyja8g%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400
style.min.css
qaly.online/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-includes/css/dist/block-library/style.min.css?ver=0621ff1d1a7a69c31fa9c0bd192756a5
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:29 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2094432
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 28 Sep 2023 03:01:12 GMT
server
cloudflare
etag
W/"6514ec78-19824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XK8ilcUW0bTH379zMNVo870xUALJsiMmzAfvF5GXCqg%2F%2BqnkqWBZB87zfRpQ17EqIdy3eSK7onvRsXmmrRmlkMwBaJIKJs%2FYSTLDB1SElwdhM8M4%2FSFdGDVvlxZ%2Brg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d5ecb181c34-FRA
expires
Sun, 12 Nov 2023 03:56:36 GMT
style.css
qaly.online/wp-content/themes/enjoymini-pro/ 		47 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/style.css?ver=20221104
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99cf192ab7c04c043f13e57cd7a3950cd36aa4bcbf489f40c84b6b1b9dc854c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:29 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393331
cf-polished
origSize=65193
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
W/"643a0618-fea9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTHghBwITyJNAq4Q4P8R82CL07cSZtuRmlr3b1kWNOYkAmfdmXEar1Qn%2FlbAePZcOcmhIjm28KHM6ufZZKiIGKxUTaKgt8V6W0lhof%2BUEouWupkAfkochS7ZWmgniA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d5ecb191c34-FRA
expires
Fri, 01 Dec 2023 13:06:16 GMT
responsive.css
qaly.online/wp-content/themes/enjoymini-pro/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/responsive.css?ver=20221104
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b267a683e31c4faf2cdee41bd70aa93fb8bd87b37358b243f3abae5c56ce5a3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:29 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393331
cf-polished
origSize=8442
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
W/"643a0618-20fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hF9I6a%2F480lmGpHM%2FbI4uQJUrtdNCU%2BuUaJ%2BNW1PQ9qhcTMrXrXukkp8AjygSHAwIm5%2B%2FFU0GhnqYtbUGvnDBc8DMdXsueTw%2B8%2BN31YNKLsq6%2FPiwttyDNVXRIlKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d5ecb1a1c34-FRA
expires
Fri, 01 Dec 2023 13:06:02 GMT
genericons.css
qaly.online/wp-content/themes/enjoymini-pro/genericons/ 		36 B
370 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=0621ff1d1a7a69c31fa9c0bd192756a5
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffd83d094e6b3078255ba6f5df8fa60f2716b5cf558916a9ff30dca79631159
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:29 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2094432
cf-polished
origSize=154
alt-svc
h3=":443"; ma=86400
content-length
36
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
"643a0618-9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FGhJznqrVKTw3NWMdJ1DrhIaQzVDT3HaC4HKTfLr1TBqeThID0Y0GLCJBixAmASVm%2Bvm3HtT9nGPyiiBh2I9tnMUz7Z8ejOBc6Ca5E6EY9USFtKJGVPSR8tgqp2pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821c7d5ecb1b1c34-FRA
expires
Sun, 12 Nov 2023 03:56:36 GMT
Vercel-anh-8-510x300.png
qaly.online/wp-content/uploads/2023/07/ 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qaly.online/wp-content/uploads/2023/07/Vercel-anh-8-510x300.png
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb69b4bccd681e1ecfd211f298d7ca815a2f5a6677e329c05843ca392d8ce81
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:29 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
189351
last-modified
Wed, 19 Jul 2023 12:17:17 GMT
server
cloudflare
etag
"64b7d44d-2e3a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMilLPWZDjdd0LZ5a7hBvuYr5GxYefqjyCh3Q5YuLmzKMugid%2Bg52FCVO0%2BvcLEanK%2FCz7ysmAWFNfWBM5Pxd6NWWJ3beYzjDHyRdkHGAAZkYNO%2FdHGHu5lnG2lZ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821c7d5ecb1e1c34-FRA
expires
Fri, 01 Dec 2023 21:33:58 GMT
Vercel-anh-6-420x247.png
qaly.online/wp-content/uploads/2023/07/ 		189 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qaly.online/wp-content/uploads/2023/07/Vercel-anh-6-420x247.png
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6cdcadd011ec5af365cbd557e1948eb47fff4abf7d28815c6cf6b6c29fd1d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:29 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
193399
last-modified
Wed, 19 Jul 2023 09:40:36 GMT
server
cloudflare
etag
"64b7af94-2f377"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhLm4qZkASEUyT97Q07jgiOSuWy9ee2KZPug8Nn2NZQ9JzDg3BVxGctfaGLCpcHNCoGnalIX0WHnFWmnwB1YZ2yype1AVxHsC3pfdwip2njYwtKx9bOoSb%2BD66t2Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821c7d5ffc7b1c34-FRA
expires
Fri, 01 Dec 2023 02:09:59 GMT
Vercel-anh-3-420x247.png
qaly.online/wp-content/uploads/2023/07/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qaly.online/wp-content/uploads/2023/07/Vercel-anh-3-420x247.png
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
764f78f5eeb34fc0794f0f9a1c4bec984901b938359cbecde952c32a51bd0576
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:29 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
196278
last-modified
Wed, 19 Jul 2023 08:10:40 GMT
server
cloudflare
etag
"64b79a80-2feb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTUb56NIqf6eefXPx7NwXaV2PPdDP86%2BagZI%2BHuWHhhyM%2FfeXUE6HYbKM4BeHt202latyNLY6Cnbd%2F6rTY3hbEOUJ6kXN%2B6mIMy7Q7mSgEOmEImeg3oQZxNRhgNFQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821c7d5ffc7c1c34-FRA
expires
Fri, 01 Dec 2023 18:23:01 GMT
Vercel-anh-2-420x247.png
qaly.online/wp-content/uploads/2023/07/ 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qaly.online/wp-content/uploads/2023/07/Vercel-anh-2-420x247.png
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7e9a3b46af89c9e24285f769ab4bac6fe3b41e29fc146bdcb654a7367c0b6a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
211881
last-modified
Wed, 19 Jul 2023 07:12:13 GMT
server
cloudflare
etag
"64b78ccd-33ba9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVYttvWcDiRF7imJb5mX7N0jvsEuGw30dyLXkecfh4qG%2FeHYnC2A%2B04IXm6Fvb3FeKELOKkHmhdLhLw%2FNorSoRtO2pG04geIINODJGs2r783VVKTByxqLvv8Q%2FvCbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821c7d64393a1c34-FRA
expires
Fri, 01 Dec 2023 22:24:48 GMT
1-8-420x247.png
qaly.online/wp-content/uploads/2023/07/ 		158 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qaly.online/wp-content/uploads/2023/07/1-8-420x247.png
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7419302eeffb8e241649863038eb7d7c71428ba93a1e70c53b869230d2c38e12
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
162004
last-modified
Mon, 14 Aug 2023 16:59:46 GMT
server
cloudflare
etag
"64da5d82-278d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lDsgCsJj%2F8JwCVJpJAgKEuyxeqWa7p5W7WoYubvWE3unQUkOZBGfW5pU4eYfX%2B4T%2Fzi7P%2B396MpqNxswIF%2Fjfk1gMFO7cDyqw%2FUWMANJeWW8kHUdX1607XDjAv5dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821c7d64393b1c34-FRA
expires
Thu, 30 Nov 2023 22:35:02 GMT
1480-300x300.webp
qaly.online/wp-content/uploads/2023/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qaly.online/wp-content/uploads/2023/11/1480-300x300.webp
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19cd4fa0b40ed2d8f6061973d8b90fbb0a11bd354aa58c2e4adcd5d522b9125b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
8842
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 09:27:12 GMT
server
cloudflare
etag
"6548b170-228a"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSWki%2BGxrB%2B4K%2FH8mgF3KgUKB%2F2dr%2FhdvJ8ulYc7JpRFqtkoak6GfoOcR5WnDsH4%2BXWS90IuRp%2F0gO4hpkPf9EnQJDL18JusMTqAL4kJaI%2BGVb3gJzrHc6b6UkgB2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
821c7d64393d1c34-FRA
image_654865006cc1c-300x300.png
qaly.online/wp-content/uploads/2023/11/ 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qaly.online/wp-content/uploads/2023/11/image_654865006cc1c-300x300.png
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a24cee27514c1e6b18872f9ccdd346abd21cde168ea6a735b5eb498df8646ef
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2488
alt-svc
h3=":443"; ma=86400
content-length
169388
last-modified
Mon, 06 Nov 2023 08:33:46 GMT
server
cloudflare
etag
"6548a4ea-295ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIv1vBR%2BUVDoCaifecJqCuWBePbAYRkyoFY5is5NbLFwKjm3ohDLYOgqiET3CD3A5HiN9V0oLOBCNWfpGgrOnyxilRzcNx5nfJw2CP4UxQioU6CQcrpV0scNcoUwDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
821c7d6439401c34-FRA
expires
Wed, 06 Dec 2023 08:34:12 GMT
rocket-loader.min.js
qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2023 14:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"653bc982-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4JiiisHipvS9PWD56%2FkB4KR4hh2gA4GAx5FoqW9VxPv0Md69uQ6WqhmZ%2Fu2HSTra4bk4fpzG1TDfUSyqN7Vc9DURhMaqSv7ll9N4mOWzm8d1VRPrnF5ur2hYUbKrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
821c7d694ea31c34-FRA
expires
Wed, 08 Nov 2023 10:00:30 GMT
genericons.css
qaly.online/wp-content/themes/enjoymini-pro/genericons/genericons/ 		26 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/genericons/genericons/genericons.css
Requested by
Host: qaly.online
URL: https://qaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=0621ff1d1a7a69c31fa9c0bd192756a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e77b4ab0368538b8c5a3fbcb36c31bc07d2798a8bc2fceeea6feaf8cbec859
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=0621ff1d1a7a69c31fa9c0bd192756a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:29 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393330
cf-polished
origSize=28266
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
W/"643a0618-6e6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pErjtxO95vNg384xN3l8S3HskWxfx3%2FHf0bgJxYChGbbMa9n%2Bob5CgsT3HFqZgQ%2F99IRzDRiYarWqGAZmOGWflALe34XMUt7hJC1CfwCv5I2%2FjdAOp%2F6mLk5%2FCN9ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d5ffc791c34-FRA
expires
Fri, 01 Dec 2023 13:06:52 GMT
normal.woff2
qaly.online/cf-fonts/s/inter/5.0.13/latin/400/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qaly.online/cf-fonts/s/inter/5.0.13/latin/400/normal.woff2
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfae853d0abfff55c2ba972994948fbfb7f42b03ceeb37b8126b6be4d4db6a01
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYALrbeTIkTcHHq2B4acuoC87rBxaQ8GacNT%2BUH%2BLmrHwHfejGK%2F5IFF7gy6O2z%2FutyLSAm7xDXwWn5kjiFJnGP85RqLRGybDo%2F0DRF2KEuXFfiPAs7L9x4vw6d2sA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
821c7d6368341c34-FRA
alt-svc
h3=":443"; ma=86400
content-length
16708
normal.woff2
qaly.online/cf-fonts/s/inter/5.0.13/latin/700/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qaly.online/cf-fonts/s/inter/5.0.13/latin/700/normal.woff2
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e97d4341e2c3464cab7b1bb27222ebc1111dafd321fadf41c9d99f8a779420f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqiJ6c7A3G6K%2FG3dT6ooWHCaf7rZhlQ3qkzS6%2FzyuskE81%2BWOR9SWVzwLHWPLm7856bGz%2BcdyOkwfJhICOmMPLLzHtUGyu2eTqNrHqUqr6ydsxdDQCUqHK28Rjeonw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
821c7d6368361c34-FRA
alt-svc
h3=":443"; ma=86400
content-length
17784
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
normal.woff2
qaly.online/cf-fonts/s/pt-serif/5.0.16/latin/700/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qaly.online/cf-fonts/s/pt-serif/5.0.16/latin/700/normal.woff2
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fffd4228b8aff8925312f07f526c7bba9b8feca22a7dd4dfeb1e818ee7672b7f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsApk7P%2BDCT84l4f0MDwvhYKIaepZlwhv1U7uGkvJIxXyuSO7lvuZtcLAuPDQJ9sO9tXoDzxsCEQgwJkRtCd40EIOmKXo85gb6KLF5oSMXXzI0PU3GmEMMGed3CW3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
821c7d6368381c34-FRA
alt-svc
h3=":443"; ma=86400
content-length
29492
normal.woff2
qaly.online/cf-fonts/s/pt-serif/5.0.16/cyrillic/700/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qaly.online/cf-fonts/s/pt-serif/5.0.16/cyrillic/700/normal.woff2
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83601bbf9aa79c6e1b524cbe7675d530db025d0a38d5eba2bd6dcd06e951508
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnMB3ICjlonn%2FGVolChJ8XHTvWZn%2FfqBFfEbxXvRTJosRPbHqEA6t9xlpBrgfkLdk12TazrMk5XcUky1PT%2F%2BdzZeKb6UAYGqwSmtgl3VOMGLicc2gd7UdkrRys8nuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
821c7d6368391c34-FRA
alt-svc
h3=":443"; ma=86400
content-length
20776
normal.woff2
qaly.online/cf-fonts/s/inter/5.0.13/latin-ext/400/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qaly.online/cf-fonts/s/inter/5.0.13/latin-ext/400/normal.woff2
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785ad2c258759b12691f81bb3624e792869eb5bc212271a7f33a1425996169cc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGaKzwAip1fPL29u1NJ4zHkCcTRnD6NzpqIHdfBPSSwdYTgBoY%2Bxu0yAZEadsHN7xGq2j8Pl9DMnew7R0Mk%2ByZUeu1B5RPgfKG%2F%2BawitKKKhNed%2FBns3X8schV3UnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
821c7d63683a1c34-FRA
alt-svc
h3=":443"; ma=86400
content-length
20432
normal.woff2
qaly.online/cf-fonts/s/inter/5.0.13/greek/400/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qaly.online/cf-fonts/s/inter/5.0.13/greek/400/normal.woff2
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595a0474fe0a00214be3093637f5390ddc087238e34bb994a004f0dfc1ec56ca
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2ByibAWsE8Msus8eCCIPHg9VB7uDe8VB0%2BclWmtfGJA56cRJCMcHFW3iq0EKweUSLgFWai2F30H%2BIK728En53H7MWdKQRFpWIQuJYVaZTrn2KWjgIdfTSPnHpq%2Bf8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
821c7d63683c1c34-FRA
alt-svc
h3=":443"; ma=86400
content-length
7936
jquery.custom.js
qaly.online/wp-content/themes/enjoymini-pro/assets/js/ 		856 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/assets/js/jquery.custom.js?ver=20221104
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab604b93177ff826952980a53cf8ddcaf06aa7df8fa00e79916786a26af5f1c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:31 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393331
cf-polished
origSize=2291
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
W/"643a0618-8f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKutqZjRRSoOCk%2B9VRXiVqbdlBMx%2F523kPgTVQBC2FZBKJJTFz%2Fkl%2BFBlpbEM8Keff9S1Fq9t4bNl2ukX3wmiS0WdEZvxqYT26Fcii4IzVSx3feeX2onY7odKxryNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d6a98111c34-FRA
expires
Fri, 01 Dec 2023 13:06:51 GMT
index.js
qaly.online/wp-content/themes/enjoymini-pro/assets/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/assets/js/index.js?ver=20221104
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
124c62cfd395550a54fc8c6a8091a4cdb544c03232556dc9c4636eafa4a4ac1a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:31 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393331
cf-polished
origSize=30630
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
W/"643a0618-77a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTNtwv9ivZb9wTyzikqWkBRmP92lHYZQNG56gQAJMe6ZTPB%2FBm4GRgC%2FSL71swhsPmxjV%2BLYvD2WkFNb59lBKDnvijaE0kWEv8AdiQG9N6S2vRoZvFl6wkL01nkpRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d6a98131c34-FRA
expires
Fri, 01 Dec 2023 19:12:19 GMT
theia-sticky-sidebar.js
qaly.online/wp-content/themes/enjoymini-pro/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/assets/js/theia-sticky-sidebar.js?ver=0621ff1d1a7a69c31fa9c0bd192756a5
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3f4135ae3d85f96b87f9ecaab5099b1e9249a778b10114f3e53307e25b7a54
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:31 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
390961
cf-polished
origSize=16324
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
W/"643a0618-3fc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEdWGcO0KizT5ksgSngoJB458VAunQoMqjq4%2ByLBeSeI1VBU7c834L6v2mxy7rmol%2FHjiegQvC8uFB%2B4zf8Y4IwEbgq9nNb8UujgruVOFHCN02DqVQkK6KhiZVpc0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d6a98141c34-FRA
expires
Sun, 12 Nov 2023 03:54:00 GMT
html5.js
qaly.online/wp-content/themes/enjoymini-pro/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/assets/js/html5.js?ver=0621ff1d1a7a69c31fa9c0bd192756a5
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db9c8447699b34c4433d48a6b3a1fc1df74f4258935953c377bda8267144918
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:31 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
459185
cf-polished
origSize=10330
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
W/"643a0618-285a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxLJcNutRY%2FWtt0zdtax5TxkPutE%2FELkxZMomNk359l9ilwBXuH0A0Mbd%2BggdclWJHTInX%2BRd81plF%2FylvFeyIVFjlwHy8VP2%2BlsgsA7qnkETJhDsFigDtYi0ErcUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d6a98151c34-FRA
expires
Sun, 12 Nov 2023 03:54:00 GMT
superfish.js
qaly.online/wp-content/themes/enjoymini-pro/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-content/themes/enjoymini-pro/assets/js/superfish.js?ver=0621ff1d1a7a69c31fa9c0bd192756a5
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9ecc05c7a6ae6794d682b669ae960b83822e8b57e1a5e675ca8022f366ea0f0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:31 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2094434
cf-polished
origSize=7548
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Apr 2023 02:04:08 GMT
server
cloudflare
etag
W/"643a0618-1d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3P%2FFA0cLxF3R1EMEw7IvYMK1YXFhzGrgOvYUTOEio%2FnHeHmcaOT6VuIzhH9yQCEdzDqfL8jv%2BFwqYYq21aOJ9faIb1nkLK8zB1LyrkWZBmrdmZYRhVwlSUTWUhHDXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d6a98171c34-FRA
expires
Sun, 12 Nov 2023 03:54:01 GMT
ba298f04.js
aj1559.online/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aj1559.online/ba298f04.js
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software
/
Resource Hash
1d6b26536813e72b173bee43e13d4a8d1db849762c76fa4e698523a4659ae8ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:30 GMT
accept-ranges
bytes
etag
"0b851e8863fb276e3ec8a72acb8b8a095"
content-length
37213
content-type
text/javascript
js
www.googletagmanager.com/gtag/ 		248 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
fe54ab1001abf8ff888f7374813aff1a2e5657139a7edf3df2f27add3072362a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87243
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 10:00:31 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1ZX1HV2N9R
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
07a0ec7367292a81faaf5c02a8a2d49bd381d8712b2e58668b4e551f2f793a21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92910
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 10:00:31 GMT
jquery.min.js
qaly.online/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qaly.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: qaly.online
URL: https://qaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:31 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393331
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 28 Sep 2023 03:01:12 GMT
server
cloudflare
etag
W/"6514ec78-155ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XykMcv8VXVBBNNHFftFNRG%2Bt0rIs8JlaGPYVxR2pwrfSgmjjMNxHPIzn8%2BWgj81yMA3sGf1hSmIPi4zs%2BZIHqmqI0CjTPXSTmKecRLTzCTwWYAb3swmStswaDAR4FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
821c7d6a98181c34-FRA
expires
Fri, 01 Dec 2023 13:06:31 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1ZX1HV2N9R&gtm=45je3b11v9133840034&_p=1699264831630&gcd=11l1l1l1l1&cid=1771346187.1699264832&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699264832&sct=1&seg=0&dl=https%3A%2F%2Fqaly.online%2F&dt=Qaly.Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7169
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1ZX1HV2N9R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qaly.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1ZX1HV2N9R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
48f080858e12ebc3b2042580c4301e3c852bddc3a25a5c2a18aa23d6f735d0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87312
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 10:00:32 GMT
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PX3PZ6Q9RG&gtm=45je3b11v894073191&_p=1699264831630&_gaz=1&gcd=11l1l1l1l1&cid=1771346187.1699264832&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699264832&sct=1&seg=0&dl=https%3A%2F%2Fqaly.online%2F&dt=Qaly.Online&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7451
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qaly.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PX3PZ6Q9RG&cid=1771346187.1699264832&gtm=45je3b11v894073191&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qaly.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PX3PZ6Q9RG&cid=1771346187.1699264832&gtm=45je3b11v894073191&aip=1&z=950556403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zVlOOhMGXXwiuQRYj7fO4WeXqG9zSn42q6O_2p943lsmqpWMTmQRnTZblxogriG5tFCuWucOpzEFuciQxOc50nW0i-E0j-aq7SE9Axv37ZZxI9vClScC3sJuftVD6rOvtEXtjXV8j1qQR-5AXmhUtKNMKbHZTlZ8LXO__oDZo1DnigQZST1A4YyAQ7LsKvkCMhOMw...
aj1559.online/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1559.online/zVlOOhMGXXwiuQRYj7fO4WeXqG9zSn42q6O_2p943lsmqpWMTmQRnTZblxogriG5tFCuWucOpzEFuciQxOc50nW0i-E0j-aq7SE9Axv37ZZxI9vClScC3sJuftVD6rOvtEXtjXV8j1qQR-5AXmhUtKNMKbHZTlZ8LXO__oDZo1DnigQZST1A4YyAQ7LsKvkCMhOMwifCt74HNZhMMM-dXqNVPfORJYXhmJqUSrLO3jUFYhnlME1XMTFzUcwUena58ISymBIXd3VnEoTMEjdYBiLiYj6dtCXx84yRY7We5KFt9SF-uwk4vD5Ufs2WW7OVHfp3e55mABMbUy-7-9sWeWlOG243vS_ZcepwVBeVZ1O3L6pSmMxbF8_kXWftnYyFAc7UOO0kUw7648uPma1Z9mL1H64Idis9VdBiieQF1kx3znTPAiYfsGEwhRR9r9g?
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software
/
Resource Hash
de688e49f8f01d0c3566fabc9ca3151230aef637eefc40d652e9b5aa9e88666d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:32 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://qaly.online
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
*
content-length
1250
expires
Thu, 01 Jan 1970 00:00:00 GMT
zvXlpxG4s4ZdF813sFtcHkDt2jwu4ONh8xNozkGl9f-msQkdZ2vaFpcqRZ5bL1DX0kOXjpANQ7MG0YlzvWbmbBjjfJ32s8VRCYoki04LIpI0k_UCHuuDg-hUYLnjKzENZowN3OnODGePP7eiLOHE-haWc8gIM_X84c9_ZOwJYE5YTUS5ZxYGyzRGhLlQiCvH3SPRz...
aj1559.online/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1559.online/zvXlpxG4s4ZdF813sFtcHkDt2jwu4ONh8xNozkGl9f-msQkdZ2vaFpcqRZ5bL1DX0kOXjpANQ7MG0YlzvWbmbBjjfJ32s8VRCYoki04LIpI0k_UCHuuDg-hUYLnjKzENZowN3OnODGePP7eiLOHE-haWc8gIM_X84c9_ZOwJYE5YTUS5ZxYGyzRGhLlQiCvH3SPRzo0k7l4vYKzgSOu69n4kXSS_cPbOKxpgKLsFjTsnJAnL5vFYDOBNEzB5qrhjRWKUL2dVWHi_TdEusgvpCXqEnhjkbQhcGvHtVzvkoQY1bkHRQJdnpHzFTeagLOl9qgUz1sTD8fBTvKVUt2AQ61pRdCO9a5TAdP74vBcwYev5STLoLZ1MyALdwlLmj8xQPUWttRUHH1NsxDV5qjN8Y3GOUkJOVG0WZtY3fTeQ5cazLfROBtafoHUUhREtk8Q?
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software
/
Resource Hash
ab743018cca2dc41e351f85b9b01c832fdb9bc3699b53af7c729359d611b5c09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:32 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://qaly.online
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
*
content-length
1675
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
531a69d854ce1186b82b1c09d4950ea7c7a4e2e1f3d3804d5bd7bed3b1a6c569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52229
x-xss-protection
0
server
cafe
etag
4818630794992042245
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:33 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 		399 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e62f1fa664c81c7e2d2accf66ca76e3045f7e5054630e4ec0d460cdb9b96bdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138239
x-xss-protection
0
server
cafe
etag
1686475261227665539
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:34 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 1D2A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1883
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 09:29:11 GMT
etag
16674218716276178799
expires
Mon, 20 Nov 2023 09:29:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ba298f04.js
aj1559.online/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aj1559.online/ba298f04.js
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software
/
Resource Hash
354bf708f85a99d8c788becee29b97c8f4f31f6679622903d34707007ecd264f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:33 GMT
accept-ranges
bytes
etag
"0aaaa532eae94d0ca5c733e961b896ea2"
content-length
37243
content-type
text/javascript
zz6Ja8CM-ZKUZo02aQWjxdOzumQH1z9m2qCTvKNeNN_lNmkEXfjcP6Kfzzs0fGc-Kn2cBr8EbInKxxfm_fj7PTietBjel6Evfu6P739gLlIundUPevZ8HluUzFXQtfJU6Z-97B4iEtoRkPSJuxkqchXytSzkLepiEvC79SZYA2ID5nOx2YU36TT0RlU76inWnuACI...
aj1559.online/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1559.online/zz6Ja8CM-ZKUZo02aQWjxdOzumQH1z9m2qCTvKNeNN_lNmkEXfjcP6Kfzzs0fGc-Kn2cBr8EbInKxxfm_fj7PTietBjel6Evfu6P739gLlIundUPevZ8HluUzFXQtfJU6Z-97B4iEtoRkPSJuxkqchXytSzkLepiEvC79SZYA2ID5nOx2YU36TT0RlU76inWnuACIjHS_ZZBbqiRpY2jDd7F7_ExnXeCDFqc7maNU7-Yk6AEjHzuT2Pp7k-d304OK6cSEg7SE44PmmNNBjgh62uRaOGChTZc2Lb5LC9HhdL_dmHGND3H2-iEOY-anmPuFUljsb9bWDRYK6zkgo68QJGiwh0drw-yciX_tcw2PDjmP8eOJ0WmCi-todL6zIv66Ty9j9IrpvfLQTeoxSWinXvLiyOgsfBWyml-aK4DUEeXCzrN7kg64FBhzRR9hoA?
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software
/
Resource Hash
a6c71d9fc36666dd7ad31f5af0c94248ef67974c16aad43adb869c4e614d82e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:33 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://qaly.online
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
*
content-length
1901
expires
Thu, 01 Jan 1970 00:00:00 GMT
qaly.online-passback-balloon.min.js
server.zmedia.vn/static/template-v2/passback_balloon/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.zmedia.vn/static/template-v2/passback_balloon/qaly.online-passback-balloon.min.js
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.244.56.108 -, , ASN (),
Reverse DNS
Software
Byte-nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Mon, 06 Nov 2023 10:15:39 GMT
date
Mon, 06 Nov 2023 10:00:39 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2023 10:09:22 GMT
server
Byte-nginx
ef-country-code
RO
etag
W/"651a96d2-468d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
ef-cache-status
HIT
zzLdUxNSv-FoALOVzPAq0dpdKtOkj9pu38uuHtUrR5YybCOgZMu1rVxhTE1IN4WFa9QlIIWqAAhTPpCGsZ9LleHLz4JRSniroeNl6azRh7NN2jO126hkCUGGpiJJCLRAqFt4uKxOpTguvK45xShtt8PtpVw-6v3Wg4dLXswXsQ5BFCl1StNcdu7VU6lBLX0vHOS2d...
aj1559.online/ 		49 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1559.online/zzLdUxNSv-FoALOVzPAq0dpdKtOkj9pu38uuHtUrR5YybCOgZMu1rVxhTE1IN4WFa9QlIIWqAAhTPpCGsZ9LleHLz4JRSniroeNl6azRh7NN2jO126hkCUGGpiJJCLRAqFt4uKxOpTguvK45xShtt8PtpVw-6v3Wg4dLXswXsQ5BFCl1StNcdu7VU6lBLX0vHOS2deALOy92LfcaS7iMGW77ExvayDMFITNKltB-LWP1CyF2FUeBCWttNRcBVL_e2uLmRq00TxX3VIpnz3zLplS24scqwmzZtaM6Z4OLurqpHBDa1i3XEAK8vQCJzLXS3fbkQXgYer434AVLw2TTO5w92DaB5imZPCZm3tS1Gxu-u4_UR8i25GG_q70pE2ucDmorBVDA_3Hb1ELpo?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:33 GMT
last-modified
Thu, 02 Nov 2023 11:53:38 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag
W/"49-1698926018000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
permissions-policy
*
accept-ranges
bytes
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
qaly.online-passback-ptopc.min.js
server.zmedia.vn/static/template-v2/passback_ptopc/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.zmedia.vn/static/template-v2/passback_ptopc/qaly.online-passback-ptopc.min.js
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.244.56.108 -, , ASN (),
Reverse DNS
Software
Byte-nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Mon, 06 Nov 2023 10:15:39 GMT
date
Mon, 06 Nov 2023 10:00:39 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2023 10:09:22 GMT
server
Byte-nginx
ef-country-code
RO
etag
W/"651a96d2-62ca"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
ef-cache-status
HIT
zwT4DnOFZBCJggUbs1u2fczC6UHuK37dlpDChT-VtqzQRkG6e-f6E06-ip_BTsIHJHlQUA4nd9ZV7siy4RQ76P9WY3t5Us93ruhwo3FDjRBDH2Nn2GZuPrcOtlZsytpfIN3jlVAUKoKEZitrt-SuJudbMLKEcIdBhcWl7IqZupIex1L9vlv1HDkF9X18E1MGRmKea...
aj1559.online/ 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1559.online/zwT4DnOFZBCJggUbs1u2fczC6UHuK37dlpDChT-VtqzQRkG6e-f6E06-ip_BTsIHJHlQUA4nd9ZV7siy4RQ76P9WY3t5Us93ruhwo3FDjRBDH2Nn2GZuPrcOtlZsytpfIN3jlVAUKoKEZitrt-SuJudbMLKEcIdBhcWl7IqZupIex1L9vlv1HDkF9X18E1MGRmKeaUyqjN4yySOjo6a24L-i-ZPJ8t_HAdk02D7yyPqHX6mVy3OwRLv6kUL_l1cesmdCUUnCiuBombnf5InIA6Od_RJsoL9QBPjdON043-hwxwXwyYvDyIoxeTtFxw0IFQn4u7eamfWhnETJomkYiSS0-LKHbzFPu-lSU9mwJt9zpfeLZMSgUotedk3j4uPkf7-MugOn6hiWLGooKNx0ej_o-5dBhTnE2cXA6lznt?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:33 GMT
last-modified
Thu, 02 Nov 2023 11:53:30 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag
W/"43-1698926010000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
permissions-policy
*
accept-ranges
bytes
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CE2A 		504 KB
116 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1699262973&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fqaly.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833742&bpp=12&bdt=4932&idt=1086&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1493759020336&frm=20&pv=2&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
118619
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:00:35 GMT
expires
Mon, 06 Nov 2023 10:00:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
61eca1a5c5a5bebf9c7373b4aa2f0dff8f45ba86b24bcc1dab44245f23215871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12124
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1E37 		117 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41140
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:00:35 GMT
expires
Mon, 06 Nov 2023 10:00:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 10:00:36 GMT
css
fonts.googleapis.com/ Frame 1E37 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 10:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 09:48:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 10:00:37 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1E37 		2 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 1E37 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
24672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 03:09:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1E37 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
77046
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1E37 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E37 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:37 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame 1E37 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 19:58:49 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55822
x-xss-protection
0
server
cafe
etag
10374801745084864224
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:36 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 778E 		40 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17070
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:00:37 GMT
expires
Mon, 06 Nov 2023 10:00:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E04C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 09:40:27 GMT
expires
Tue, 05 Nov 2024 09:40:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0C5B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L6uxbia1zuqZ2DccixuiHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-L6uxbia1zuqZ2DccixuiHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:00:39 GMT
expires
Mon, 06 Nov 2023 10:00:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
14763004658117789537
tpc.googlesyndication.com/simgad/7544423200140542699/ Frame 1E37 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7544423200140542699/14763004658117789537?w=200&h=200&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:28:02 GMT
x-content-type-options
nosniff
age
495154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4734
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 01:27:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Oct 2024 16:28:02 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14928336741690657425/ Frame 1E37 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14928336741690657425/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:09:36 GMT
x-content-type-options
nosniff
age
427860
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40305
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 09:48:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 31 Oct 2024 11:09:36 GMT
truncated
/ Frame 1E37 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame A89F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 20:57:04 GMT
etag
16674218716276178799
expires
Sun, 19 Nov 2023 20:57:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 3B25 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 20:57:04 GMT
etag
16674218716276178799
expires
Sun, 19 Nov 2023 20:57:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 3FB6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 20:57:04 GMT
etag
16674218716276178799
expires
Sun, 19 Nov 2023 20:57:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 4424 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=qaly.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 20:57:04 GMT
etag
16674218716276178799
expires
Sun, 19 Nov 2023 20:57:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1E37 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame E04C 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
2798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1E37 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 13:37:19 GMT
x-content-type-options
nosniff
age
159800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 13:37:19 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 1E37
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CHRMNQ7lIZeHKDqGh_tMP2qO5kAzRsZ6FdNHivqSeEovi5pW8LhABIM7OhmhglQKgAaDst_QDyAEJqQI4lwhF1SmQPqgDAcgDywSqBPYBT9A_9euYtR-rGZWQWYdgyssj1CRBxkJRGghhle_...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2287393747366152158%22,%22debug_reporting%22:true,%22destination%22:%22https://pgwear.net%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2287393747366152158%22,%22debug_reporting%22:true,%22destination%22:%22https://pgwear.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221049490976%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228567270622966920049%22}&andc=true
Protocol
H2
Server
216.58.212.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:39 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"87393747366152158","debug_reporting":true,"destination":"https://pgwear.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1049490976"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"8567270622966920049"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Nov 2023 10:00:39 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Nov 2023 10:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"87393747366152158","debug_reporting":true,"destination":"https://pgwear.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1049490976"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"8567270622966920049"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 778E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
77049
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 778E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
l
www.google.com/ads/measurement/ Frame 778E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTB-G8vBiXtQcR3avewV6gAM3QRG93-s6bW3rYabrrrCFUGkV8-8M1kEv9-PJpn9e1lSYj8vJ7kZlI0Rm8wwUJ76OhlRQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 778E 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:39 GMT
hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
pagead2.googlesyndication.com/bg/ Frame EFAE 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7558620965&adk=3516076746&adf=3534335229&pi=t.ma~as.7558620965&w=620&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&format=620x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264833867&bpp=4&bdt=5057&idt=1205&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dFK8BCNohH&p=https%3A//qaly.online&dtd=1230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
12867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19628
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 06:26:12 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2287393747366152158%22,%22debug_reporting%22:true,%22destination%22:%22https://pgwear.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221049490976%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228567270622966920049%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 10:00:39 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame A89F 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 10:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 08:13:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 10:00:39 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A89F 		205 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:29:06 GMT
x-content-type-options
nosniff
age
9093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 05 Nov 2024 07:29:06 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A89F 		604 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 13:30:38 GMT
x-content-type-options
nosniff
age
333001
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Nov 2024 13:30:38 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame A89F 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 00:07:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
35577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
server
cafe
etag
11986448221276412250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 00:07:42 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame A89F 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
50648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8796
x-xss-protection
0
server
cafe
etag
1225823381704108053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:56:31 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A73A 		624 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNXQg8gMQJJyJFW2s1OoAmUq8M0bQhh3hd-u4q-mDi5zFbQ0G1T7rb5mRxBQrkK_KgFfv8MZHshi-l9HqGiPkdFB0KLR5ii0_LYT6RE0tqBNgYBDSJwLUOJRW31EmocoGVyVh-A9WdoJHBTuIe4h4MteJZgfjyVrFkInBzf2p2kLHS1gSfo
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:00:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8229 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Nov 2023 07:14:36 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 8229 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 20:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
49419
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 20:17:00 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 8229 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:25:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
52517
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:25:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8229 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
373093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8229 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
77049
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8229 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8229 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8229 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CY-mh-esOmIw7Mu0MqY0XLBa9LAec9etipD2sTf8HasY5HiBOpPjXC7jZjVsaifrECEHI5agSQsNFdg6tFYqri5yTFwDT-OebSFd-IxJg0vJAZNfU
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame C87E 		165 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUi5RAAOIqgEf4qaAA2Ri-pmYyo0m_B86JbO6w&u=%7CsWW%2F9cGvXBl72Ou8EEXDrf%2F7CuRywiQw%2Bo6yDVzabX8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANW_CtfDOy50yQjYpufCBH_kIesJtts_WVHL1g_ukIfgiby7pkF_U9iVog_u4zRqwaKO5pfEO2Noha9vWkY6Iwhqulp_pnaeiPO7FZLahi1x0Nz-b8e6DBF7f-o4TDC1JruD3WSpTSqF40ur5FtjkO4u1H9As7mx9D3XxAN8Xcx273MVe88bwIalZfWKOOh0BxuRgt3VtMdsj42otYcE7ND8dB55Oxi9fxPva4fcaIuQfRlmfF5C3OhedqqJ9lQTeUd0cD3OYIgzdONqOrQDM-pQwBrAESNcF3LTXffPxN2Yvn0hmJhpDjU9PZrFHDdHWf55_tJqUQfk_NCHqocbKRY4BQcX2ataof2u5q8Zik61gEjJuNUeO-bnKM4sORsF5TxHMYFTFL44BXRzbjUDa2SI_I-mwu2VEFeMGD6vU1aUToXeIy6mo_srP1_SRvWqUr6a4w321Rhd4QSCtkvA-mAXLUp27SYSw3Vmc16Y5GJxYOuj8K1B9XQK1iP3M614WONc75OZaQ8XFN8czp3kwyeLN1VHLzoNOObViRccfbcOM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCltbrRLlIZajFOJqV_tMPi6O2wALJntKxXM3x4t2IAcCNtwEQASAAYJUCggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAircdGgTAbI-qAMByAMCqgTuAU_QrUtxWWmzHo3HUeZtaPHj-BHtbXIejdiBfPBto8kQwpvgxmp5d9RZotxyxGzeyTcJKOcx5xtwRxE0gUQUEVvfXvbQoqRTK4SOvBSFSbwG7okLTebaXhqxSOQmwqKP6Hp3wRMz9OLzeuxK1BZ4jv_DtzE5VYa9LhMDmGf6c-QPL45URX2mB8woIv27n_E3Pb7esWrDCNNSQRts2udkkTKEbmAHCHmE60J4MZoxZ0jl3csQbNS3QkdiJlqfZ2wjO9dtVNLchLqFFg8HDTwMwOjrveAk7hQtp6Y0eV8kyKkDwMaA5VSdPfFq9k-uKcOABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kXkbK-TeWYUB2AezCiJK6nr7Ksw%26client%3Dca-pub-3619133031508264%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:00:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=63gfsXORu9UBoDRUoQp38zhDlTGd5x1ebfURGZZtZmlxJo7nBW6FspPqge6-oK1LIGDUoWHPbUuoZSchpidaI6A_FcIC-vp35hy4Eu2Qw0FQ5fioUJtht2ysSKkYPKGuroahETpyFububKxYbmk5ucd0_OV8oS4U7EmUm0a2Ahbl6CivgeTCZk6LMQBbSgRGgeKb92e54eaqKJ9diFVSGaJNfN7uItqUIjV01KOboRy7r_cujksz0yADK9JuD5gqo9Dp4Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
54689887
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel
googleads.g.doubleclick.net/xbbe/ Frame BF8C 		640 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNU2NRDlqFPXPyGbZ4Szuu1-9JSMDR8suI2FNjblT8kXmZ4LGD09nmwTF0L0t76Yc-1b_qMt45oAXUSVZQ6ourQ0mIokp92SdvjPqPS57rhVdQAGe78cXKS8EaQLW3NCdcauxHYe_8wfNdRNqI64QfUzdd7aHlAPtRRUT0gaNkKyjPIKWFc
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:00:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame D7B3 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Nov 2023 07:14:36 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame D7B3 		0
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame D7B3 		0
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D7B3 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame D7B3 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame D7B3 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D7B3 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D7B3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgQ0eohfMN7KfLqGb0F8htokSaENXJpPNyyQH-6weqPReguatBRSTFj-PWehsdRXzDb85NNgxKx3O95Twpt-P1Bkim92yQUFC9QlUUDWuf5Mye0A4
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 172E 		466 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNV1IGZU9HXcj_XECHrfw3UvDYKE9hvtuZoJsmX-CsJ03DUAamv-1N8JhqgjJdIQsqL94nPPejmmm3TWTuonYEhIasAORD7XSEuq0VR9Be5mm3a9VWqGIfdyhu6xGkzxw4YGo-u_p47pKLAqoEoyJ1ohYrj10RobQogA0_q7Ld7hKInTCLc
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:00:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 927A 		89 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 927A 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 927A 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 927A 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 927A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-j94WHApioS8rNLQf-KzAhD_UQnJfhlmhtBwF6KAGr_CB27RMXXDgbZsJBnX9UvKDyJHKY_a8331qWSx-qwl-SgMKTlAGPkwZpQgB62rHcVH6FmI
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 927A 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10425413430828225191&x=1&ct=77
Requested by
Host: qaly.online
URL: https://qaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A73A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATxj5xHGASgIDAnrVAPgDc&google_cver=1
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATxj5xHGASgIDAnrVAPgDc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNXQg8gMQJJyJFW2s1OoAmUq8M0bQhh3hd-u4q-mDi5zFbQ0G1T7rb5mRxBQrkK_KgFfv8MZHshi-l9HqGiPkdFB0KLR5ii0_LYT6RE0tqBNgYBDSJwLUOJRW31EmocoGVyVh-A9WdoJHBTuIe4h4MteJZgfjyVrFkInBzf2p2kLHS1gSfo
Protocol
H2
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VjG3zprqhUNExrYno%2FNOnpRQbKSKNaNiublTf0O78OKdfWlfCFW6xd4FcAXK%2BN4%2FSfIwesN0aw0oUAIhEj3u%2B73m%2Fwxpy4ipQ06TH%2BQ9h3B5Vx6Qq5YjZaCnAC%2BnQ8ayKFoEOlr3lCmVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821c7dacdab6194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATxj5xHGASgIDAnrVAPgDc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A73A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUi5SYHKoOIXUHZLjUc3ywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATxj5xHGASgIDAnrVAPgDc&google_cver=1
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATxj5xHGASgIDAnrVAPgDc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNXQg8gMQJJyJFW2s1OoAmUq8M0bQhh3hd-u4q-mDi5zFbQ0G1T7rb5mRxBQrkK_KgFfv8MZHshi-l9HqGiPkdFB0KLR5ii0_LYT6RE0tqBNgYBDSJwLUOJRW31EmocoGVyVh-A9WdoJHBTuIe4h4MteJZgfjyVrFkInBzf2p2kLHS1gSfo
Protocol
H2
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl8z6%2BHe%2B3FjCn8MOnsMUpIFc%2FOUI7NZHWSRpoxmuWt1LgE0GMSGta2z8JMwdNQfBDB3pHiIv68eFZmZlEH%2FtqsQLT87Ch7d07XaRe1ltVeXwAz80NSQnhe7%2BlS8T9VJ1mkrDktj4DL%2B%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821c7dae2c56194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATxj5xHGASgIDAnrVAPgDc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A73A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEETQtJyhwOb-wLXFx1UIHnQ&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEETQtJyhwOb-wLXFx1UIHnQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNXQg8gMQJJyJFW2s1OoAmUq8M0bQhh3hd-u4q-mDi5zFbQ0G1T7rb5mRxBQrkK_KgFfv8MZHshi-l9HqGiPkdFB0KLR5ii0_LYT6RE0tqBNgYBDSJwLUOJRW31EmocoGVyVh-A9WdoJHBTuIe4h4MteJZgfjyVrFkInBzf2p2kLHS1gSfo
Protocol
H2
Server
185.89.211.116 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
an-x-request-uuid
3d9bae50-d57e-4b81-803b-1298c89f54a7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.163; 176.115.237.163; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEETQtJyhwOb-wLXFx1UIHnQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A73A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDkwMzI4MTEzNjg4MjcyMw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDkwMzI4MTEzNjg4MjcyMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNXQg8gMQJJyJFW2s1OoAmUq8M0bQhh3hd-u4q-mDi5zFbQ0G1T7rb5mRxBQrkK_KgFfv8MZHshi-l9HqGiPkdFB0KLR5ii0_LYT6RE0tqBNgYBDSJwLUOJRW31EmocoGVyVh-A9WdoJHBTuIe4h4MteJZgfjyVrFkInBzf2p2kLHS1gSfo
Protocol
H2
Server
172.217.16.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
an-x-request-uuid
ac6a9c32-22bc-40eb-b8e6-f7c091e574bf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDkwMzI4MTEzNjg4MjcyMw%3D%3D
x-proxy-origin
176.115.237.163; 176.115.237.163; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CF88 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 06:27:05 GMT
etag
48472445140208031
expires
Tue, 07 Nov 2023 06:27:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1E37 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP2G_MA6_nPsTEEBaf5Whag8BeWBBB8ZboQJr_L8TLVGVlZKOqvuK_IRiVGwaWsb9BnQcA33zsxyU4YpWR3VWdrEMEa9KeRfapSranyrAWNMgc_Pjl9p3czYpFDtY6aSeqNyz_uOXkS_AX&sai=AMfl-YQ67rZajKvI8XMvz987H5Nlr_Yf7paQj5COHJYt7mxHlMg8xujIIFPV3_sEzkJSEaW1raFOexV4lBbmnOgk3faBZgzmrJlGbvpfOoWLxjikZM2GOsaHHeZbievhjY_6R2Pvo-loSGXXex15&sig=Cg0ArKJSzBr4JYJTJWhmEAE&cid=CAQSSwDICaaNwqUPaoVvt9M7jFwpVHeycNVISIwq_8laiFYi4zlIh2q2nUIKV_WFHVkragopEsxmeC73d7Em4ym2DBl0gzjJQVbJVp69YhgB&id=lidar2&mcvt=1925&p=0,0,280,620&mtos=1925,1925,1925,1925,1925&tos=1925,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3516076746&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699264835105&rpt=4045&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_ptopc/qaly.online-passback-ptopc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 09:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
549
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 06 Nov 2023 11:51:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C5B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=1573500970743062&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Requested by
Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_balloon/qaly.online-passback-balloon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52429
x-xss-protection
0
server
cafe
etag
5164752759690255249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:41 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F21F 		0
0
z2H8M9gX3QvNcKJ6oV0XWxz7q2ea-_1E7RQtqysOXddu55a1AlVv43dHI7j50CWB5T45-V1JDaK9UbVJsVyOxk3YIdkowVkScaww1X4AkEC1--oERS_Ra5HP3JDnwbj2yT-jQflm-CclHuW6V1BQnizBBYXphkYg_Ji2V-DbBxON88--AvI9Taed_7bD6zClm54Ik...
aj1559.online/ 		49 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1559.online/z2H8M9gX3QvNcKJ6oV0XWxz7q2ea-_1E7RQtqysOXddu55a1AlVv43dHI7j50CWB5T45-V1JDaK9UbVJsVyOxk3YIdkowVkScaww1X4AkEC1--oERS_Ra5HP3JDnwbj2yT-jQflm-CclHuW6V1BQnizBBYXphkYg_Ji2V-DbBxON88--AvI9Taed_7bD6zClm54IktBl7Ez_gx-0w1es8Sdp0wlYgBmUg4ps13AStFBZI00PXJ7DMMeTL8rsptKuK_M3pUIbuCVxTPqN-Dd4z3sIbfDiT7HImxwF3QQ4v495PHhijOpuId9yXzLcmf7qWSCvDh-f64GuSiC9xMrrOLc7leEPJhwuQTJKRwlqZHLQOzbKGMLQpkMhT8dj2yinnoT_UfepgafFegf-I?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:40 GMT
last-modified
Thu, 02 Nov 2023 11:53:38 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag
W/"49-1698926018000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
permissions-policy
*
accept-ranges
bytes
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 58D4 		150 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Requested by
Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_ptopc/qaly.online-passback-ptopc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qaly.online/
Origin
https://qaly.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52229
x-xss-protection
0
server
cafe
etag
2829373311655011035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:00:41 GMT
sd
us-u.openx.net/w/1.0/ Frame BF8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJGoVJ6FEcCWOS2ZTYuVazM&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJGoVJ6FEcCWOS2ZTYuVazM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNU2NRDlqFPXPyGbZ4Szuu1-9JSMDR8suI2FNjblT8kXmZ4LGD09nmwTF0L0t76Yc-1b_qMt45oAXUSVZQ6ourQ0mIokp92SdvjPqPS57rhVdQAGe78cXKS8EaQLW3NCdcauxHYe_8wfNdRNqI64QfUzdd7aHlAPtRRUT0gaNkKyjPIKWFc
Protocol
H2
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJGoVJ6FEcCWOS2ZTYuVazM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame BF8C 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNU2NRDlqFPXPyGbZ4Szuu1-9JSMDR8suI2FNjblT8kXmZ4LGD09nmwTF0L0t76Yc-1b_qMt45oAXUSVZQ6ourQ0mIokp92SdvjPqPS57rhVdQAGe78cXKS8EaQLW3NCdcauxHYe_8wfNdRNqI64QfUzdd7aHlAPtRRUT0gaNkKyjPIKWFc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame BF8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELC4N8Oh1bX47dy1EZCldeI&google_cver=1
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELC4N8Oh1bX47dy1EZCldeI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNU2NRDlqFPXPyGbZ4Szuu1-9JSMDR8suI2FNjblT8kXmZ4LGD09nmwTF0L0t76Yc-1b_qMt45oAXUSVZQ6ourQ0mIokp92SdvjPqPS57rhVdQAGe78cXKS8EaQLW3NCdcauxHYe_8wfNdRNqI64QfUzdd7aHlAPtRRUT0gaNkKyjPIKWFc
Protocol
H2
Server
2.16.97.41 -, , ASN (),
Reverse DNS
Software
pekko-http/1.0.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Mon, 06 Nov 2023 10:00:42 GMT
pragma
no-cache
date
Mon, 06 Nov 2023 10:00:42 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESELC4N8Oh1bX47dy1EZCldeI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BF8C
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDMxYTY4MzYtOWEwYy00MDA0LTkyODQtMzY5NDFlNDQ2Mjdi
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDMxYTY4MzYtOWEwYy00MDA0LTkyODQtMzY5NDFlNDQ2Mjdi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYg47--wEwAQ&v=APEucNU2NRDlqFPXPyGbZ4Szuu1-9JSMDR8suI2FNjblT8kXmZ4LGD09nmwTF0L0t76Yc-1b_qMt45oAXUSVZQ6ourQ0mIokp92SdvjPqPS57rhVdQAGe78cXKS8EaQLW3NCdcauxHYe_8wfNdRNqI64QfUzdd7aHlAPtRRUT0gaNkKyjPIKWFc
Protocol
H2
Server
172.217.16.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:42 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDMxYTY4MzYtOWEwYy00MDA0LTkyODQtMzY5NDFlNDQ2Mjdi
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 06 Nov 2023 10:00:42 GMT
partner
sync.search.spotxchange.com/ Frame 172E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPI9WR3LU8XQyUGhpmDWFw8&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 172E 		0
0
pixel
cm.g.doubleclick.net/ Frame 172E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lR3h4ZkJORTJ1RWFtWWxLRzI3RWlHNWJUWEVuenNpUn5B
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lR3h4ZkJORTJ1RWFtWWxLRzI3RWlHNWJUWEVuenNpUn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNV1IGZU9HXcj_XECHrfw3UvDYKE9hvtuZoJsmX-CsJ03DUAamv-1N8JhqgjJdIQsqL94nPPejmmm3TWTuonYEhIasAORD7XSEuq0VR9Be5mm3a9VWqGIfdyhu6xGkzxw4YGo-u_p47pKLAqoEoyJ1ohYrj10RobQogA0_q7Ld7hKInTCLc
Protocol
H2
Server
172.217.16.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:00:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lR3h4ZkJORTJ1RWFtWWxLRzI3RWlHNWJUWEVuenNpUn5B
date
Mon, 06 Nov 2023 10:00:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
privacy_small.svg
static.criteo.net/flash/icon/ Frame C87E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUi5RAAOIqgEf4qaAA2Ri-pmYyo0m_B86JbO6w&u=%7CsWW%2F9cGvXBl72Ou8EEXDrf%2F7CuRywiQw%2Bo6yDVzabX8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANW_CtfDOy50yQjYpufCBH_kIesJtts_WVHL1g_ukIfgiby7pkF_U9iVog_u4zRqwaKO5pfEO2Noha9vWkY6Iwhqulp_pnaeiPO7FZLahi1x0Nz-b8e6DBF7f-o4TDC1JruD3WSpTSqF40ur5FtjkO4u1H9As7mx9D3XxAN8Xcx273MVe88bwIalZfWKOOh0BxuRgt3VtMdsj42otYcE7ND8dB55Oxi9fxPva4fcaIuQfRlmfF5C3OhedqqJ9lQTeUd0cD3OYIgzdONqOrQDM-pQwBrAESNcF3LTXffPxN2Yvn0hmJhpDjU9PZrFHDdHWf55_tJqUQfk_NCHqocbKRY4BQcX2ataof2u5q8Zik61gEjJuNUeO-bnKM4sORsF5TxHMYFTFL44BXRzbjUDa2SI_I-mwu2VEFeMGD6vU1aUToXeIy6mo_srP1_SRvWqUr6a4w321Rhd4QSCtkvA-mAXLUp27SYSw3Vmc16Y5GJxYOuj8K1B9XQK1iP3M614WONc75OZaQ8XFN8czp3kwyeLN1VHLzoNOObViRccfbcOM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCltbrRLlIZajFOJqV_tMPi6O2wALJntKxXM3x4t2IAcCNtwEQASAAYJUCggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAircdGgTAbI-qAMByAMCqgTuAU_QrUtxWWmzHo3HUeZtaPHj-BHtbXIejdiBfPBto8kQwpvgxmp5d9RZotxyxGzeyTcJKOcx5xtwRxE0gUQUEVvfXvbQoqRTK4SOvBSFSbwG7okLTebaXhqxSOQmwqKP6Hp3wRMz9OLzeuxK1BZ4jv_DtzE5VYa9LhMDmGf6c-QPL45URX2mB8woIv27n_E3Pb7esWrDCNNSQRts2udkkTKEbmAHCHmE60J4MZoxZ0jl3csQbNS3QkdiJlqfZ2wjO9dtVNLchLqFFg8HDTwMwOjrveAk7hQtp6Y0eV8kyKkDwMaA5VSdPfFq9k-uKcOABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kXkbK-TeWYUB2AezCiJK6nr7Ksw%26client%3Dca-pub-3619133031508264%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Oct 2024 10:00:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C87E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUi5RAAOIqgEf4qaAA2Ri-pmYyo0m_B86JbO6w&u=%7CsWW%2F9cGvXBl72Ou8EEXDrf%2F7CuRywiQw%2Bo6yDVzabX8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANW_CtfDOy50yQjYpufCBH_kIesJtts_WVHL1g_ukIfgiby7pkF_U9iVog_u4zRqwaKO5pfEO2Noha9vWkY6Iwhqulp_pnaeiPO7FZLahi1x0Nz-b8e6DBF7f-o4TDC1JruD3WSpTSqF40ur5FtjkO4u1H9As7mx9D3XxAN8Xcx273MVe88bwIalZfWKOOh0BxuRgt3VtMdsj42otYcE7ND8dB55Oxi9fxPva4fcaIuQfRlmfF5C3OhedqqJ9lQTeUd0cD3OYIgzdONqOrQDM-pQwBrAESNcF3LTXffPxN2Yvn0hmJhpDjU9PZrFHDdHWf55_tJqUQfk_NCHqocbKRY4BQcX2ataof2u5q8Zik61gEjJuNUeO-bnKM4sORsF5TxHMYFTFL44BXRzbjUDa2SI_I-mwu2VEFeMGD6vU1aUToXeIy6mo_srP1_SRvWqUr6a4w321Rhd4QSCtkvA-mAXLUp27SYSw3Vmc16Y5GJxYOuj8K1B9XQK1iP3M614WONc75OZaQ8XFN8czp3kwyeLN1VHLzoNOObViRccfbcOM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCltbrRLlIZajFOJqV_tMPi6O2wALJntKxXM3x4t2IAcCNtwEQASAAYJUCggEXY2EtcHViLTM2MTkxMzMwMzE1MDgyNjTIAQmpAircdGgTAbI-qAMByAMCqgTuAU_QrUtxWWmzHo3HUeZtaPHj-BHtbXIejdiBfPBto8kQwpvgxmp5d9RZotxyxGzeyTcJKOcx5xtwRxE0gUQUEVvfXvbQoqRTK4SOvBSFSbwG7okLTebaXhqxSOQmwqKP6Hp3wRMz9OLzeuxK1BZ4jv_DtzE5VYa9LhMDmGf6c-QPL45URX2mB8woIv27n_E3Pb7esWrDCNNSQRts2udkkTKEbmAHCHmE60J4MZoxZ0jl3csQbNS3QkdiJlqfZ2wjO9dtVNLchLqFFg8HDTwMwOjrveAk7hQtp6Y0eV8kyKkDwMaA5VSdPfFq9k-uKcOABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kXkbK-TeWYUB2AezCiJK6nr7Ksw%26client%3Dca-pub-3619133031508264%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:00:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Oct 2024 10:00:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C87E 		0
0
back_button2.svg
static.criteo.net/flash/icon/ Frame C87E 		0
0
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C87E 		0
0
/
cs.mytheresa.com/mix/v3/ Frame C87E 		0
0
css
fonts.googleapis.com/ Frame 0ADE 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 10:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 09:33:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 10:00:42 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0ADE 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 0ADE 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0ADE 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0ADE 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0ADE 		0
0
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame 0ADE 		0
0
truncated
/ Frame 778E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C87E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp_fy2021.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=4867495553&adk=1754629098&adf=299928974&pi=t.ma~as.4867495553&w=300&lmt=1699262973&format=300x250&url=https%3A%2F%2Fqaly.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264841769&bpp=7&bdt=12959&idt=7&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D31f5ead40ea5a8c4%3AT%3D1699264835%3ART%3D1699264835%3AS%3DALNI_Maz4NSEKLRf_10yL2ZyQeoIv8H8-w&gpic=UID%3D00000cb6fddd7a72%3AT%3D1699264835%3ART%3D1699264835%3AS%3DALNI_MahXHjHqWSQ9f0SXrRciCTLLLr6kg&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C728x90&nras=6&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&psts=AOrYGsm79Aju0_vNxVv3hixDdG_ooeQ46mThh0HPxaRohx1P0ZtKr_2Pew-mO7r0QGYxDz-zjPHuEtkI2rGs3p17EFr8kg&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&xpc=Obr8S4H43t&p=https%3A//qaly.online&dtd=48
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPI9WR3LU8XQyUGhpmDWFw8&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/close_button.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/back_button2.svg
Domain
cat.nl3.eu.criteo.com
URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xLsEvPwtdzvRIeZ9MvaJ2CQ7WisPXCNLPDskYHmPe-qZHq69rmLXnU-llKpxCw2FTF8mNMaksPlk7F1zQIFExsBJPpqA0iMCawVXgE7vJ9PUy9z78yzAqgNqePiE9w6AtAowuWxSuImuGVAJdXUtTWqmty6SJhPiCi1BWY7HeEscbBPykcmS8NJZcT5jmWL_WklxW04QRzzdspQG9CAPq3XJtJ4h2GKhTPmAV36RZfLqUwet4066u_cbZjiLNjEhwdd495rpUOuwJidHQjcPB5_tvlkILSpusoILf-DScoD0FwW30u_9goJHmFUpUHg3f-fxtVqawCRyC7WK4EVkluOgNJt5PFKq4UKPIvsNZucoEcujDqrdwqZz1t9yHyYgvI-o6OR3LN17GFzEwpoB2ZRWYoPV9BbtuJZlhzBpboCZF0qE
Domain
cs.mytheresa.com
URL
https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=6548b9482827d713d4c3c61004fb1b0c&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| __cfQR undefined| $ function| jQuery function| gtag object| dataLayer object| html5 object| enjoymini function| enjoyminiDomReady function| enjoyminiToggleAttribute function| enjoyminiMenuToggle function| enjoyminiFindParents function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text boolean| ai_tracking_finished object| ai_viewport_names boolean| ai_js_code boolean| __cfRLUnblockHandlers function| ai_install_standard_click_trackers function| ai_install_click_trackers function| ai_process_impressions object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| txt function| postscribe object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| sp_passback_Balloon_config object| sp_passback_pto_config function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_llp object| googletag

8 Cookies

Domain/Path Name / Value
.qaly.online/ Name: _ga_1ZX1HV2N9R
Value: GS1.1.1699264832.1.0.1699264832.0.0.0
.qaly.online/ Name: _ga
Value: GA1.1.1771346187.1699264832
.qaly.online/ Name: _ga_PX3PZ6Q9RG
Value: GS1.1.1699264832.1.0.1699264832.60.0.0
.aj1559.online/ Name: UUID
Value: 131b2d66-8fe6-5dd7-b968-eb957cc40505
.aj1559.online/ Name: ucv
Value: 695-DE-1699351234761-24--
.qaly.online/ Name: __gads
Value: ID=31f5ead40ea5a8c4:T=1699264835:RT=1699264835:S=ALNI_Maz4NSEKLRf_10yL2ZyQeoIv8H8-w
.qaly.online/ Name: __gpi
Value: UID=00000cb6fddd7a72:T=1699264835:RT=1699264835:S=ALNI_MahXHjHqWSQ9f0SXrRciCTLLLr6kg
.doubleclick.net/ Name: IDE
Value: AHWqTUmEPXRxLdH4Fu5coJ6q8se1xfpbT9GGJ1_TbdLWOPCRsdmGrBQVe8Utlnn-KaI

3 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1699262973&rafmt=1&to=qs&pwprc=2327675243&format=940x280&url=https%3A%2F%2Fqaly.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699264836743&bpp=1&bdt=7933&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x280&nras=2&correlator=1493759020336&frm=20&pv=1&ga_vid=1771346187.1699264832&ga_sid=1699264835&ga_hid=70620308&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079232%2C31079345%2C31079347%2C31079408%2C42531705%2C44804684%2C44807047%2C44807336%2C44807455%2C31078301&oid=2&pvsid=1573500970743062&tmod=114344580&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Rh0elaSywz&p=https%3A//qaly.online&dtd=34
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPI9WR3LU8XQyUGhpmDWFw8&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
aj1559.online
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.mytheresa.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
qaly.online
region1.analytics.google.com
region1.google-analytics.com
s0.2mdn.net
server.zmedia.vn
static.criteo.net
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cs.mytheresa.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.criteo.net
sync.search.spotxchange.com
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
104.21.50.170
142.250.184.228
142.250.185.110
142.250.185.227
142.250.186.102
142.250.186.170
142.250.186.34
142.250.186.66
142.250.186.99
142.250.74.194
171.244.56.108
172.217.16.130
172.217.23.104
172.64.151.101
172.67.164.104
178.250.1.17
178.250.1.3
185.89.211.116
2.16.97.41
212.124.124.8
216.239.32.36
216.239.34.36
216.58.212.129
216.58.212.130
3.75.62.37
34.98.64.218
64.233.184.156
07a0ec7367292a81faaf5c02a8a2d49bd381d8712b2e58668b4e551f2f793a21
124c62cfd395550a54fc8c6a8091a4cdb544c03232556dc9c4636eafa4a4ac1a
19cd4fa0b40ed2d8f6061973d8b90fbb0a11bd354aa58c2e4adcd5d522b9125b
1b267a683e31c4faf2cdee41bd70aa93fb8bd87b37358b243f3abae5c56ce5a3
1c3f4135ae3d85f96b87f9ecaab5099b1e9249a778b10114f3e53307e25b7a54
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1d6b26536813e72b173bee43e13d4a8d1db849762c76fa4e698523a4659ae8ee
1db9c8447699b34c4433d48a6b3a1fc1df74f4258935953c377bda8267144918
1ffd83d094e6b3078255ba6f5df8fa60f2716b5cf558916a9ff30dca79631159
2ee6c4d7d0997a59f8698d7cb53dd63917bfe55cf6dc375b7dcb2db32b2cd4f8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
354bf708f85a99d8c788becee29b97c8f4f31f6679622903d34707007ecd264f
3ab604b93177ff826952980a53cf8ddcaf06aa7df8fa00e79916786a26af5f1c
44e77b4ab0368538b8c5a3fbcb36c31bc07d2798a8bc2fceeea6feaf8cbec859
48f080858e12ebc3b2042580c4301e3c852bddc3a25a5c2a18aa23d6f735d0e2
4a24cee27514c1e6b18872f9ccdd346abd21cde168ea6a735b5eb498df8646ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
531a69d854ce1186b82b1c09d4950ea7c7a4e2e1f3d3804d5bd7bed3b1a6c569
595a0474fe0a00214be3093637f5390ddc087238e34bb994a004f0dfc1ec56ca
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61eca1a5c5a5bebf9c7373b4aa2f0dff8f45ba86b24bcc1dab44245f23215871
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
7419302eeffb8e241649863038eb7d7c71428ba93a1e70c53b869230d2c38e12
764f78f5eeb34fc0794f0f9a1c4bec984901b938359cbecde952c32a51bd0576
785ad2c258759b12691f81bb3624e792869eb5bc212271a7f33a1425996169cc
7d7e9a3b46af89c9e24285f769ab4bac6fe3b41e29fc146bdcb654a7367c0b6a
8e97d4341e2c3464cab7b1bb27222ebc1111dafd321fadf41c9d99f8a779420f
a6c71d9fc36666dd7ad31f5af0c94248ef67974c16aad43adb869c4e614d82e7
a83601bbf9aa79c6e1b524cbe7675d530db025d0a38d5eba2bd6dcd06e951508
ab743018cca2dc41e351f85b9b01c832fdb9bc3699b53af7c729359d611b5c09
bfae853d0abfff55c2ba972994948fbfb7f42b03ceeb37b8126b6be4d4db6a01
c8d6cdcadd011ec5af365cbd557e1948eb47fff4abf7d28815c6cf6b6c29fd1d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ceb69b4bccd681e1ecfd211f298d7ca815a2f5a6677e329c05843ca392d8ce81
d9ecc05c7a6ae6794d682b669ae960b83822e8b57e1a5e675ca8022f366ea0f0
de688e49f8f01d0c3566fabc9ca3151230aef637eefc40d652e9b5aa9e88666d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62f1fa664c81c7e2d2accf66ca76e3045f7e5054630e4ec0d460cdb9b96bdfc
e99cf192ab7c04c043f13e57cd7a3950cd36aa4bcbf489f40c84b6b1b9dc854c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe54ab1001abf8ff888f7374813aff1a2e5657139a7edf3df2f27add3072362a
fffd4228b8aff8925312f07f526c7bba9b8feca22a7dd4dfeb1e818ee7672b7f