qpaytm.com Open in urlscan Pro
162.213.251.239 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qpaytm.com/
Effective URL:
https://qpaytm.com/
Submission: On November 09 via api (November 9th 2023, 2:57:37 am UTC) from LU — Scanned from DE

Summary HTTP 221 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 8 countries across 26 domains to perform 221 HTTP transactions. The main IP is 162.213.251.239, located in United States and belongs to NAMECHEAP-NET, US. The main domain is qpaytm.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 3rd 2022. Valid for: a year.

This is the only time qpaytm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 60	162.213.251.239 162.213.251.239	22612 (NAMECHEAP...) (NAMECHEAP-NET)
30	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:1dfc:1fae:3d75:f146	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
12	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
221	29

60 162.213.251.239 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: business91-4.web-hosting.com

qpaytm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:1dfc:1fae:3d75:f146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	qpaytm.com 1 redirects qpaytm.com	820 KB
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	495 KB
23	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9846 va.tawk.to — Cisco Umbrella Rank: 9510	209 KB
18	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	120 KB
14	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 933 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 449	273 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	289 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	282 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	75 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	16 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	647 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	120 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	82 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	39 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	713 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	586 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	603 B
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	24 KB
221	26

	Domain	Requested by
60	qpaytm.com	1 redirects qpaytm.com
30	pagead2.googlesyndication.com	qpaytm.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com
18	embed.tawk.to	qpaytm.com embed.tawk.to
13	tpc.googlesyndication.com	googleads.g.doubleclick.net qpaytm.com tpc.googlesyndication.com pagead2.googlesyndication.com
12	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
10	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net www.google.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	va.tawk.to	embed.tawk.to
5	fonts.googleapis.com	qpaytm.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagmanager.com	qpaytm.com www.googletagmanager.com www.google-analytics.com
3	s0.2mdn.net	qpaytm.com s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.facebook.com	qpaytm.com static.xx.fbcdn.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.com	qpaytm.com googleads.g.doubleclick.net tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	qpaytm.com
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	scontent.xx.fbcdn.net	www.facebook.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	cdnjs.cloudflare.com	qpaytm.com cdnjs.cloudflare.com
1	cdn.jsdelivr.net	embed.tawk.to
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.ampproject.org	qpaytm.com
221	34

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.dmca.com

Subject Issuer	Validity	Valid
qpaytm.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-03` - `2023-11-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-18` - `2023-11-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://qpaytm.com/
Frame ID: 83EDB0A7521CB7E6A4CD961EED496CBF
Requests: 125 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Frame ID: 5D79EE1C8314714F85F6899E15775270
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&adk=1812271804&adf=3025194257&lmt=1699498649&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fqpaytm.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498649267&bpp=7&bdt=141&idt=125&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2167202409718&frm=20&pv=2&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=145
Frame ID: C05854AF1C9970E2A611418787064DF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4101BF0932A7ADA2E9851ABE107EAC0D
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: 3AF77F9144BF34656FB88C4628A92B20
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
Frame ID: 1353380E32645D6FE9839FF7B226E1D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&h=280&slotname=8324575672&adk=3897155754&adf=2234457717&pi=t.ma~as.8324575672&w=395&fwrn=4&fwrnh=100&lmt=1699498651&rafmt=1&format=395x280&url=https%3A%2F%2Fqpaytm.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498651488&bpp=20&bdt=2362&idt=20&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e741cd308d6782d%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MY8v_eglssjADTlYt1MNqTxXbZoUg&gpic=UID%3D00000cbd817e1ea5%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MbbZjlstaAF7DB3NtSGzYDpgoKFEg&prev_fmts=0x0%2C1600x1200&nras=2&correlator=2167202409718&frm=20&pv=1&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=998&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FS9DuVWTvH&p=https%3A//qpaytm.com&dtd=27
Frame ID: 013A9F56FB50063F1899877D8C5AFAF7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fqpaytm%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dtrue%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D686112214902543
Frame ID: F805A5552679DA6CCCA41CD7467E817B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrB6AEQm7OnAhi0uLj0ATAB&v=APEucNU6TaxLHgdPeOmnRKpddQDJYzYeZ_42mVQ4nyRrW98PTrBwkvQ9XE5ka37CXz0e1achcJPYQF3GBLYdBmj8LTHICKDe2YqFg4Hf2UhvyI-KZPNCeX2Z5jFeyY6bYSOlks3ReBnqyqOKgdAjYr23YhGkEHh5rzupsjSKn4M7-84ZpHtBpV0
Frame ID: 9DA50C5331647CF4F0402DCA56FD116E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 6F1F60336869E26272B90296F40F3DFA
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1CBFC597E6B9AB0A0B7542D856317431
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 017BCFD111F6320830A4131EEBA3315D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16640028877006121036/index.html?ev=01_250
Frame ID: F17D6C5C12D4CCE0F3E891B0651FF6E8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4472D73F931A571A52D151D0D900ED92
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45703AC6C365691C31A4D1F424C3238E
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/message-preview.css
Frame ID: 90089CE6E97543671B7D79CE805208D0
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/min-widget.css
Frame ID: F23E470BBB0CA624D998F43A55901DB8
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/max-widget.css
Frame ID: 445458BB70D04A31BC2C319E04B8E9D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QPAYTm - Instant Money changer

Page URL History Show full URLs

http://qpaytm.com/ HTTP 301
https://qpaytm.com/ Page URL

Detected technologies

jQuery Sparklines (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

jquery\.sparkline.*\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

221
Requests

58 %
HTTPS

72 %
IPv6

26
Domains

34
Subdomains

29
IPs

8
Countries

2873 kB
Transfer

8056 kB
Size

28
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.qpaytm.qpaytm
Title: Download the app

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=c9e68557-01dc-4ab0-bbac-4fa9d9a2d28b&refurl=https://qpaytm.com/login

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qpaytm.com/ HTTP 301
https://qpaytm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-4FQDKwR2NcBO9MblUhqs&google_cver=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUxKnPKfXig9nXFxNa9WaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-4FQDKwR2NcBO9MblUhqs&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIk1i8N8-kNZXHCLG-Yd8s4&google_cver=1

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1Njg4ODE5OTI4NTg0MDI2Mw%3D%3D

Request Chain 147

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPEAvj-t8pc8aq-eE1JCbes&google_cver=1&google_push=AXcoOmTCEFDy7mM459dg9Q8vIcVEBEEjMy34iQkUFMXk13QdALAEFRmXBxl6JWhzIueeyTdwkRUq6HIEVhdGRsSm74KPdEHENlloKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzcwNzQxODc2MDI2NjYwMjgzNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPEAvj-t8pc8aq-eE1JCbes&google_cver=1

Request Chain 150

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEjODWgpG-3BKDAOsFVaJLQ&google_cver=1&google_push=AXcoOmSt6in6cZW67GAhDRIJEbOeN8dTQO6e3RijfTyEmcv0YPmSyWwIWOT6fJKyUZuBojyeG_pK4qUPuIu1pTYcPM_aAsPrR3Z2Hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTI5MTEyOTkzOTQ5MDk2Mw%3D%3D&google_push=AXcoOmSt6in6cZW67GAhDRIJEbOeN8dTQO6e3RijfTyEmcv0YPmSyWwIWOT6fJKyUZuBojyeG_pK4qUPuIu1pTYcPM_aAsPrR3Z2Hw

Request Chain 151

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECiWFHwLo_q-iofKry6L07M&google_cver=1&google_push=AXcoOmSPgJ1WJYMGdaRh9AhuqcUdFKU87e2S60Pvb1bfVNWooGEWSWzc2iCPgq90Vyvmb_1gR4gal-yI5kLlldPlZXEgu8ZHgVhc1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSPgJ1WJYMGdaRh9AhuqcUdFKU87e2S60Pvb1bfVNWooGEWSWzc2iCPgq90Vyvmb_1gR4gal-yI5kLlldPlZXEgu8ZHgVhc1g&google_hm=eS1MUEZrbVZsRTJwSHh2TGJ0UWdfVjNBWGlXUzQ4blI0TH5B

Request Chain 152

https://d5p.de17a.com/cookies/google?google_gid=CAESEOR3hO6NCIBfzABFusewzYs&google_cver=1&google_push=AXcoOmSFW2GVpE32HCswpse-XYTXs1yUKGE4gWXLRF5p82MOC_2b9XwvgwDdx39NoGfCbuGPTJZ5VqHFa6ZmA9KMhbYkwiEb-09g HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOR3hO6NCIBfzABFusewzYs&google_cver=1&google_push=AXcoOmSFW2GVpE32HCswpse-XYTXs1yUKGE4gWXLRF5p82MOC_2b9XwvgwDdx39NoGfCbuGPTJZ5VqHFa6ZmA9KMhbYkwiEb-09g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSFW2GVpE32HCswpse-XYTXs1yUKGE4gWXLRF5p82MOC_2b9XwvgwDdx39NoGfCbuGPTJZ5VqHFa6ZmA9KMhbYkwiEb-09g

Request Chain 153

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGv0jX5fnUmlWYbqB01RAAY&google_cver=1&google_push=AXcoOmQz6TLj05T_9DWJ14tua5ubD0dI3lTgmvdoZKtOXZOCEgXvwbpLmFidi_tWCuelMHbmvtgW6_l9Y_zBxNg3kuRijnT3NeIdnQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGv0jX5fnUmlWYbqB01RAAY&google_cver=1&google_push=AXcoOmQz6TLj05T_9DWJ14tua5ubD0dI3lTgmvdoZKtOXZOCEgXvwbpLmFidi_tWCuelMHbmvtgW6_l9Y_zBxNg3kuRijnT3NeIdnQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjUwNjU5NDI5MTA2MjkxMDY5Nw&google_push=AXcoOmQz6TLj05T_9DWJ14tua5ubD0dI3lTgmvdoZKtOXZOCEgXvwbpLmFidi_tWCuelMHbmvtgW6_l9Y_zBxNg3kuRijnT3NeIdnQ

221 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qpaytm.com/
Redirect Chain

http://qpaytm.com/
https://qpaytm.com/

59 KB
9 KB

1342ms
719ms

Document
text/html

162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

59e7a306ed707a44859f2939f5370bdb23eeb5b367295b8b69f8e030d518f558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 02:57:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

content-length: 707
content-type: text/html
date: Thu, 09 Nov 2023 02:57:27 GMT
keep-alive: timeout=5, max=100
location: https://qpaytm.com/
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 92ms
32ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9278882611444934

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d76a4b47dc9ba8af0fa8ede327c6d0e62d489e0f5bb9fa74b7b88af589fc827b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52467
x-xss-protection: 0
server: cafe
etag: 8780292404420628485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 92ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

222e6a49f5a81a3b84a051e5595085331f0d4003ef2562bd2a8b76545e9a3350

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23140
x-xss-protection: 0
server: sffe
etag: "f159d5f047fa4fc3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 67ms
33ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162781732-1

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7c291eefa359567e33ecdbc349734e233e579905c7f31012d56afb342d945ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68639
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 01:29:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 waves.min.css
qpaytm.com/vendor/waves/ 4 KB
1 KB 274ms
270ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/waves/waves.min.css?v1

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

73a05ae804a4194a7815704a4843232645008a90ffdb625c3e19948a70f446b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 847
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 owl.carousel.min.css
qpaytm.com/vendor/owlcarousel/css/ 3 KB
1 KB 275ms
272ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/owlcarousel/css/owl.carousel.min.css?v1

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

aa7e59e6ec8871088cfeb47bac59a6475c815357deef042c61a5c3c965390546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 917
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 style.css
qpaytm.com/css/ 263 KB
37 KB 534ms
530ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/css/style.css?v1

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

06153f1f0c95ddf7265b0919167fee4f45451e9943c1a4975886743e2b7363c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 37327
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Apr 2022 15:26:35 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 32ms
12ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 15221817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMIudNTQ90HuKSkIeX6l551roMxXJr9l3LwlpL%2BsMTMPGtkOkr7Rc7XheuooQ7Rk93W7mfW%2BIvnUBgqziFGO1F1EQbymZp%2Ff%2BgV5ZiwKpLqoTsmCLAkgzsSuqTzmBK7K4qmhugh3C7uNmFSruuaRLOge"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8232c9dd3f4a1d8e-FRA
expires: Tue, 29 Oct 2024 02:57:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
727 B 56ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 02:57:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
947 B 55ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Signika+Negative:400,300,600,700

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc28df3ac9af0faca2852d738fde6469c4a64755c492e38c0014f68af9b56748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 01:09:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 92ms
58ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7434307d32a6a0078240769f36e53e9e910a662c73b6195d6f8e0195df78e759

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 jquery.min.js Show response
qpaytm.com/js/ 94 KB
32 KB 846ms
844ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/js/jquery.min.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 32363
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 bootstrap.min.js Show response
qpaytm.com/js/ 36 KB
10 KB 277ms
275ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/js/bootstrap.min.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 9449
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 jquery.min.css.js Show response
qpaytm.com/js/ 16 KB
2 KB 845ms
843ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/js/jquery.min.css.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

38d6870bbf7957f9d5869f201e44d11fe0573c9c44be57610c3054c607aa49bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1974
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 logo.png
qpaytm.com/assets/images/ 55 KB
55 KB 1049ms
1047ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/assets/images/logo.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

50267f68ff6e56e669e688c3e93a18b5e18cda4760d1ec6a9da6d3a0b5c0e736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 19:13:14 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 56400
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 google-play-badge.svg
qpaytm.com/images/ 5 KB
2 KB 274ms
273ms Image
image/svg+xml 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/google-play-badge.svg

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

9671a1e59c1b2410247b92dff30ec4ae5c87da856b52b2c5a5be748d84b93b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1869
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 3075750.png
qpaytm.com/images/ 82 KB
82 KB 1079ms
1066ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/3075750.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

bf10912c0f11206a8c43843d9239d8f33e6a16495867d6b42a9e434685be8001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 83690
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 WebMoney.png
qpaytm.com/images/ 2 KB
2 KB 1285ms
1271ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/WebMoney.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

51ffd177abf451ce8a4b001f28981fec46f91135b5cd8fb577410d14f6ee9c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1699
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 AdvCash.png
qpaytm.com/images/ 2 KB
3 KB 1542ms
1529ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/AdvCash.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

1219bc03d5015c2b2e66cbbf2dbaa6abed374b5b4b93b99f065a5dd73d0b2aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2266
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 live-online.gif
qpaytm.com//images/ 11 KB
12 KB 1845ms
1835ms Image
image/gif 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com//images/live-online.gif

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

06c0d295d3928846f9da170d0e6046fe0c502c2dbebbf506c569765aa74100ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11423
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1556906532_icon.png
qpaytm.com/uploads/ 86 KB
87 KB 1591ms
1581ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1556906532_icon.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

13e860363805e371521c98f2706e7186b40371c3b6148401b4bf0b9eca9fcf05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Nov 2022 08:52:41 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 88317
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1642435462_icon.png
qpaytm.com/uploads/ 21 KB
21 KB 1844ms
1834ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1642435462_icon.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

8ad07e0aadbb2fb9bc33d105cca55c48b89e6235a793e2e021365d3938540839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 21063
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 PerfectMoney.png
qpaytm.com/assets/icons/ 6 KB
6 KB 1792ms
1783ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/assets/icons/PerfectMoney.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

32a576c5b6877513fa05d4a911495a7bc36c1a96d730a559f6f2056680f81598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5760
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 AdvCash.png
qpaytm.com/assets/icons/ 2 KB
3 KB 1797ms
1788ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/assets/icons/AdvCash.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

1219bc03d5015c2b2e66cbbf2dbaa6abed374b5b4b93b99f065a5dd73d0b2aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2266
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 WebMoney.png
qpaytm.com/assets/icons/ 2 KB
2 KB 1793ms
1784ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/assets/icons/WebMoney.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

51ffd177abf451ce8a4b001f28981fec46f91135b5cd8fb577410d14f6ee9c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1699
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1651909006_icon.png
qpaytm.com/uploads/ 13 KB
14 KB 1796ms
1787ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1651909006_icon.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

751b82b616f4e4d6adf4addd01a582d7a56a07479194cd7e20af3c475573201a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 13456
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 Payeer.png
qpaytm.com/assets/icons/ 833 B
1 KB 2049ms
2040ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/assets/icons/Payeer.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

f65872c1410405396aeaba066386d79a389bdb63fcfa14f48ec6ac7c04c04142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 833
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1649325662_icon.jpg
qpaytm.com/uploads/ 41 KB
42 KB 1796ms
1788ms Image
image/jpeg 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1649325662_icon.jpg

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

808fb7a487dbaed7bcbfc57fa457b4d537ee3e5bf31ec65efab19cdeee81da5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 42075
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1649435662_icon.png
qpaytm.com/uploads/ 4 KB
4 KB 2049ms
2041ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1649435662_icon.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

d161c824de6cb6402a94bcdaa2bd50329e13d18f6777c5e28a8a8c5541916575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3872
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1649337734_icon.png
qpaytm.com/uploads/ 4 KB
4 KB 1843ms
1836ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1649337734_icon.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

3b1da9d546bcbc54dac6f57cc5cc8dd91464d868e74dd7ed4389ef9429be8834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3802
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1556706941_icon.jpg
qpaytm.com/uploads/ 22 KB
22 KB 1855ms
1847ms Image
image/jpeg 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1556706941_icon.jpg

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

8000c1c36e3832af83f3c7fcb5378f7e636e1d5cc772e4fce2c7c806732fd8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 22482
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1649156937_icon.png
qpaytm.com/uploads/ 11 KB
11 KB 1854ms
1846ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1649156937_icon.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

26f519a863a99580f25ecbe115fec3151ee46998c3c41e900ed4d5c5c20818a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 10765
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1649157596_icon.jpg
qpaytm.com/uploads/ 33 KB
33 KB 2048ms
2041ms Image
image/jpeg 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1649157596_icon.jpg

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

bc50ab813f4ef7ff5e90a09382263890aae800f3e66e7a8d7f724917c8fd0691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 33621
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 BankTransfer.png
qpaytm.com/assets/icons/ 13 KB
13 KB 2051ms
2045ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/assets/icons/BankTransfer.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

c66b345bae7ddfbfd43bd1a0b7a38749edb05af5e7fe19935513d2ec0c3f76ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 12874
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 1659641688_icon.png
qpaytm.com/uploads/ 4 KB
5 KB 1854ms
1847ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/uploads/1659641688_icon.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

d8939063afc1ad54781e268046bab126a0765ef5053a17caa6306eb75c140d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Aug 2022 12:33:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4522
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 logo_fix.png
qpaytm.com/images/ 55 KB
55 KB 2049ms
2043ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/logo_fix.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

50267f68ff6e56e669e688c3e93a18b5e18cda4760d1ec6a9da6d3a0b5c0e736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 19:13:46 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 56400
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 dmca_protected_sml_120am.png
qpaytm.com/images/ 2 KB
3 KB 2051ms
2045ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/dmca_protected_sml_120am.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

471e6e1914ad3c0f80611d2c94c11d06e34b18d41dde34b03d6598a34fa8144c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2406
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 GooglePlay.png
qpaytm.com/images/ 10 KB
10 KB 2050ms
2044ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/GooglePlay.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

59a6c4a20422c8cc477efb5d33564c6307f758eafb3c64307aa86e024f981dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9818
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 jquery.min.js Show response
qpaytm.com/vendor/jquery/ 86 KB
30 KB 1540ms
1527ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/jquery/jquery.min.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 30047
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
qpaytm.com/vendor/bootstrap/js/ 77 KB
21 KB 1543ms
1530ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/bootstrap/js/bootstrap.bundle.min.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 21380
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 waves.min.js Show response
qpaytm.com/vendor/waves/ 6 KB
3 KB 1544ms
1532ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/waves/waves.min.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

b1684a7557296db54fbf016124ef52c8bc70b368dee64dc47aa2f6d2ea3bb711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2149
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 owl.carousel.min.js Show response
qpaytm.com/vendor/owlcarousel/js/ 43 KB
11 KB 1543ms
1530ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/owlcarousel/js/owl.carousel.min.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 11139
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 owl-carousel-init.js Show response
qpaytm.com/js/plugins/ 474 B
591 B 1543ms
1531ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/js/plugins/owl-carousel-init.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

c612c7670757f36b684176aa235af2f24eda1eea5030b7b33c1b72d5ccb4c8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 174
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 scrollIt.js Show response
qpaytm.com/vendor/scrollit/ 4 KB
1 KB 1546ms
1534ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/scrollit/scrollIt.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

5f4c8582ca830c29d3ae38da8daf98f13d4a6f2789126b04ce5c9c2e682eb261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1090
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 scrollit-init.js Show response
qpaytm.com/js/plugins/ 39 B
434 B 1545ms
1533ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/js/plugins/scrollit-init.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

d72424a304b053b5efd47699295939cc9e8af3257e72f7aafa90a386bc2517bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 39
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 jquery.sparkline.min.js Show response
qpaytm.com/vendor/jquery-sparkline/ 61 KB
15 KB 1546ms
1534ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/jquery-sparkline/jquery.sparkline.min.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

0e73977092fc66efc8f9a9c300be11e3b69d6b38a620f6aaffea7aa88e4b5096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 14468
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 sparkline-init.js Show response
qpaytm.com/js/plugins/ 474 B
618 B 1798ms
1787ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/js/plugins/sparkline-init.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

2931730958d8b2f7fff55c4828b68687ea87c577f473028d8bcf061d31d7dfe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 201
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 jquery.validate.js Show response
qpaytm.com/vendor/validator/ 68 KB
14 KB 1588ms
1577ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/validator/jquery.validate.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

33313f70893841ea9e3ce7523da2fd2cc28b519f40b379ad658c1853a87356cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 13920
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 validator-init.js Show response
qpaytm.com/vendor/validator/ 5 KB
762 B 1588ms
1576ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/validator/validator-init.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

413e9c722c3ad2d419ff0fa46eebb8379ad92990a218c9933a53cdda10a8b274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 345
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 scripts.js Show response
qpaytm.com/js/ 3 KB
1 KB 1846ms
1835ms Script
application/javascript 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/js/scripts.js?v1

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

feecba50da721e8ceb0882fb157aa5364e21dd2f118321f7a0f6c26be3d23425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 966
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 May 2022 17:40:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
51 KB 63ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQ2TD9D

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20946007261e78cf02851f664b62ed711ae80e6b7805e3c6e0d757a594746c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51791
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 01:29:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 60ms
45ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9278882611444934&plah=qpaytm.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9278882611444934

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07a36cb45610b6a45d4d83578aec81e2ad44fc3e6766ae65070f551ce6a74586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138482
x-xss-protection: 0
server: cafe
etag: 4256703817940265843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 5D79 10 KB
5 KB 56ms
12ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9278882611444934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpaytm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 00:38:36 GMT
etag: 251720774729838433
expires: Thu, 23 Nov 2023 00:38:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQ2TD9D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 01:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3957
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 09 Nov 2023 03:51:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QST2QJMMBE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162781732-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b53699fdbcf94f5656e9d525c34dbb9a0ab852e5faef6d7d2e1b57c6a9b6b17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 02:57:29 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
217 B 15ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1349051153&t=pageview&_s=1&dl=https%3A%2F%2Fqpaytm.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=124391913&gjid=428798109&cid=1946798143.1699498649&tid=UA-142406896-1&_gid=762133028.1699498649&_r=1&_slc=1&gtm=45He3b60n81MQ2TD9D&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1988358676

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b5ef57cf95b356899059a8c7bcb56b586dfb025501816e1bca979543d22bc584

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qpaytm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1349051153&t=pageview&_s=1&dl=https%3A%2F%2Fqpaytm.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1244295201&gjid=214676338&cid=1946798143.1699498649&tid=UA-162781732-1&_gid=762133028.1699498649&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1338330857

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qpaytm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 43ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qpaytm.com&callback=_gfp_s_&client=ca-pub-9278882611444934

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9278882611444934&plah=qpaytm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

476ea0e935ae6b646dc373f77a52e26e56d9682942f6733fa51906fc5b853529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C058 233 KB
60 KB 304ms
303ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&adk=1812271804&adf=3025194257&lmt=1699498649&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fqpaytm.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498649267&bpp=7&bdt=141&idt=125&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2167202409718&frm=20&pv=2&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5302dc2efd230a5b19c349a9d3a9e94d12a146c813a67048d03dd396e9fcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpaytm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 02:57:29 GMT
expires: Thu, 09 Nov 2023 02:57:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
83 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDZM00Z8S7&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92086397c11613b83618c0a58df4dee751b6129728110d50d7b829fb601e0c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 02:57:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 46ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QST2QJMMBE&gtm=45je3b60v9117308158&_p=1699498649155&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1946798143.1699498649&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699498649&sct=1&seg=0&dl=https%3A%2F%2Fqpaytm.com%2F&dt=&en=page_view&_fv=1&_ss=1&tfd=2203
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QST2QJMMBE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qpaytm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 25ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZDZM00Z8S7&gtm=45je3b60v9129666016&_p=1699498649155&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1946798143.1699498649&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fqpaytm.com%2F&sid=1699498649&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2257
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDZM00Z8S7&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qpaytm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05b6042f2fd3bf7729b1ba716ff3d3e5886bc6e22af9e7c43e60ba45c0b54f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55826
x-xss-protection: 0
server: cafe
etag: 8415088876175552749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 4101 10 KB
4 KB 18ms
18ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpaytm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 11:13:02 GMT
etag: 251720774729838433
expires: Wed, 22 Nov 2023 11:13:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4101 4 KB
744 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 02:40:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4101 205 B
296 B 52ms
14ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:16:22 GMT
x-content-type-options: nosniff
age: 301267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Nov 2024 15:16:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4101 604 B
1 KB 51ms
13ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:18:27 GMT
x-content-type-options: nosniff
age: 484742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Nov 2024 12:18:27 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 4101 15 KB
7 KB 92ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 22:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6703
x-xss-protection: 0
server: cafe
etag: 18125926408851158271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 22:17:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 4101 21 KB
9 KB 83ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 21:14:57 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 3AF7 9 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 19:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 21:01:41 GMT

GET
H2 200 cf794f7c063a51199b9dad436cca08c9.js Show response
www.gstatic.com/mysidia/ Frame 3AF7 119 KB
42 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cf794f7c063a51199b9dad436cca08c9.js?tag=leadgen/frosmoth_image

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39720917b622376494a097ce406e0a10bb506187eb877538823cda845d415c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 00:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42678
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 22:17:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 00:19:53 GMT

GET
H2 200 1290528a0f60de16515866847082b13a.js Show response
www.gstatic.com/mysidia/ Frame 3AF7 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 19:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8379
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 19:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 19:50:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3AF7 15 KB
1 KB 35ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0665e41f3c6d478e2d7bf31dce68ca102e14510cfa6cc39447dcae70b38b2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 02:57:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 3AF7 27 KB
6 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 06:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 06:44:07 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 3AF7 51 KB
11 KB 23ms
16ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11146
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 21:01:36 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 3AF7 18 KB
5 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 05:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 05:19:51 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 3AF7 103 KB
18 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18791
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:23:23 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 3AF7 58 KB
10 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 07:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10107
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:38:49 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 3AF7 31 KB
3 KB 24ms
18ms Stylesheet
text/css 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 04:12:22 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 3AF7 3 KB
793 B 32ms
27ms Stylesheet
text/css 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 05:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 05:19:51 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 3AF7 2 KB
636 B 25ms
19ms Stylesheet
text/css 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 12:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 12:45:58 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 3AF7 37 KB
4 KB 24ms
18ms Stylesheet
text/css 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:15:44 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 3AF7 51 KB
5 KB 22ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4595
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Nov 2023 03:56:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 3AF7 2 KB
875 B 31ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:24 GMT

GET
H2 200 c049486f8b947a8a4d825d9566b96f4c.js Show response
www.gstatic.com/mysidia/ Frame 3AF7 23 KB
10 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c049486f8b947a8a4d825d9566b96f4c.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0120eb2a975cc77faeb13a5d6609190fa4979d384f9bc737c23bf7b9bc3d2222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9814
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 19:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 20:14:40 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 3AF7 23 KB
9 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:22:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 3AF7 3 KB
1 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:23:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 3AF7 20 KB
8 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AF7 190 KB
60 KB 71ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 animate.min.css
qpaytm.com/vendor/animate/ 57 KB
4 KB 1292ms
1288ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/animate/animate.min.css

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/css/style.css?v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/css/style.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 4011
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:30 GMT

GET
H2 200 waves.min.css
qpaytm.com/vendor/waves/ 4 KB
1 KB 1291ms
1288ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/vendor/waves/waves.min.css

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/css/style.css?v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

73a05ae804a4194a7815704a4843232645008a90ffdb625c3e19948a70f446b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/css/style.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 847
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:30 GMT

GET
H3 200 css
fonts.googleapis.com/ 6 KB
649 B 36ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,500,700&display=swap

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/css/style.css?v1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5527216bb7bb15e6692983953c40ca4b30d0db73870315d04b11ed4aa50b721a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/css/style.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 02:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 01:29:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 02:57:29 GMT

GET
H2 200 line-awesome.min.css
qpaytm.com/icons/line-awesome/css/ 27 KB
6 KB 1292ms
1289ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/icons/line-awesome/css/line-awesome.min.css

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/css/style.css?v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

01eddcd3c94e027d31455b1a4613bb6ab72d223d445bf862874c822e0cac2818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/css/style.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 5593
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:30 GMT

GET
H2 200 font-awesome.min.css
qpaytm.com/icons/font-awesome/css/ 30 KB
7 KB 1484ms
1481ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/icons/font-awesome/css/font-awesome.min.css

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/css/style.css?v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

fa27fa37e85414f337126c9626507c53b4cbf7e961bc5904a8c765eeb5801a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/css/style.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 6669
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:30 GMT

GET
H2 200 cryptocoins.css
qpaytm.com/icons/cryptocoins/css/ 13 KB
2 KB 1485ms
1483ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/icons/cryptocoins/css/cryptocoins.css

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/css/style.css?v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

2b3b51a373cdb46bd71ac35930353af741a961821b737d971886e60e561a742b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/css/style.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1674
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:30 GMT

GET
H2 200 cryptocoins-colors.css
qpaytm.com/icons/cryptocoins/css/ 4 KB
2 KB 1484ms
1482ms Stylesheet
text/css 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/icons/cryptocoins/css/cryptocoins-colors.css

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/css/style.css?v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

e1dc628870b03236a9185846d23ae29945270a644ce9f596af01bdfdf75ea6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/css/style.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1183
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:30 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AF7 0
25 B 42ms
42ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoNCAEqCWxhbmRzY2FwZQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfcmVsZWFzZV9jYW5hcnkKLhohZGlzcGxheV9sZWFkX2Zvcm1fcXVlc3Rpb25fbnVtYmVyIQAAAAAAABRAMAEKDRArIQAAAAAAgEVAMAESGkNKdkFydXIxdFlJREZSZ0E0QW9kNl9RUHpBIhZsZWFkZ2VuL2Zyb3Ntb3RoX2ltYWdlKCw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1353 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19631
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 20:45:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ 470 KB
188 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192495
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:01:51 GMT

GET
H2 200 banner.png
qpaytm.com/images/ 34 KB
35 KB 263ms
263ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/banner.png

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/css/style.css?v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

1d718fcb40ca935aa44ed09784e5d2125d97088880fb483192316c489c280bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/css/style.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35259
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:31 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 142ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 22:38:08 GMT
x-content-type-options: nosniff
age: 447563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 22:38:08 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 144ms
12ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 607160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLGqXhoXRhn6RL9c%2BkdDpiV6nJVt%2BZIIybduVtL16RFR6LnNDpSZ16yk6Erx3WjJ3mcvXQfnezml8SLfq4IOuZmk340nHdVfiJR46ZD77OuEGRfNfBzy6RM0YEikBqyXUJYc5pT6VdpYqMWCJFX6hRX%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8232c9ecadbd1da6-FRA
expires: Tue, 29 Oct 2024 02:57:31 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 013A 27 KB
11 KB 381ms
377ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&h=280&slotname=8324575672&adk=3897155754&adf=2234457717&pi=t.ma~as.8324575672&w=395&fwrn=4&fwrnh=100&lmt=1699498651&rafmt=1&format=395x280&url=https%3A%2F%2Fqpaytm.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498651488&bpp=20&bdt=2362&idt=20&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e741cd308d6782d%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MY8v_eglssjADTlYt1MNqTxXbZoUg&gpic=UID%3D00000cbd817e1ea5%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MbbZjlstaAF7DB3NtSGzYDpgoKFEg&prev_fmts=0x0%2C1600x1200&nras=2&correlator=2167202409718&frm=20&pv=1&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=998&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FS9DuVWTvH&p=https%3A//qpaytm.com&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb29aa6b210714cf9316dcaad45a6fda4d5ce4465e66257252fce6bde5e36982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpaytm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11685
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 02:57:31 GMT
expires: Thu, 09 Nov 2023 02:57:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame F805 39 KB
15 KB 119ms
103ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fqpaytm&tabs=timeline&width=340&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=686112214902543

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fcba7deeb9a7bde051eff12eadb2f11fad9a199f277912b826e3b445b78de65e

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpaytm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 02:57:31 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: hyVCdsdcAEN7fUBpPcpKGoFj22YXrCn1YklXVuGkujaV/2hmlKE877ACRDJiXR8kVikRVBpV6mvUJEV8m7kswA==
x-xss-protection: 0

GET
H2 200 default Show response
embed.tawk.to/5dbd124e154bf74666b71dfc/ 2 KB
917 B 546ms
457ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5dbd124e154bf74666b71dfc/default

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0a73c12fdc780e305c3c6a55e9dd46beb9ad15b75fcdb2d79d64b45c3bbcc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-653fa0ef1ea"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8232c9ecad88bb97-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sf_rates.php Show response
qpaytm.com//requests_process/ 164 B
564 B 296ms
296ms XHR
text/html 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com//requests_process/sf_rates.php?gateway_send=15&gateway_receive=18

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

989163915190aadd1fd5469cc42519cfb91a7b02f335371b7c35370733a8b691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://qpaytm.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-powered-by: PHP/7.4.33
content-length: 128
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sf_reserve.php Show response
qpaytm.com//requests_process/ 53 B
488 B 303ms
302ms XHR
text/html 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com//requests_process/sf_reserve.php?gateway_send=15&gateway_receive=18

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

0deb92af73887fda724800c5901250729d1b8ee04b477578e14a97a640fe66c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://qpaytm.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-powered-by: PHP/7.4.33
content-length: 53
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sf_get_gateway_image.php Show response
qpaytm.com//requests_process/ 46 B
485 B 275ms
275ms XHR
text/html 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com//requests_process/sf_get_gateway_image.php?gateway_id=15

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

f07992fab84908fa6b49205173324bd8222c08cd447aa7a8f612314909b63123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://qpaytm.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-powered-by: PHP/7.4.33
content-length: 50
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sf_get_gateway_image.php Show response
qpaytm.com//requests_process/ 48 B
483 B 280ms
280ms XHR
text/html 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com//requests_process/sf_get_gateway_image.php?gateway_id=18

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

468e3b22f91ba74f32640d213f0bfa394ed514e300fbc767a5cc7f8885fa7037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://qpaytm.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-powered-by: PHP/7.4.33
content-length: 48
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame F805 20 KB
6 KB 29ms
8ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fqpaytm&tabs=timeline&width=340&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=686112214902543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: KJUAysdPwR++D7ycln3+p0m5dzRut+D5ONnzlVLvpzUCXaNzg6cPGSfW/ZQO7WDJsNy7KvUsHObg4rN3Xk+fTg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 31 Oct 2024 17:55:45 GMT

GET
H2 200 FI7oM537_IH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame F805 351 KB
91 KB 31ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/FI7oM537_IH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d016b1cde3a6febe82ebafc25c0dbee5667178a6a8dad6ad9fd5c3ecda076d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yL3cUJKFpdcb9wWwZQhNMA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93048
reporting-endpoints
x-fb-debug: nBYOtvN9rpttSpJBpfaA7gAvYaw2Ddf5IzFYqavKJipbBiFm/foDVcjATJb5UpZva63zagx3+zFdyTaFIfOujg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 06 Nov 2024 06:35:01 GMT

GET
H2 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame F805 7 KB
2 KB 29ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: 8rAJ0MfEZmKayTDQ+CCZJiJXqIKk2liS/I5AtGPaDe3eh0zn/K9MjjfvDVtJHiinVmd7T4kk4+yAR8wg2dRiTw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 31 Oct 2024 18:44:31 GMT

GET
H2 200 SfyIUC2I9Aj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame F805 94 KB
27 KB 46ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/SfyIUC2I9Aj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39d446fc3fb117c98b8f8a3b71487ff7f11be7ac8833dee8d8e5f8d86d73e6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nHLblE/U7xLq+FAl9ULeuw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27429
reporting-endpoints
x-fb-debug: dmx9ZahKBytmk8/M25vh1T5ZOlxuzS9ovpavHlWFbGndL2TE4zegnuhuQfd3+Z7Mj9TpBn2ciX2qNgWfOKz+wA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 01 Nov 2024 23:52:18 GMT

GET
H2 200 wHMqsn3PT1C.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame F805 52 KB
15 KB 30ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wHMqsn3PT1C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5822d4ee83ff8d1ab55c8a31002f2ee1a1de4fb12e8d6054541fc7f9d05336b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qjBzCjvJ/lOmIkSG9/HBcw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14768
reporting-endpoints
x-fb-debug: TO0p0rtkJSpknLoWf8tMmf1BdoQXVkGAmpVtE+EANm+/D1vnPOQy4jSF3L/PR1Keqca54OZLSMd6CPh0ddTgVw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 06 Nov 2024 18:13:28 GMT

GET
H2 200 lqKaUzO1Qsb.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/ya/l/de_DE/ Frame F805 102 KB
30 KB 46ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/ya/l/de_DE/lqKaUzO1Qsb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ce1fb6233607df982f45979af8c0b153e653f332f39794075855b2336335674

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lkFVxWBgL1ykTNOqcgMs7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30017
reporting-endpoints
x-fb-debug: bO/kGwD7pQfmvyX7nr//kaGomIF96+KPydBjwCNf3mqARhYoIgaJXioJQ0Cs1q+FG9EKBN9XO+l2yIy5B6osiA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 06 Nov 2024 16:36:07 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame F805 507 B
487 B 47ms
29ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: 4S3AVfYm0ZkyJNYraZxHnzJh/F8nstjdJyP7RCKzXYf29IRXw/Slw0FtdfbC8dQq3m7m8QeoAM+zq9YEPNpg/Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 30 Oct 2024 00:54:30 GMT

GET
H2 200 rdgBWz6zStk.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame F805 207 KB
60 KB 45ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/rdgBWz6zStk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d0aecb179e21205974808ca60b17e3ab60a9724412af6f2ab543da07324e669

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7vACsrXLX+SPW9D+DAulvQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60811
reporting-endpoints
x-fb-debug: zYOf6285joD31pdnrSDWqO2Qb4vMPnvRJlJ2/jkPMfQqSUW6uX/9yqm+w2X0rHLgwu+oEbFVWySdyJtUhzXDwQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 07 Nov 2024 18:26:32 GMT

GET
H2 200 fTu1JKT1-Jm.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLNf4/y6/l/de_DE/ Frame F805 28 KB
8 KB 46ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/y6/l/de_DE/fTu1JKT1-Jm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67082e98d79aa4792e6599bed6131d0510af19d36b0f95c48f9396801de9a428

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yhxs5Ax00bryOrII60WqRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7699
reporting-endpoints
x-fb-debug: xGXyYzn32SLnb1liTfg9DU8c+EiDAZL2K5coyvlEL8yBsT+yLiki1E3zEGL+1AH7bq92h8ATSaL9ACyEcCGxBA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 31 Oct 2024 17:55:50 GMT

GET
H2 200 295280426_534076371874213_5643236374958104970_n.png
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame F805 30 KB
30 KB 110ms
92ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/295280426_534076371874213_5643236374958104970_n.png?stp=dst-png_p133x133&_nc_cat=104&ccb=1-7&_nc_sid=5f2048&_nc_ohc=KqmEz4ur8oEAX_QTsfL&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfB11kXB5ub2lwYxSf3cya6tAiPD6aq23KULSQvuPmjG2g&oe=6550F19C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fqpaytm&tabs=timeline&width=340&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=686112214902543
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bca125dbc54f56d262bccc08fd6a7c255ceb17885606fcb7ab53ad51668b1a14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 22 Jul 2022 16:42:33 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3980622549
thrift_fmhk: GBBJe0x8tczGdF+w5Y2cZ8DiFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: _eB0xmYGZy6yn_tNuVO7bwFeBOsgAtt4aBgbVajk6EL2vh1PnywBAq2IVxMooDnBuh8aUN9C1dDXZQMbVv5TWEZwpwNNCD2eE75AbQj1PY0JE-tSOKfoMxMw3axBrPDM
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2947368556
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 30479

GET
H2 200 294313426_534076368540880_4521874094081135550_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame F805 1 KB
2 KB 110ms
110ms Image
image/jpeg 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/294313426_534076368540880_4521874094081135550_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=5f2048&_nc_ohc=dNZupnLVhQYAX-frN-i&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfAAWuyJLw2kwu131qYDsLMVImfe7CcCGpbL_yChUhkstg&oe=65520618
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fqpaytm&tabs=timeline&width=340&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=686112214902543
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 39f88fca5107212cd8af4ba7f8fbcce03b31fca019c23acf49be3c403b3ff54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 22 Jul 2022 16:42:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2403838393
thrift_fmhk: GBBabNPGeRIkHYgnBfwUkXeKFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 86tEqDyy-CbBi8kypKAzlitawEVdbDDRbF1_MvZml5zOoonbxQiJy12O8R8dopL2B8EGVRJkJkYQJYMi31oQpgnkhGlaxTk_62IOVrgwCjHRT4xA3yUY-TEEoJ5PTf4t
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2505886673
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1388

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame F805 573 B
711 B 15ms
7ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: VzmT9O6or1upMd7K2TlLC2M1Y2syxroPwsFpP7RiRxjJjbwmzgWQAsGCn6cNXn348OaCDQXWdc0BzVX5JXjVlA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Wed, 30 Oct 2024 00:49:49 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame F805 0
0

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame F805 873 B
1022 B 40ms
39ms XHR
application/x-javascript 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/ya/l/de_DE/lqKaUzO1Qsb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43ed6dff15520338abaa6d0c432c37fab7b4ae373d7d1e94dea50d997ce001ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: Rx9zTkr1bnlP5cCJSDW6WG
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fqpaytm&tabs=timeline&width=340&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=686112214902543
X-ASBD-ID: 129477
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 02:57:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: +F89rALXgq63F/soOjEae9/mbfNhQu2ed/yIqPm43V3HC6jt1WKh+NcL2YnGEuhjBVs8LgE3VVN2H8SAD71moA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame F805 1 KB
1 KB 7ms
6ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: j1XdzwQ2YkU9WatL3a/neup2qs6lZLoLrHaje2QOuM+bhqwPuBP29nu5B3rAb7zeAusVsQbbm2QMIZbRZfZZKQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 25 Oct 2024 04:59:20 GMT

GET
H2 200 ieeHDjcGsIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame F805 213 B
405 B 7ms
6ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/FI7oM537_IH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:31 GMT
x-content-type-options: nosniff
content-md5: oSUZEsOZh+qyGbXjvLFs7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 213
reporting-endpoints
x-fb-debug: DkM8wYberV9694Ue9rE40QHWcYmKC0bXUnLTtdGvfMd/D5G2dUdlJOTVK6SQA+o6On8Bm9F6LuZ8XSpETD63tQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 30 Oct 2024 04:03:39 GMT

GET
H3 200 /
www.facebook.com/login/ Frame F805 0
0 104ms
104ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fqpaytm%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dtrue%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D686112214902543

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/FI7oM537_IH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fqpaytm&tabs=timeline&width=340&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=686112214902543
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Nov 2023 02:57:32 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: mUgwbYT1YxJgSSV0HPzUomDU2DcdNS+MZGOhjO8N5EhnTIbKhZCYTlBxgy2MS2pjmi/tB7iaFv+xo0ns8e2m3A==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9DA5 624 B
242 B 35ms
33ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrB6AEQm7OnAhi0uLj0ATAB&v=APEucNU6TaxLHgdPeOmnRKpddQDJYzYeZ_42mVQ4nyRrW98PTrBwkvQ9XE5ka37CXz0e1achcJPYQF3GBLYdBmj8LTHICKDe2YqFg4Hf2UhvyI-KZPNCeX2Z5jFeyY6bYSOlks3ReBnqyqOKgdAjYr23YhGkEHh5rzupsjSKn4M7-84ZpHtBpV0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&h=280&slotname=8324575672&adk=3897155754&adf=2234457717&pi=t.ma~as.8324575672&w=395&fwrn=4&fwrnh=100&lmt=1699498651&rafmt=1&format=395x280&url=https%3A%2F%2Fqpaytm.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498651488&bpp=20&bdt=2362&idt=20&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e741cd308d6782d%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MY8v_eglssjADTlYt1MNqTxXbZoUg&gpic=UID%3D00000cbd817e1ea5%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MbbZjlstaAF7DB3NtSGzYDpgoKFEg&prev_fmts=0x0%2C1600x1200&nras=2&correlator=2167202409718&frm=20&pv=1&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=998&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FS9DuVWTvH&p=https%3A//qpaytm.com&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&h=280&slotname=8324575672&adk=3897155754&adf=2234457717&pi=t.ma~as.8324575672&w=395&fwrn=4&fwrnh=100&lmt=1699498651&rafmt=1&format=395x280&url=https%3A%2F%2Fqpaytm.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498651488&bpp=20&bdt=2362&idt=20&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e741cd308d6782d%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MY8v_eglssjADTlYt1MNqTxXbZoUg&gpic=UID%3D00000cbd817e1ea5%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MbbZjlstaAF7DB3NtSGzYDpgoKFEg&prev_fmts=0x0%2C1600x1200&nras=2&correlator=2167202409718&frm=20&pv=1&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=998&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FS9DuVWTvH&p=https%3A//qpaytm.com&dtd=27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 02:57:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6F1F 89 KB
31 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 02:57:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 6F1F 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:23:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 6F1F 20 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6F1F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQllSliujIt5QpLZJpBVHZQhXaXUsTicSWQDe4MlGR0G1lNna7VjpC4KCCNRyg0HlPy_1EyHzoUqrhRLUGfr8N1hmGd5Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&h=280&slotname=8324575672&adk=3897155754&adf=2234457717&pi=t.ma~as.8324575672&w=395&fwrn=4&fwrnh=100&lmt=1699498651&rafmt=1&format=395x280&url=https%3A%2F%2Fqpaytm.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498651488&bpp=20&bdt=2362&idt=20&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e741cd308d6782d%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MY8v_eglssjADTlYt1MNqTxXbZoUg&gpic=UID%3D00000cbd817e1ea5%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MbbZjlstaAF7DB3NtSGzYDpgoKFEg&prev_fmts=0x0%2C1600x1200&nras=2&correlator=2167202409718&frm=20&pv=1&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=998&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FS9DuVWTvH&p=https%3A//qpaytm.com&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F1F 190 KB
60 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 02:57:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F1F 42 B
68 B 40ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARZcok5LptPAnXBulImsRzTEi4MkSNcVYj0M4QEaYQewhvqgX5DVMHrdaobqJXULgHCwnum0LSHdH9O8-ZYPlOyydJwOvMRn947YbEEPUN9M0KngA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F1F 0
25 B 41ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=336324049806869628&x=1&ct=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F1F 0
25 B 40ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9188439002544&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F1F 0
25 B 40ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9188439002544&version=m202309260101&ct=119&x=1&cor=336324049806869600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6F1F 90 KB
37 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQAuazJAzacXov77JHBriKQlSEpduDtHsvvH42BU0LnEzIINa1iTipq5MeFBjAEmmgZHnJcjXa5JJCQoh5lXx1z17coLLavtxbedn_P9ResGF25Hz3hsVd1qjs30pOJtY_WoBcQ4XjJwDqNsblIvBjRsjBa1DJVrBKOXnIsGh-gFeafGc&cry=1&dbm_d=AKAmf-DyThw0lCWI6pIB1PTxFkuTxwKbVZiXS3XQjxzHWxQUMjn5KWLeBUFhFLvxrbtgM5QsKBO_Apzm_0orFUHM65eFB0IOKIZdBQ52F_ZW0nB09fj0KNSaMWayLFHEAcdOmw0XXkGvdj6W1rKlKu7AuX00Csh_TWuvmWkR7R6qZ0v-p983oXArRRl73-AIUpxiRBRumrZ-dmzH6g9pHO2va9nNSUCrm19um_330tmeAIFXus8zuB6gfSEjNBCPrqZwIECR1SfsuejOE6GyirtrizJRMWkikGZfhY9RJAscU3uHUw3KKeVfO0ad2KdWfx4D1SiDU3f5XKj8It8Xe29Hsg-eWiVk_HUCagcPfmYut7ASirwIuLfBCYb8iyFBiwUO6bo3BJs8El2iyt_F153cVbMVrVviTe8oo8M-rxknPGfER7VWbXnGFqFiIzG_Xyqic0DRoEh-Kd6FxAUtKGPSWHWln1gPZlJtNtaZQxfDZyEBGgJEqdu45eqMuAkPVeps3x9UtQaQGNpBLih4YHQrXP9xOpJaxlGw4dBsHpLM-dW2ceFkgci165JXV-BQ-C-bLBJUE8RqXDzsTBoFXK-Xsf4gRU0D8Xca7uQpD0aLF0JWRHfsggNqLLOFZ9dFgb9qWs-MLnadjqiBDESSdV-UCH-1U20sM2cJ6gsLB7XrofodJbxQ6KfLUdIA1gENdicPLhd93Q8fgGe4vZgNB07sIwHutDXSW-5CYUor-sxq9_aGgnn_njgIiOaA_AkgnXeqoA7ZJliecRYaCpL8qIpiUaj8LRfwwa5-fMZzsstTVEA0NgYoHuEVJ8InFOwGojkQIFFYTnpQGZqVovlUMJht6mEtWIgFoCH5iWy1viBHdEIRPZLIyTEGkwMvQpgazOVeStgNt4_rSiicDMd8hVQVvFW6hrqFleoMJw1lpSyY2vegKgWOWxwgJuG2kiqo2AtXkCt9C4QGK-1fRqrh6HrVprJO8mnR4t6YYCfm1XlibSQntuXyvoxZ0bjPxcLy7NuXsegJlhsDgLgO5DJu9g6OV0A93CBjmu160Atw6_zHooSdGjoyt3q4ZQX-sqwz9YpZ34SIWrjPcP1taRlIk0yqqGUQCRrNltEGuXAaS2fMoB9jcX3DJqTYS8JiLjtwtOVlTBD-60WKNOAHg4-kzupRIYz1fCFA5itubk8ypbxNxMe9Ya1A6SEF3gX8N0UO46cGQNKD6dIymPn69Sx6Spe2xDFLWAP1iKY3TDFhPKqowiDNepZT1UV_7z6ZfMFnsUuvYST8eJ2bDkxliMTEb7qSjGcyzx66eYVzHjy5GrJZZauuvjyBLTNomQXKETN91m6pEhFZNmtvfW1ymWJD_mBvLAc0mPwl48T4E-fmPfFxRJHb1foxryRrRBfZ2jSjj73axrwB0zO0O9wAyxn83q0O8YgeUyQVCK7S8rsKKIAW8zT71_AnbtHQ-AxoJtYnKcSFDdvdJusTRNGsfhzingKsvwl7YzZiB8V5vN_VGyO-lV1Jzsb9DQ0frkOo0k335gUMAB-KPeh9-07xOQF92yfFj1-ecmGAZa8NyKkYsUli_GuAw6ovqVmxP7R05UxUxFYwDYgMyn3TI0cVAgv-iou5iYLxoYtm92qXhoc1EbaXzd8wc_XwVhHeecen6yZ0HjQ2JUrVOFe0cD6KNeWJsACJLy5KgdCLt5GRR1NW_he7Bfdoh-X0qnafnCGyd1WmPOL9ynyo5S3Uf3GqjkHI5BS-eqnxSGMRYAPRqe6kSKtTzSHNKEieY3blMf-LnW41JCTJlYmfROPOCma9Ly_oO6Vf6UUQ41MVZwRqQOWiXx_lSqpGmzGgOcGPgp2fb2AGaHiQzOPo2i5h_1isfv239Bg86xMRVYZ2LDmn2mioMdYCd_WUObkReldkx5_IGTbAYbYsd6eBeJejJmjS_MMm2mXy7B1aKAReQqDSvdMy3gfl9c9_ldf8WKpR8-oqAqVk1zPOB5zJjC3Ky72wDrRmo-n0ikpTJm-S68xd9GlG_rUn8qGtIxLta5mREv2SwKqwJB1eLQJQ9gwEO5ZoVNBH4bPRsNfjogaR1I5xK1TQyvTlKlsIvjWEgkeppRlmlZvQHPNJgx4L6Dj388ajI-k2C-qji5TqCVkoYTg1ydemhaIT5xd0hs0aKbvl4fkzj900dz1I5M_ix56RVkdjP5tt020dCAA2ZYFvJrRx5o74gtfJh-1CDkVdGcCSEB0K88MY7fjehN01ROqLgq1carpRql_6xZ_PlNrX9QN4zICINuneK8rqlLLeTVBnr6YayJWCs5DRHUDDkAPYnQbZMnvsslMj2221Vp663E0F2hZ0mPu9dk3nUQPcITpw5UN5hxOmCLhhP_GGX_k1YBn6V6tucPmvIGrtM5ZYBOXt1nudGpS6FGcuBh00qh_Psg1o7FaQConWh1vLuo2hWGy_WQQB7BQxsL6WUudcwvgkSozbQsgy2LWNX6KL56VEJMlexrRRZFni206Wos0EoYDT7QbnHX4C_FdiV6gxAit_69onQ1Qvns0otnCUiErN54o6Vl2CpidYTba07qSfXJtGTQaeRzU74NcYK4Iz3fhIsM1LQ-pvoi42oL_YQv1QlX0wvwEk-ia-VY8ntV3wrfvs1Ojg9FXaEczlenpQ_MhIN0LkZAKQp2Kh9nJfR5mNwiu4Ml-01nQlmxszcvW4NrGuJPgAv2NzAUQUM783HKgF99hSGkO46jVzWQM2UHoKym9AReV9qpoJ7o5a6TeSnMCqUD7USSwH7ba-2SIEvAQkorelbEfnugnoD5CS4jSG0SQHeTIZUHkqeWlOb7WKPTwcXncH3j5gXpq9E1ldap6VtXLzbMdei_MCUk7YQfkSYLHFY41FDINfog3qeDqXimprbjc8cLwnZru1d1rwKH0OSQ2NrdpTW7PDzBlrdfg2WoMIYPM0b8BjzkO1IYKyCYCJVkWaZGHltQoAT6sWLF1fnpQu6Gg50dpn4pKoPllNoXpR_IOcEwrZAmYmi4eKS8Baij8c_alQ-8UgKKDK7_SCoFLaIXr5qcMhTuijD6u2nntikFPIlRh76cGVo_9cxZOquM8EDX4wFyhZTLa9FEAp1oV2QcUFSe4LBfZ0-lr4_Lhp2AvdYLAzQ08v-B0ES6bdNTqVdjdE6aZl1-dQx1j9NYjkfIhvYSaQMkFYK89xu-9H88hKdeyaO3NxGGN0Bzh78t20FRyGopG21qaJxMa4R0i6eI6YDAgYQeuIkE6-zmEqCxhLJLCpxzfC_yw95PKkG3DbEcpLJzI_IJn1sMOyBwKmx9LoDt-XCQ6DD3YwpUWIEFOhaVfr0KfJ9ivRI3vHsUsaZgtIs0Lnqpr_ZDgMWhLndCILvB_9cesp-NyFVKUPTSrDhCCWBW7IXvVPEEmYsY9TVr6GlLfw4MygGhdDSir3tDQAdq_sDRlMfIXQFhDIgYMeQoQscl9DcCiT6q5rsZIOtlycmLdnbzuBy56NF5OxUyoemznDsjxEelYtE6nleu4piKSyh8t3Bnot2Ds536bx3Z4s1eDZMR7_Fg&cid=CAQSPADICaaNolXImo-oYMg_0-3BIRk39spnSwOuL17aiSYxqO02GMWeEYvet0Y1cdKp_5rBFD8D3lpN8WP_rhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fqpaytm.com%2F&ds=l&xdt=1&iif=1&cor=336324049806869600&adk=497053795&idt=29&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcd7017c7a85f957d5cae8a89338e47861bad4b33e168b1c8e9777e16854f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&h=280&slotname=8324575672&adk=3897155754&adf=2234457717&pi=t.ma~as.8324575672&w=395&fwrn=4&fwrnh=100&lmt=1699498651&rafmt=1&format=395x280&url=https%3A%2F%2Fqpaytm.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498651488&bpp=20&bdt=2362&idt=20&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e741cd308d6782d%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MY8v_eglssjADTlYt1MNqTxXbZoUg&gpic=UID%3D00000cbd817e1ea5%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MbbZjlstaAF7DB3NtSGzYDpgoKFEg&prev_fmts=0x0%2C1600x1200&nras=2&correlator=2167202409718&frm=20&pv=1&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=998&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FS9DuVWTvH&p=https%3A//qpaytm.com&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37957
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9DA5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-4FQDKwR2NcBO9MblUhqs&google_cver=1

43 B
769 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-4FQDKwR2NcBO9MblUhqs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrB6AEQm7OnAhi0uLj0ATAB&v=APEucNU6TaxLHgdPeOmnRKpddQDJYzYeZ_42mVQ4nyRrW98PTrBwkvQ9XE5ka37CXz0e1achcJPYQF3GBLYdBmj8LTHICKDe2YqFg4Hf2UhvyI-KZPNCeX2Z5jFeyY6bYSOlks3ReBnqyqOKgdAjYr23YhGkEHh5rzupsjSKn4M7-84ZpHtBpV0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJTrVNQ7qpNtg3xhlF0nVuqly4YHsVBTUwiEKcIi1j1lVTWczFqn%2F%2BNuWR%2FPAbOmL2jWb2Zl27KGSpcQHq3ePFLuO4TfPQQZLgeP0RMAaakq%2FflblafoV23uZmmYMcn2t4PEQu6vrz6cCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8232c9efcd721c60-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-4FQDKwR2NcBO9MblUhqs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9DA5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUxKnPKfXig9nXFxNa9WaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-4FQDKwR2NcBO9MblUhqs&google_cver=1

43 B
738 B

21ms
20ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-4FQDKwR2NcBO9MblUhqs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrB6AEQm7OnAhi0uLj0ATAB&v=APEucNU6TaxLHgdPeOmnRKpddQDJYzYeZ_42mVQ4nyRrW98PTrBwkvQ9XE5ka37CXz0e1achcJPYQF3GBLYdBmj8LTHICKDe2YqFg4Hf2UhvyI-KZPNCeX2Z5jFeyY6bYSOlks3ReBnqyqOKgdAjYr23YhGkEHh5rzupsjSKn4M7-84ZpHtBpV0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlbpgnK4Cz1MdNEvlD%2FSmdHBtqwcyzpopAHXgBmFVU7N%2FYS49QbVhfuQ%2B71CQzX24EHSz68X48d75v%2FkstlIhWp1lfhEf7%2B178GOwMteIW%2BPvd80GYnihbzl3TcfP%2BMuyzxmHi096CVNJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8232c9f00d901c60-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-4FQDKwR2NcBO9MblUhqs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9DA5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIk1i8N8-kNZXHCLG-Yd8s4&google_cver=1

43 B
846 B

6ms
6ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIk1i8N8-kNZXHCLG-Yd8s4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrB6AEQm7OnAhi0uLj0ATAB&v=APEucNU6TaxLHgdPeOmnRKpddQDJYzYeZ_42mVQ4nyRrW98PTrBwkvQ9XE5ka37CXz0e1achcJPYQF3GBLYdBmj8LTHICKDe2YqFg4Hf2UhvyI-KZPNCeX2Z5jFeyY6bYSOlks3ReBnqyqOKgdAjYr23YhGkEHh5rzupsjSKn4M7-84ZpHtBpV0

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
an-x-request-uuid: ae438127-4a9e-4f2c-9c45-836cb3fbdd6d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIk1i8N8-kNZXHCLG-Yd8s4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9DA5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1Njg4ODE5OTI4NTg0MDI2Mw%3D%3D

170 B
243 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1Njg4ODE5OTI4NTg0MDI2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
an-x-request-uuid: 987c2a6f-dc1e-4722-88ed-885fc49a93a9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1Njg4ODE5OTI4NTg0MDI2Mw%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST bz
www.facebook.com/ajax/ Frame F805 0
0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6F1F 111 KB
39 KB 59ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 6F1F 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQAuazJAzacXov77JHBriKQlSEpduDtHsvvH42BU0LnEzIINa1iTipq5MeFBjAEmmgZHnJcjXa5JJCQoh5lXx1z17coLLavtxbedn_P9ResGF25Hz3hsVd1qjs30pOJtY_WoBcQ4XjJwDqNsblIvBjRsjBa1DJVrBKOXnIsGh-gFeafGc&cry=1&dbm_d=AKAmf-DyThw0lCWI6pIB1PTxFkuTxwKbVZiXS3XQjxzHWxQUMjn5KWLeBUFhFLvxrbtgM5QsKBO_Apzm_0orFUHM65eFB0IOKIZdBQ52F_ZW0nB09fj0KNSaMWayLFHEAcdOmw0XXkGvdj6W1rKlKu7AuX00Csh_TWuvmWkR7R6qZ0v-p983oXArRRl73-AIUpxiRBRumrZ-dmzH6g9pHO2va9nNSUCrm19um_330tmeAIFXus8zuB6gfSEjNBCPrqZwIECR1SfsuejOE6GyirtrizJRMWkikGZfhY9RJAscU3uHUw3KKeVfO0ad2KdWfx4D1SiDU3f5XKj8It8Xe29Hsg-eWiVk_HUCagcPfmYut7ASirwIuLfBCYb8iyFBiwUO6bo3BJs8El2iyt_F153cVbMVrVviTe8oo8M-rxknPGfER7VWbXnGFqFiIzG_Xyqic0DRoEh-Kd6FxAUtKGPSWHWln1gPZlJtNtaZQxfDZyEBGgJEqdu45eqMuAkPVeps3x9UtQaQGNpBLih4YHQrXP9xOpJaxlGw4dBsHpLM-dW2ceFkgci165JXV-BQ-C-bLBJUE8RqXDzsTBoFXK-Xsf4gRU0D8Xca7uQpD0aLF0JWRHfsggNqLLOFZ9dFgb9qWs-MLnadjqiBDESSdV-UCH-1U20sM2cJ6gsLB7XrofodJbxQ6KfLUdIA1gENdicPLhd93Q8fgGe4vZgNB07sIwHutDXSW-5CYUor-sxq9_aGgnn_njgIiOaA_AkgnXeqoA7ZJliecRYaCpL8qIpiUaj8LRfwwa5-fMZzsstTVEA0NgYoHuEVJ8InFOwGojkQIFFYTnpQGZqVovlUMJht6mEtWIgFoCH5iWy1viBHdEIRPZLIyTEGkwMvQpgazOVeStgNt4_rSiicDMd8hVQVvFW6hrqFleoMJw1lpSyY2vegKgWOWxwgJuG2kiqo2AtXkCt9C4QGK-1fRqrh6HrVprJO8mnR4t6YYCfm1XlibSQntuXyvoxZ0bjPxcLy7NuXsegJlhsDgLgO5DJu9g6OV0A93CBjmu160Atw6_zHooSdGjoyt3q4ZQX-sqwz9YpZ34SIWrjPcP1taRlIk0yqqGUQCRrNltEGuXAaS2fMoB9jcX3DJqTYS8JiLjtwtOVlTBD-60WKNOAHg4-kzupRIYz1fCFA5itubk8ypbxNxMe9Ya1A6SEF3gX8N0UO46cGQNKD6dIymPn69Sx6Spe2xDFLWAP1iKY3TDFhPKqowiDNepZT1UV_7z6ZfMFnsUuvYST8eJ2bDkxliMTEb7qSjGcyzx66eYVzHjy5GrJZZauuvjyBLTNomQXKETN91m6pEhFZNmtvfW1ymWJD_mBvLAc0mPwl48T4E-fmPfFxRJHb1foxryRrRBfZ2jSjj73axrwB0zO0O9wAyxn83q0O8YgeUyQVCK7S8rsKKIAW8zT71_AnbtHQ-AxoJtYnKcSFDdvdJusTRNGsfhzingKsvwl7YzZiB8V5vN_VGyO-lV1Jzsb9DQ0frkOo0k335gUMAB-KPeh9-07xOQF92yfFj1-ecmGAZa8NyKkYsUli_GuAw6ovqVmxP7R05UxUxFYwDYgMyn3TI0cVAgv-iou5iYLxoYtm92qXhoc1EbaXzd8wc_XwVhHeecen6yZ0HjQ2JUrVOFe0cD6KNeWJsACJLy5KgdCLt5GRR1NW_he7Bfdoh-X0qnafnCGyd1WmPOL9ynyo5S3Uf3GqjkHI5BS-eqnxSGMRYAPRqe6kSKtTzSHNKEieY3blMf-LnW41JCTJlYmfROPOCma9Ly_oO6Vf6UUQ41MVZwRqQOWiXx_lSqpGmzGgOcGPgp2fb2AGaHiQzOPo2i5h_1isfv239Bg86xMRVYZ2LDmn2mioMdYCd_WUObkReldkx5_IGTbAYbYsd6eBeJejJmjS_MMm2mXy7B1aKAReQqDSvdMy3gfl9c9_ldf8WKpR8-oqAqVk1zPOB5zJjC3Ky72wDrRmo-n0ikpTJm-S68xd9GlG_rUn8qGtIxLta5mREv2SwKqwJB1eLQJQ9gwEO5ZoVNBH4bPRsNfjogaR1I5xK1TQyvTlKlsIvjWEgkeppRlmlZvQHPNJgx4L6Dj388ajI-k2C-qji5TqCVkoYTg1ydemhaIT5xd0hs0aKbvl4fkzj900dz1I5M_ix56RVkdjP5tt020dCAA2ZYFvJrRx5o74gtfJh-1CDkVdGcCSEB0K88MY7fjehN01ROqLgq1carpRql_6xZ_PlNrX9QN4zICINuneK8rqlLLeTVBnr6YayJWCs5DRHUDDkAPYnQbZMnvsslMj2221Vp663E0F2hZ0mPu9dk3nUQPcITpw5UN5hxOmCLhhP_GGX_k1YBn6V6tucPmvIGrtM5ZYBOXt1nudGpS6FGcuBh00qh_Psg1o7FaQConWh1vLuo2hWGy_WQQB7BQxsL6WUudcwvgkSozbQsgy2LWNX6KL56VEJMlexrRRZFni206Wos0EoYDT7QbnHX4C_FdiV6gxAit_69onQ1Qvns0otnCUiErN54o6Vl2CpidYTba07qSfXJtGTQaeRzU74NcYK4Iz3fhIsM1LQ-pvoi42oL_YQv1QlX0wvwEk-ia-VY8ntV3wrfvs1Ojg9FXaEczlenpQ_MhIN0LkZAKQp2Kh9nJfR5mNwiu4Ml-01nQlmxszcvW4NrGuJPgAv2NzAUQUM783HKgF99hSGkO46jVzWQM2UHoKym9AReV9qpoJ7o5a6TeSnMCqUD7USSwH7ba-2SIEvAQkorelbEfnugnoD5CS4jSG0SQHeTIZUHkqeWlOb7WKPTwcXncH3j5gXpq9E1ldap6VtXLzbMdei_MCUk7YQfkSYLHFY41FDINfog3qeDqXimprbjc8cLwnZru1d1rwKH0OSQ2NrdpTW7PDzBlrdfg2WoMIYPM0b8BjzkO1IYKyCYCJVkWaZGHltQoAT6sWLF1fnpQu6Gg50dpn4pKoPllNoXpR_IOcEwrZAmYmi4eKS8Baij8c_alQ-8UgKKDK7_SCoFLaIXr5qcMhTuijD6u2nntikFPIlRh76cGVo_9cxZOquM8EDX4wFyhZTLa9FEAp1oV2QcUFSe4LBfZ0-lr4_Lhp2AvdYLAzQ08v-B0ES6bdNTqVdjdE6aZl1-dQx1j9NYjkfIhvYSaQMkFYK89xu-9H88hKdeyaO3NxGGN0Bzh78t20FRyGopG21qaJxMa4R0i6eI6YDAgYQeuIkE6-zmEqCxhLJLCpxzfC_yw95PKkG3DbEcpLJzI_IJn1sMOyBwKmx9LoDt-XCQ6DD3YwpUWIEFOhaVfr0KfJ9ivRI3vHsUsaZgtIs0Lnqpr_ZDgMWhLndCILvB_9cesp-NyFVKUPTSrDhCCWBW7IXvVPEEmYsY9TVr6GlLfw4MygGhdDSir3tDQAdq_sDRlMfIXQFhDIgYMeQoQscl9DcCiT6q5rsZIOtlycmLdnbzuBy56NF5OxUyoemznDsjxEelYtE6nleu4piKSyh8t3Bnot2Ds536bx3Z4s1eDZMR7_Fg&cid=CAQSPADICaaNolXImo-oYMg_0-3BIRk39spnSwOuL17aiSYxqO02GMWeEYvet0Y1cdKp_5rBFD8D3lpN8WP_rhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fqpaytm.com%2F&ds=l&xdt=1&iif=1&cor=336324049806869600&adk=497053795&idt=29&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:22:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 6F1F 31 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:06:39 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6F1F 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 00:22:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1CBF 1 KB
650 B 7ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6F1F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 535aef91fe33e11da0fe95e1fc3b079782f2eb05eb025521e30ab2180ab6a177

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1CBF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPEAvj-t8pc8aq-eE1JCbes&google_cver=1&google_push=AXcoOmTCEFDy7mM459dg9Q8vIcVEBEEjMy34iQkUFMXk13QdALAEFRmXBxl6JWhzIueeyTdwkRUq6HIEVhdGRsSm74KPdEHENlloKQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzcwNzQxODc2MDI2NjYwMjgzNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPEAvj-t8pc8aq-eE1JCbes&google_cver=1

43 B
398 B

83ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPEAvj-t8pc8aq-eE1JCbes&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPEAvj-t8pc8aq-eE1JCbes&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1CBF 35 B
464 B 59ms
8ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENIkImmlRgfNFb45HFBIIpo&google_cver=1&google_push=AXcoOmRoTSKjAKtLerpRyuPdysAQq7KweOjWLaCnoCwgAmXPwd7I6Vl6nn0DbxFJu-38nsy_eClUhTd2yZHt7m8wZfA_2zHWsyAC6A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 1CBF 0
104 B 89ms
22ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELd9kdMQ54W8MFB32JvinQ0&google_cver=1&google_push=AXcoOmTXttOfazoTHO-DEWdq3QCiNmENdDIpZfgEObIntx2JxkGa8p4pfypW1M6tDDL3rxsvwt2cvVk1wJh0aCPPdUcqm3VoD-DxEQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9278882611444934&output=html&h=280&slotname=8324575672&adk=3897155754&adf=2234457717&pi=t.ma~as.8324575672&w=395&fwrn=4&fwrnh=100&lmt=1699498651&rafmt=1&format=395x280&url=https%3A%2F%2Fqpaytm.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699498651488&bpp=20&bdt=2362&idt=20&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e741cd308d6782d%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MY8v_eglssjADTlYt1MNqTxXbZoUg&gpic=UID%3D00000cbd817e1ea5%3AT%3D1699498649%3ART%3D1699498649%3AS%3DALNI_MbbZjlstaAF7DB3NtSGzYDpgoKFEg&prev_fmts=0x0%2C1600x1200&nras=2&correlator=2167202409718&frm=20&pv=1&ga_vid=1946798143.1699498649&ga_sid=1699498649&ga_hid=1349051153&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=998&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079344%2C31079405%2C44807455%2C44807462%2C31078301%2C44808149&oid=2&pvsid=353911425466455&tmod=543443414&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FS9DuVWTvH&p=https%3A//qpaytm.com&dtd=27
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEjODWgpG-3BKDAOsFVaJLQ&google_cver=1&google_push=AXcoOmSt6in6cZW67GAhDRIJEbOeN8dTQO6e3RijfTyEmcv0YPmSyWwIWOT6fJKyUZuBojyeG_pK4qUPuIu1pT...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTI5MTEyOTkzOTQ5MDk2Mw%3D%3D&google_push=AXcoOmSt6in6cZW67GAhDRIJEbOeN8dTQO6e3RijfTyEmcv0YPmSyWwIWOT6fJKyUZuBojyeG_pK4qUPuIu1pTYcPM...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTI5MTEyOTkzOTQ5MDk2Mw%3D%3D&google_push=AXcoOmSt6in6cZW67GAhDRIJEbOeN8dTQO6e3RijfTyEmcv0YPmSyWwIWOT6fJKyUZuBojyeG_pK4qUPuIu1pTYcPM_aAsPrR3Z2Hw

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTI5MTEyOTkzOTQ5MDk2Mw%3D%3D&google_push=AXcoOmSt6in6cZW67GAhDRIJEbOeN8dTQO6e3RijfTyEmcv0YPmSyWwIWOT6fJKyUZuBojyeG_pK4qUPuIu1pTYcPM_aAsPrR3Z2Hw
Date: Thu, 09 Nov 2023 02:57:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECiWFHwLo_q-iofKry6L07M&google_cver=1&google_push=AXcoOmSPgJ1WJYMGdaRh9AhuqcUdFKU87e2S60Pvb1bfVNWooGEWSWzc2iCPgq90Vyvmb_1gR4gal-yI5kLlldPlZXEgu8Z...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSPgJ1WJYMGdaRh9AhuqcUdFKU87e2S60Pvb1bfVNWooGEWSWzc2iCPgq90Vyvmb_1gR4gal-yI5kLlldPlZXEgu8ZHgVhc1g&google_hm=eS1MUEZrbVZsRTJwSHh2...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSPgJ1WJYMGdaRh9AhuqcUdFKU87e2S60Pvb1bfVNWooGEWSWzc2iCPgq90Vyvmb_1gR4gal-yI5kLlldPlZXEgu8ZHgVhc1g&google_hm=eS1MUEZrbVZsRTJwSHh2TGJ0UWdfVjNBWGlXUzQ4blI0TH5B

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSPgJ1WJYMGdaRh9AhuqcUdFKU87e2S60Pvb1bfVNWooGEWSWzc2iCPgq90Vyvmb_1gR4gal-yI5kLlldPlZXEgu8ZHgVhc1g&google_hm=eS1MUEZrbVZsRTJwSHh2TGJ0UWdfVjNBWGlXUzQ4blI0TH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOR3hO6NCIBfzABFusewzYs&google_cver=1&google_push=AXcoOmSFW2GVpE32HCswpse-XYTXs1yUKGE4gWXLRF5p82MOC_2b9XwvgwDdx39NoGfCbuGPTJZ5VqHFa6ZmA9KMhbYkwiE...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOR3hO6NCIBfzABFusewzYs&google_cver=1&google_push=AXcoOmSFW2GVpE32HCswpse-XYTXs1yUKGE4gWXLRF5p82MOC_2b9XwvgwDdx39NoGfCbuGPTJZ5VqHFa6ZmA9KMhbYkw...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSFW2GVpE32HCswpse-XYTXs1yUKGE4gWXLRF5p82MOC_2b9XwvgwDdx39NoGfCbuGPTJZ5VqHFa6ZmA9KMhbYkwiEb-09g

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSFW2GVpE32HCswpse-XYTXs1yUKGE4gWXLRF5p82MOC_2b9XwvgwDdx39NoGfCbuGPTJZ5VqHFa6ZmA9KMhbYkwiEb-09g

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSFW2GVpE32HCswpse-XYTXs1yUKGE4gWXLRF5p82MOC_2b9XwvgwDdx39NoGfCbuGPTJZ5VqHFa6ZmA9KMhbYkwiEb-09g
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGv0jX5fnUmlWYbqB01RAAY&google_cver=1&google_push=AXcoOmQz6TLj05T_9DWJ14tua5ubD0dI3lTgmvdoZKtOXZOCEgXvwbpLmFidi_tWCuelMHbmvtgW6_l9...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGv0jX5fnUmlWYbqB01RAAY&google_cver=1&google_push=AXcoOmQz6TLj05T_9DWJ14tua5ubD0dI3lTgmvdoZKtOXZOCEgXvwbpLmFidi_tWCuelMHbmvtg...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjUwNjU5NDI5MTA2MjkxMDY5Nw&google_push=AXcoOmQz6TLj05T_9DWJ14tua5ubD0dI3lTgmvdoZKtOXZOCEgXvwbpLmFidi_tWCuelMHbmvtgW6_...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjUwNjU5NDI5MTA2MjkxMDY5Nw&google_push=AXcoOmQz6TLj05T_9DWJ14tua5ubD0dI3lTgmvdoZKtOXZOCEgXvwbpLmFidi_tWCuelMHbmvtgW6_l9Y_zBxNg3kuRijnT3NeIdnQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjUwNjU5NDI5MTA2MjkxMDY5Nw&google_push=AXcoOmQz6TLj05T_9DWJ14tua5ubD0dI3lTgmvdoZKtOXZOCEgXvwbpLmFidi_tWCuelMHbmvtgW6_l9Y_zBxNg3kuRijnT3NeIdnQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1CBF 0
12 B 15ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KapqRHmF0jbYe1Wjkv-IBRkhY024m9jfJ3Iezt5hRZBAziWmNw-_y5kYHkq6bRzQiNdL4J

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 017B 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 00:22:02 GMT
expires: Fri, 08 Nov 2024 00:22:02 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16640028877006121036/ Frame F17D 162 KB
25 KB 24ms
7ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16640028877006121036/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e144c19eddd7aa8f7edca47212b77a637d1b19e1622f0dab170c54870380e4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 228904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25230
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:22:28 GMT
expires: Tue, 05 Nov 2024 11:22:28 GMT
last-modified: Thu, 24 Aug 2023 12:26:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6F1F 0
0 92ms
54ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsxu35PxRdeKEY9VM3VTukoxr_JvLyLzjHv_shqrSMh2SJ8C6kAluCdZnJY3sk8lMjZHSO1hoyRkNwPJC0vps6YWoU56dheL0mHFyGWUKnHZeioDLRDL-_uqFVWtIHAfROIiyO2nQPP_YPNsC6PIHr3C1yh_UK9UCoiS706mVJBoD1nstJvb_EvpTn6mmy3_vcYKXz3UZTOpk_nShl7EHJfcGL8n1fLzaPHSkXIuU5Ss2Dwyg7cQveHFY3JgbuKR4uQbr1BClgBpppB4ormmxqR3LW_Qyy8wsT3tCJqD2dSeHqIV6jnTwshLIO3HpyHM5wZVtXpAr7grREBTVreKnblAe0oKSkgw5nTI_Zffb0ZpuhFDFgvH8hWYe5hGWVaLPxwRmwDIUnK1qBewEOp3TUVm-LXTjyQn8jaTvusCOEdsb5YxWdWnp0XPfGdA6nbA8EvY9XvIHKBrN5SD3raG9z4AJmp_LeBAvHVNwDLWaGEbq0hraWtQClHw5tPKFVWFSK_ATI3h8PTTVcQu6aKonkmLb6VI7aaV0q3E9zKZ8JDVvsTP_V_tZtpzYkQxXLc9KhoJGWiYwcxWI9CwEKGKmsEztreiLKD7DeCWW3vnHZUAiQUKd6AYKQfhRUYQ-306ezNSu-M1hkAwHrFo1FGbtIM96XeImU-kw-v3QHsMDrFykxFmEqcBGDp3Cpn2oZgReIslSvvVBqJS5xD6KBOSvzCoBOZpu8UL4Dho7JWwlNTNqZ592MR4JtPxyeWcdnoR_EwPpnIHKnw25Mk8qsBvWZ1ni-lmXMUlue19GCs2pNmJoNI3KXnJ5nwxGimlxknBlYFEEsDHbKMUU5-oZHPSP8QV1ykJ-jU8P8eQ8GiNNRmuhBs6sQZhZ1Bl4JxGL2k3H3McLhm67WzyteXgo00CejNlVSMnksMFONwDqf_oTcEuNpbP0oIGr__RTmAMvYGvcp1349VUVPFROjL3Vp4WZcahsFrTYScIsWeX4OkL6zl4msX9bQtnZb_BuDn95OfOk0HpVsxbsQ0oSjeBUh2V62_-YyRI5txFnl1nt72vOzrBeLdqQT9lXo4kVSF4v7ffyPcP1l5Nk25Zd_AbZb4y5BOHTwsg2wl3GGgOItC3x6h7IW8m4zHCy4s1jGM9BhC3KvtC47kZ0_jR0iV6qSoJZ5laPEeigW_vn9VoV5X1cWKrsR4S_RcoYQtLZSrmam0Wa-In0tsgJQHqqG_0XfOFOTwA&sai=AMfl-YSA6mQSaFY2gGCEkEOXkHKIKBalUn8BdBKTGTr_qfZq8Sk1NrRC1LzmgWvl2VHS4Y0l7KtMEW0bTxLaH3Gx0OLfMRhvIHWKElq2-Ew9elAYwl9NJnokxG4UCkD0q50HSShl48rFwxxfeONPqc94QNgxwWUY5VL4Po_z_JxTZvRXVpnegk8JTF6aA1WlvzKGsKoFNILDKUrbyaEdQXsVn_aSM2xyR08ykQy9s3S3TIWJ0Jm06Ix0m2nX7HzIcwrP6USAT7U&sig=Cg0ArKJSzDau8SABJ0IAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=87&cbvp=1&cstd=83&cisv=r20231106.27437&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 02:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 017B 38 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame F17D 32 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16640028877006121036/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16640028877006121036/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 17:05:58 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6F1F 0
0 44ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsxu35PxRdeKEY9VM3VTukoxr_JvLyLzjHv_shqrSMh2SJ8C6kAluCdZnJY3sk8lMjZHSO1hoyRkNwPJC0vps6YWoU56dheL0mHFyGWUKnHZeioDLRDL-_uqFVWtIHAfROIiyO2nQPP_YPNsC6PIHr3C1yh_UK9UCoiS706mVJBoD1nstJvb_EvpTn6mmy3_vcYKXz3UZTOpk_nShl7EHJfcGL8n1fLzaPHSkXIuU5Ss2Dwyg7cQveHFY3JgbuKR4uQbr1BClgBpppB4ormmxqR3LW_Qyy8wsT3tCJqD2dSeHqIV6jnTwshLIO3HpyHM5wZVtXpAr7grREBTVreKnblAe0oKSkgw5nTI_Zffb0ZpuhFDFgvH8hWYe5hGWVaLPxwRmwDIUnK1qBewEOp3TUVm-LXTjyQn8jaTvusCOEdsb5YxWdWnp0XPfGdA6nbA8EvY9XvIHKBrN5SD3raG9z4AJmp_LeBAvHVNwDLWaGEbq0hraWtQClHw5tPKFVWFSK_ATI3h8PTTVcQu6aKonkmLb6VI7aaV0q3E9zKZ8JDVvsTP_V_tZtpzYkQxXLc9KhoJGWiYwcxWI9CwEKGKmsEztreiLKD7DeCWW3vnHZUAiQUKd6AYKQfhRUYQ-306ezNSu-M1hkAwHrFo1FGbtIM96XeImU-kw-v3QHsMDrFykxFmEqcBGDp3Cpn2oZgReIslSvvVBqJS5xD6KBOSvzCoBOZpu8UL4Dho7JWwlNTNqZ592MR4JtPxyeWcdnoR_EwPpnIHKnw25Mk8qsBvWZ1ni-lmXMUlue19GCs2pNmJoNI3KXnJ5nwxGimlxknBlYFEEsDHbKMUU5-oZHPSP8QV1ykJ-jU8P8eQ8GiNNRmuhBs6sQZhZ1Bl4JxGL2k3H3McLhm67WzyteXgo00CejNlVSMnksMFONwDqf_oTcEuNpbP0oIGr__RTmAMvYGvcp1349VUVPFROjL3Vp4WZcahsFrTYScIsWeX4OkL6zl4msX9bQtnZb_BuDn95OfOk0HpVsxbsQ0oSjeBUh2V62_-YyRI5txFnl1nt72vOzrBeLdqQT9lXo4kVSF4v7ffyPcP1l5Nk25Zd_AbZb4y5BOHTwsg2wl3GGgOItC3x6h7IW8m4zHCy4s1jGM9BhC3KvtC47kZ0_jR0iV6qSoJZ5laPEeigW_vn9VoV5X1cWKrsR4S_RcoYQtLZSrmam0Wa-In0tsgJQHqqG_0XfOFOTwA&sai=AMfl-YSA6mQSaFY2gGCEkEOXkHKIKBalUn8BdBKTGTr_qfZq8Sk1NrRC1LzmgWvl2VHS4Y0l7KtMEW0bTxLaH3Gx0OLfMRhvIHWKElq2-Ew9elAYwl9NJnokxG4UCkD0q50HSShl48rFwxxfeONPqc94QNgxwWUY5VL4Po_z_JxTZvRXVpnegk8JTF6aA1WlvzKGsKoFNILDKUrbyaEdQXsVn_aSM2xyR08ykQy9s3S3TIWJ0Jm06Ix0m2nX7HzIcwrP6USAT7U&sig=Cg0ArKJSzDau8SABJ0IAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=157&vt=11&dtpt=70&dett=3&cstd=83&cisv=r20231106.27437&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 22ms
21ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231106&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53a3fcf66ca970453eb7277a4b51ba997c1c5c9a65d91ceae6d0e5f34f04d3f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11999
x-xss-protection: 0

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 121 B
263 B 129ms
127ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dbd124e154bf74666b71dfc/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9f0e81bbb97-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 81 KB
29 KB 243ms
241ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dbd124e154bf74666b71dfc/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9f0e81cbb97-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 212 KB
62 KB 352ms
351ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dbd124e154bf74666b71dfc/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"357952f03822ff20c10ab27cc597e161"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9f0e81fbb97-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 215 KB
42 KB 684ms
684ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dbd124e154bf74666b71dfc/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"3559a48cee058d0fa362d062d48d297d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9f0e820bb97-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 2 KB
1 KB 128ms
127ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dbd124e154bf74666b71dfc/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"ab2e7e6976ebf42505e0f529919444b5"
vary: Accept-Encoding
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9f0e821bb97-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 151 B
206 B 128ms
128ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dbd124e154bf74666b71dfc/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
Origin: https://qpaytm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9f0e822bb97-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 02:57:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4472 13 KB
5 KB 15ms
11ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpaytm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 00:22:01 GMT
expires: Fri, 08 Nov 2024 00:22:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4570 829 B
562 B 21ms
21ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88515160b9b6c3e0c54303dc9fae4b43e24a5298424a4379e04064a917303d6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jTjVWPPGMxL670RuvuPbzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qpaytm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jTjVWPPGMxL670RuvuPbzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 02:57:32 GMT
expires: Thu, 09 Nov 2023 02:57:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4570 0
0 40ms
40ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231106&jk=353911425466455&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4472 38 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 017B 0
25 B 44ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNM5wnEpMZdPoBMHx3wPioJWABAAAAAA4AeAEAg&bg=!aWqlaiXNAAb4oU7C2KE7ADQBe5WfOM40KIhL0y_x-LKPiyD596xNEGCjRrVqifC5MdCUn9D1s-WKCrrCVc0oXntBCKl1AgAAAKdSAAAACGgBBwoAc-gPS5zehCClDwwI7OLfKcDNxbozpBBee2ssT7dMjboK8pa6FSPZ9pGKIJsD-hwuSYROmYothDZE6lZxk39JBqNMZ_hYq46LrNqXuEf-wMl-PMAQ-PFlKuL0V1fVyde0ILxUzcRwmTHtWz_4aBaOir4ew6GZAw9jLCZvHGv9DO0gGacvFFePllkWPSm3JPwrj-kNk_BR8_bVUdSQNUfIGdR5N7LNzj0MjvtkZKniXgaQYJV5Jgoh-1KWONHoA2RTkgLklIDtEdb9DvXYnNNkiB29iKz2-nB_CGEAov_UkjvIRcqBEnf_Y4hGH6qF2OzGoO2AzBZhwnqZMuDc_ug0dZikYLGIErafNyQ2xid99kc7M-tTljgGQk56KxE4SX5BcSHiDml4RKgyytXhCIeYLoiO_zeXFPRY1HgfP4Wq4p9DUEhWGPQ3-oCN_3qzbRppzzpehqJ9ImNZpuFpriYUA_7I4HMMEyzxiZr4oCBKNZYLnU0taHZs0AGPH42AhlWoeXAgGJwSDA6hEqTp3kLjxeQbo7u5JVOatB2_DFXNQZVQ3N3rks_voE16lYhMfjTGJy5j4HAxUUXrQV2be8Cb44n22cZ89ugvo1xS2b7mFnxmZR9Z5Cpmpf6mbbHjX2a0Fm6cCNPALXpBlNdBPHrb3k3S3PJh-L3Fw-3WugiBkiDgx-csIuTQwYXMuP9iHGqTzhCOF3QM7N0HrQauRwhqYp8u3U7E-Waa-Bdi1kRA8TE3Z9riqCuJoCZxCop1KLFYGVIJurPRCZMoWNjVEiFqxwPdbvO8BwLr6LbHHVJcoUglZIy67-4x7M31jAEAxtQWGWexMIhACEwtz5VnQV8uRwHFRuVPhzNpWmO9zeSVytWKzA_7I8SQ5f_zdbbwaXrtvhCsDcjyYx-jB47qqqjNHbjgnzli91iU10EA9J8uJsZzcbb3fUUn9I-deCA8ZgshsqajXV0Ruin5sCsZcP0L4JCAjCoGFJ3f8V3QhqtNnNQM-W3VZ9crJQKnarclgWgXT2igGD-SUD4rD24JrNsU2gKh9O8CBFkuQMBlD5H9KrVXLUCROMmkut7iyJa7qdSI5Z0Q7_AeU7cViQlYVgXuwyMdUOl2Actl0ArmOPnFrcrMqHshFg-OygGGgYWDUUlT4Tc6VwKmt5PrBxvDCvNEASm5vNzvIKpAayfIybqJzsnuzmOuPmU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4472 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Xgfo9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 545ms
527ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5dbd124e154bf74666b71dfc&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb054c2c94d140c301ea2abf67ea87c5f72fc9231e2ecaa36c1caf95faf686c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:33 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-24j9
server: cloudflare
etag: W/"2-40-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8232c9f5dc4bbb97-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 873ms
861ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cba8122a330e7ed2b4f0e68c5f7e51be70e692fb812ffa2ddca612ee02200c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://qpaytm.com
access-control-allow-credentials: true
cf-ray: 8232c9f6eadc362c-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-5cx5

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231106&jk=353911425466455&bg=!-vml-bbNAAb4oU7C2KE7ADQBe5WfODVNG3skmJWT9cdVNKfkxalEnfEtXcg9BC8QJUbh-YFOiB6WpSPhJROQ6OR74whfAgAAAGBSAAAABWgBB5kC0vYToJ2Av1PhmTm_HnzK_2ZNPJ5KRh_faC-ZfEzc61O07MiPfOptIaPDVnwcN1ZyPwYwMsFKIpK7gS5wAFLICZc1DacF-9yfUbkODgVAD1hXcaoEASymn5sFPyLdzqkO1ahJ4ubV4mJinayGwDRYLHX9V4KggnywksjLFjqy8qRFVxRwnaD_Q7-KQGTzkTvOBZ2GCYtS7JSxm0gW821gRpf1TvizG_61eqygycFiANiPP8UwTxIPvyQ9N3cHoJv-u0tF80UboTZxRUa7pvIw8tQyxnMZ342kcTHpl7BWkkP6bY5NS1N6kMJx7_ZON7nNjaVNUvvBqBUlPq6yy5zfpu5otGr1qrm99DO8SpWy_48mLRJAdA84mPD-YBn-bQWHK2Qcxi4tARX4eCUaTqZysImeXjYhpQJRgKCuv-WU-bT6eqM99fN9hMIeI0zeB66dw5wXgz0HbHQemrOT-iIlD6A6k15tR5wBZjEDr2DOD1sy6PWzm8V-60AD5YvyL-LZRXKkKAMKYn_l0ZZNQbdGu2SHnE8AqkKk9RvqUUS8oEzwPH6DuIJxLBLzBUAgPbfEgwJLjXo6qugNSrP51dLIVuiDM7c1CVKPKNLeQ4xmbXCeVmuSlJ-CB0nZ54rWfdK4RBWQkedGdUdv-jd44zmmt29B0TxbhIKEvsJa36oQbSk6hJlsK6RA14jRVFM9M7DSObdYsHn8T1hfzHMbVOEgU98Mlcy9SNC8d-scNQpWMjyqrR0-xp2kml-3I1MdOajbGL6uhNZzthGDVGVCYcj2KXNN6SnjULTJwyMBtC0z2OWaaCvOyv-KHonAi2tZZXaL5-IdjBQJl_ckVq4CgSxhAlboriv_jEwcTtsk-IjLAxq2Wd8YB2VY0V_8aIcvxsMTf4oIdMhKMCha5mYnhNYsY--mTj_0OuFz_KoZIczxc0iXdtL5jBIChnrlPpWnonKGoM2d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 157ms
153ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://qpaytm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://qpaytm.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8232c9f5dc4cbb97-FRA
date: Thu, 09 Nov 2023 02:57:33 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-b5nh

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F1F 0
25 B 40ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9188439002544&version=m202309260101&ct=119&x=1&cor=336324049806869600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 02:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/ 17 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:33 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 763606
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:40 GMT
server: cloudflare
etag: W/"7f37a030886ec7fce1d065ec482789ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9f92c29362c-FRA

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 8 KB
3 KB 16ms
16ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b089f5f65d03da61b611f98336194eb97c019203a97c3899a0d26cd28079b65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762254
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"589bcaf3fa2f5394494ee99582c6bee6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fc7e52362c-FRA

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 18 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

358db197e46c18220231b57ba38c50d92cbe5ccc3f14da9e203b2f2aa3d3943e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762254
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"d24778beeceabd92325994c6f7a2751e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fc7e53362c-FRA

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 699 B
675 B 16ms
15ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 7728
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fc7e54362c-FRA

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 18 KB
6 KB 17ms
17ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c6f5113c1bbf4ab16c83c17bbb2f7a89c14289eccda26031f77c873a30c0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 598286
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"3e2b01e1e5d09751c601a46ccf3d3cfa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fc7e55362c-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 906 B
663 B 23ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762254
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fc7e56362c-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 535 B
575 B 16ms
16ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762254
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fc7e57362c-FRA

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 107 KB
24 KB 23ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a34981cda55b2bae3762c709553b06e72e7a9b8de79012c610547f84a34833e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 680164
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"b3a46b8e741c104da6508d52406c9c32"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fc7e58362c-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 9008 40 KB
8 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762253
cf-polished: origSize=40832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"cf4a08d496f49489af30571e3cbb48f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fcae76362c-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame F23E 24 KB
5 KB 16ms
16ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762253
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fcbe88362c-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 4454 76 KB
14 KB 17ms
17ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65903b8703d79850e660a2b415ae10306b3ee3015a436327de3f86433d5d774e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762253
cf-polished: origSize=78142
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 12:28:39 GMT
server: cloudflare
etag: W/"7c8b6e697bd499db08971189a4be9b7c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8232c9fcde91362c-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 39ms
20ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22443838
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4525-YYZ
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehHbNM4LoeMCipp8I%2BDUjRMJrf9ttUjk8JVjOoAFfPel4TDwLwz7XKepI%2BiD8vU9va5VWWWhMBRAKkcTrRiOwMUjPm9IlvT2U%2BRMwhfqEBamEKvtucBkTyijOpGDi%2F9SbNjIyHB6F6I%2B6JHkMwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8232c9fd0ffe3665-FRA

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 197ms
196ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://qpaytm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://qpaytm.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8232c9ffbf809b40-FRA
date: Thu, 09 Nov 2023 02:57:34 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-vcpr

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
258 B 144ms
144ms Fetch
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qpaytm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 09 Nov 2023 02:57:35 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qpaytm.com
access-control-allow-credentials: true
cf-ray: 8232ca00f8159b40-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-xpnj

GET
H2 200 / Show response
qpaytm.com/ 59 KB
9 KB 646ms
646ms XHR
text/html 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpaytm.com/

Requested by

Host: qpaytm.com
URL: https://qpaytm.com/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

8a205ed0713b6e3ac21acc18123e2f3ffd7c8ab92cd9d012c1f91e3fddb58b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://qpaytm.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-powered-by: PHP/7.4.33
content-length: 8886
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET /
qpaytm.com/ 0
0

GET
H2 200 logo.png
qpaytm.com/assets/images/ 55 KB
55 KB 529ms
521ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/assets/images/logo.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

50267f68ff6e56e669e688c3e93a18b5e18cda4760d1ec6a9da6d3a0b5c0e736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 19:13:14 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 56400
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:36 GMT

GET
H2 200 google-play-badge.svg
qpaytm.com/images/ 5 KB
2 KB 1084ms
1077ms Image
image/svg+xml 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/google-play-badge.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

9671a1e59c1b2410247b92dff30ec4ae5c87da856b52b2c5a5be748d84b93b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1869
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 16 Nov 2023 02:57:36 GMT

GET
H2 200 3075750.png
qpaytm.com/images/ 16 KB
0 1085ms
1078ms Image
image/png 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com/images/3075750.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 83690
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:36 GMT

GET WebMoney.png
qpaytm.com/images/ 0
0

GET AdvCash.png
qpaytm.com/images/ 0
0

GET
H2 200 live-online.gif
qpaytm.com//images/ 11 KB
12 KB 527ms
521ms Image
image/gif 162.213.251.239
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpaytm.com//images/live-online.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.213.251.239 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business91-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

06c0d295d3928846f9da170d0e6046fe0c502c2dbebbf506c569765aa74100ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpaytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:57:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 18:54:54 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11423
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 02:57:36 GMT

GET 1556906532_icon.png
qpaytm.com/uploads/ 0
0

GET 1642435462_icon.png
qpaytm.com/uploads/ 0
0

GET PerfectMoney.png
qpaytm.com/assets/icons/ 0
0

GET AdvCash.png
qpaytm.com/assets/icons/ 0
0

GET WebMoney.png
qpaytm.com/assets/icons/ 0
0

GET 1651909006_icon.png
qpaytm.com/uploads/ 0
0

GET Payeer.png
qpaytm.com/assets/icons/ 0
0

GET 1649325662_icon.jpg
qpaytm.com/uploads/ 0
0

GET 1649435662_icon.png
qpaytm.com/uploads/ 0
0

GET 1649337734_icon.png
qpaytm.com/uploads/ 0
0

GET 1556706941_icon.jpg
qpaytm.com/uploads/ 0
0

GET 1649156937_icon.png
qpaytm.com/uploads/ 0
0

GET 1649157596_icon.jpg
qpaytm.com/uploads/ 0
0

GET BankTransfer.png
qpaytm.com/assets/icons/ 0
0

GET 1659641688_icon.png
qpaytm.com/uploads/ 0
0

GET logo_fix.png
qpaytm.com/images/ 0
0

GET dmca_protected_sml_120am.png
qpaytm.com/images/ 0
0

GET GooglePlay.png
qpaytm.com/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22686112214902543%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fqpaytm%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fqpaytm.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19670.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1009783539&__s=%3A%3An8jqc9&__hsi=7299291125710287262&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__csr=&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__hs=19670.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7299291125710287262&__req=3&__rev=1009783539&__s=%3A%3An8jqc9&__sp=1&__user=0&dpr=1&jazoest=21874&lsd=Rx9zTkr1bnlP5cCJSDW6WG

Domain: qpaytm.com
URL: https://qpaytm.com/

Domain: qpaytm.com
URL: https://qpaytm.com/

Domain: qpaytm.com
URL: https://qpaytm.com/images/WebMoney.png

Domain: qpaytm.com
URL: https://qpaytm.com/images/AdvCash.png

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1556906532_icon.png

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1642435462_icon.png

Domain: qpaytm.com
URL: https://qpaytm.com/assets/icons/PerfectMoney.png

Domain: qpaytm.com
URL: https://qpaytm.com/assets/icons/AdvCash.png

Domain: qpaytm.com
URL: https://qpaytm.com/assets/icons/WebMoney.png

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1651909006_icon.png

Domain: qpaytm.com
URL: https://qpaytm.com/assets/icons/Payeer.png

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1649325662_icon.jpg

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1649435662_icon.png

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1649337734_icon.png

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1556706941_icon.jpg

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1649156937_icon.png

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1649157596_icon.jpg

Domain: qpaytm.com
URL: https://qpaytm.com/assets/icons/BankTransfer.png

Domain: qpaytm.com
URL: https://qpaytm.com/uploads/1659641688_icon.png

Domain: qpaytm.com
URL: https://qpaytm.com/images/logo_fix.png

Domain: qpaytm.com
URL: https://qpaytm.com/images/dmca_protected_sml_120am.png

Domain: qpaytm.com
URL: https://qpaytm.com/images/GooglePlay.png

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qpaytm.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2c369d35f8214044ce31f1359f3cb4d5
qpaytm.com/	1970-01-21 01:40:58	Name: lang Value: English
.qpaytm.com/	1970-01-20 16:06:25	Name: _gid Value: GA1.2.762133028.1699498649
.qpaytm.com/	1970-01-20 16:04:58	Name: _gat_UA-142406896-1 Value: 1
.qpaytm.com/	1970-01-20 16:04:58	Name: _gat_gtag_UA_162781732_1 Value: 1
.qpaytm.com/	1970-01-21 01:40:58	Name: _ga_QST2QJMMBE Value: GS1.1.1699498649.1.0.1699498649.0.0.0
.qpaytm.com/	1970-01-21 01:40:58	Name: _ga Value: GA1.1.1946798143.1699498649
.qpaytm.com/	1970-01-21 01:40:58	Name: _ga_ZDZM00Z8S7 Value: GS1.2.1699498649.1.0.1699498649.0.0.0
.qpaytm.com/	1970-01-21 01:26:34	Name: __gads Value: ID=9e741cd308d6782d:T=1699498649:RT=1699498649:S=ALNI_MY8v_eglssjADTlYt1MNqTxXbZoUg
.qpaytm.com/	1970-01-21 01:26:34	Name: __gpi Value: UID=00000cbd817e1ea5:T=1699498649:RT=1699498649:S=ALNI_MbbZjlstaAF7DB3NtSGzYDpgoKFEg
.doubleclick.net/	1970-01-21 01:26:34	Name: IDE Value: AHWqTUntWSVz14mqo1nOQ6mUZ-aEN5Kx5L1KVsnVHxRsZ78PJdMEYfOFJYxnyRnPf5I
.adnxs.com/	1970-01-20 18:14:34	Name: uuid2 Value: 6256888199285840263
.casalemedia.com/	1970-01-21 00:50:34	Name: CMID Value: ZUxKnPKfXig9nXFxNa9WaAAA
.casalemedia.com/	1970-01-20 18:14:34	Name: CMPS Value: 2240
.casalemedia.com/	1970-01-20 18:14:34	Name: CMPRO Value: 2240
.doubleclick.net/	1970-01-20 20:24:10	Name: APC Value: AfxxVi5k7S8a6LAceZ_uiECTsyyaDrc0geBbpsxpnuKX5V9D4wErmQ
.adnxs.com/	1970-01-20 18:14:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTuj^A[[!]tbPl1M>e)ZlrFUfJ+tGXxoT`YL'jX:v3pC[?b9_bHd=E?[laQ<8]a+hx>=3If)y3KL9D3I?+4fvaMk
.adfarm1.adition.com/	1970-01-20 18:14:34	Name: UserID1 Value: 7299291129939490963
.quantserve.com/	1970-01-20 18:14:34	Name: d Value: EAMBCQGxKoEA
.quantserve.com/	1970-01-21 01:35:13	Name: mc Value: 654c4a9c-39853-4829b-6f439
.de17a.com/	1970-01-21 00:43:22	Name: guid Value: 1.8208275763828267329
.yahoo.com/	1970-01-21 00:50:56	Name: A3 Value: d=AQABBJxKTGUCEK2SiubV2OnqSvI1qvLyMeIFEgEBAQGcTWVWZQAAAAAA_eMAAA&S=AQAAAkm0Ncm1vCR1Xu3edCG02cE
.adform.net/	1970-01-20 16:48:10	Name: C Value: 1
.adform.net/	1970-01-20 17:31:22	Name: uid Value: 6506594291062910697
.turn.com/	1970-01-20 20:24:10	Name: uid Value: 3707418760266602834
qpaytm.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: FKE0JzbsvYoN0LHDkmNWW
qpaytm.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.qpaytm.com/	1970-01-20 20:24:10	Name: twk_uuid_5dbd124e154bf74666b71dfc Value: %7B%22uuid%22%3A%221.1hH9R7sJA0sLrgI8aqeWxLN354kH5q8sFDV4B8XCOG8MsvaoY8LanZmGvIPTGjRgQdkD1cIHHrwU2gX75xn7iBxm973H8QKes8cqoz4ltkHvPl01veK%22%2C%22version%22%3A3%2C%22domain%22%3A%22qpaytm.com%22%2C%22ts%22%3A1699498654148%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
qpaytm.com
r.turn.com
region1.google-analytics.com
s0.2mdn.net
scontent.xx.fbcdn.net
static.xx.fbcdn.net
tpc.googlesyndication.com
va.tawk.to
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
qpaytm.com
www.facebook.com
104.18.36.155
142.250.185.98
142.250.186.162
162.213.251.239
2001:4860:4802:32::36
213.155.156.183
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700::6810:5814
2606:4700::6811:190e
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a02:fa8:8806:12::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3601:1dfc:1fae:3d75:f146
37.157.2.229
37.252.172.123
46.228.164.11
85.114.159.93
0120eb2a975cc77faeb13a5d6609190fa4979d384f9bc737c23bf7b9bc3d2222
01eddcd3c94e027d31455b1a4613bb6ab72d223d445bf862874c822e0cac2818
05b6042f2fd3bf7729b1ba716ff3d3e5886bc6e22af9e7c43e60ba45c0b54f7a
06153f1f0c95ddf7265b0919167fee4f45451e9943c1a4975886743e2b7363c0
06c0d295d3928846f9da170d0e6046fe0c502c2dbebbf506c569765aa74100ec
07a36cb45610b6a45d4d83578aec81e2ad44fc3e6766ae65070f551ce6a74586
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0deb92af73887fda724800c5901250729d1b8ee04b477578e14a97a640fe66c2
0e73977092fc66efc8f9a9c300be11e3b69d6b38a620f6aaffea7aa88e4b5096
0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14
1219bc03d5015c2b2e66cbbf2dbaa6abed374b5b4b93b99f065a5dd73d0b2aa2
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
13e860363805e371521c98f2706e7186b40371c3b6148401b4bf0b9eca9fcf05
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1d718fcb40ca935aa44ed09784e5d2125d97088880fb483192316c489c280bfa
1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3
20946007261e78cf02851f664b62ed711ae80e6b7805e3c6e0d757a594746c96
222e6a49f5a81a3b84a051e5595085331f0d4003ef2562bd2a8b76545e9a3350
26f519a863a99580f25ecbe115fec3151ee46998c3c41e900ed4d5c5c20818a7
2931730958d8b2f7fff55c4828b68687ea87c577f473028d8bcf061d31d7dfe7
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2b3b51a373cdb46bd71ac35930353af741a961821b737d971886e60e561a742b
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2d016b1cde3a6febe82ebafc25c0dbee5667178a6a8dad6ad9fd5c3ecda076d4
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2eb054c2c94d140c301ea2abf67ea87c5f72fc9231e2ecaa36c1caf95faf686c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a576c5b6877513fa05d4a911495a7bc36c1a96d730a559f6f2056680f81598
33313f70893841ea9e3ce7523da2fd2cc28b519f40b379ad658c1853a87356cf
358db197e46c18220231b57ba38c50d92cbe5ccc3f14da9e203b2f2aa3d3943e
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
38d6870bbf7957f9d5869f201e44d11fe0573c9c44be57610c3054c607aa49bb
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
39720917b622376494a097ce406e0a10bb506187eb877538823cda845d415c9b
39d446fc3fb117c98b8f8a3b71487ff7f11be7ac8833dee8d8e5f8d86d73e6a4
39f88fca5107212cd8af4ba7f8fbcce03b31fca019c23acf49be3c403b3ff54e
3b1da9d546bcbc54dac6f57cc5cc8dd91464d868e74dd7ed4389ef9429be8834
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
413e9c722c3ad2d419ff0fa46eebb8379ad92990a218c9933a53cdda10a8b274
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43ed6dff15520338abaa6d0c432c37fab7b4ae373d7d1e94dea50d997ce001ba
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
468e3b22f91ba74f32640d213f0bfa394ed514e300fbc767a5cc7f8885fa7037
471e6e1914ad3c0f80611d2c94c11d06e34b18d41dde34b03d6598a34fa8144c
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
476ea0e935ae6b646dc373f77a52e26e56d9682942f6733fa51906fc5b853529
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0aecb179e21205974808ca60b17e3ab60a9724412af6f2ab543da07324e669
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fcd7017c7a85f957d5cae8a89338e47861bad4b33e168b1c8e9777e16854f36
50267f68ff6e56e669e688c3e93a18b5e18cda4760d1ec6a9da6d3a0b5c0e736
51ffd177abf451ce8a4b001f28981fec46f91135b5cd8fb577410d14f6ee9c7b
535aef91fe33e11da0fe95e1fc3b079782f2eb05eb025521e30ab2180ab6a177
53a3fcf66ca970453eb7277a4b51ba997c1c5c9a65d91ceae6d0e5f34f04d3f7
5527216bb7bb15e6692983953c40ca4b30d0db73870315d04b11ed4aa50b721a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5822d4ee83ff8d1ab55c8a31002f2ee1a1de4fb12e8d6054541fc7f9d05336b0
59a6c4a20422c8cc477efb5d33564c6307f758eafb3c64307aa86e024f981dc7
59e7a306ed707a44859f2939f5370bdb23eeb5b367295b8b69f8e030d518f558
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f4c8582ca830c29d3ae38da8daf98f13d4a6f2789126b04ce5c9c2e682eb261
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
65903b8703d79850e660a2b415ae10306b3ee3015a436327de3f86433d5d774e
67082e98d79aa4792e6599bed6131d0510af19d36b0f95c48f9396801de9a428
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6ce1fb6233607df982f45979af8c0b153e653f332f39794075855b2336335674
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
70c6f5113c1bbf4ab16c83c17bbb2f7a89c14289eccda26031f77c873a30c0ca
73a05ae804a4194a7815704a4843232645008a90ffdb625c3e19948a70f446b8
7434307d32a6a0078240769f36e53e9e910a662c73b6195d6f8e0195df78e759
751b82b616f4e4d6adf4addd01a582d7a56a07479194cd7e20af3c475573201a
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
8000c1c36e3832af83f3c7fcb5378f7e636e1d5cc772e4fce2c7c806732fd8ce
808fb7a487dbaed7bcbfc57fa457b4d537ee3e5bf31ec65efab19cdeee81da5e
88515160b9b6c3e0c54303dc9fae4b43e24a5298424a4379e04064a917303d6f
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8a205ed0713b6e3ac21acc18123e2f3ffd7c8ab92cd9d012c1f91e3fddb58b60
8a34981cda55b2bae3762c709553b06e72e7a9b8de79012c610547f84a34833e
8ad07e0aadbb2fb9bc33d105cca55c48b89e6235a793e2e021365d3938540839
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
92086397c11613b83618c0a58df4dee751b6129728110d50d7b829fb601e0c1d
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9671a1e59c1b2410247b92dff30ec4ae5c87da856b52b2c5a5be748d84b93b72
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066
989163915190aadd1fd5469cc42519cfb91a7b02f335371b7c35370733a8b691
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
aa7e59e6ec8871088cfeb47bac59a6475c815357deef042c61a5c3c965390546
b089f5f65d03da61b611f98336194eb97c019203a97c3899a0d26cd28079b65e
b0a73c12fdc780e305c3c6a55e9dd46beb9ad15b75fcdb2d79d64b45c3bbcc35
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1684a7557296db54fbf016124ef52c8bc70b368dee64dc47aa2f6d2ea3bb711
b53699fdbcf94f5656e9d525c34dbb9a0ab852e5faef6d7d2e1b57c6a9b6b17b
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b5ef57cf95b356899059a8c7bcb56b586dfb025501816e1bca979543d22bc584
b7c291eefa359567e33ecdbc349734e233e579905c7f31012d56afb342d945ad
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bc50ab813f4ef7ff5e90a09382263890aae800f3e66e7a8d7f724917c8fd0691
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
bca125dbc54f56d262bccc08fd6a7c255ceb17885606fcb7ab53ad51668b1a14
bf10912c0f11206a8c43843d9239d8f33e6a16495867d6b42a9e434685be8001
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631
c612c7670757f36b684176aa235af2f24eda1eea5030b7b33c1b72d5ccb4c8b9
c66b345bae7ddfbfd43bd1a0b7a38749edb05af5e7fe19935513d2ec0c3f76ed
cba8122a330e7ed2b4f0e68c5f7e51be70e692fb812ffa2ddca612ee02200c28
cc28df3ac9af0faca2852d738fde6469c4a64755c492e38c0014f68af9b56748
d0665e41f3c6d478e2d7bf31dce68ca102e14510cfa6cc39447dcae70b38b2ec
d161c824de6cb6402a94bcdaa2bd50329e13d18f6777c5e28a8a8c5541916575
d72424a304b053b5efd47699295939cc9e8af3257e72f7aafa90a386bc2517bf
d76a4b47dc9ba8af0fa8ede327c6d0e62d489e0f5bb9fa74b7b88af589fc827b
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d8939063afc1ad54781e268046bab126a0765ef5053a17caa6306eb75c140d9d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e144c19eddd7aa8f7edca47212b77a637d1b19e1622f0dab170c54870380e4d4
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e1dc628870b03236a9185846d23ae29945270a644ce9f596af01bdfdf75ea6aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07992fab84908fa6b49205173324bd8222c08cd447aa7a8f612314909b63123
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f65872c1410405396aeaba066386d79a389bdb63fcfa14f48ec6ac7c04c04142
fa27fa37e85414f337126c9626507c53b4cbf7e961bc5904a8c765eeb5801a21
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fb29aa6b210714cf9316dcaad45a6fda4d5ce4465e66257252fce6bde5e36982
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fcba7deeb9a7bde051eff12eadb2f11fad9a199f277912b826e3b445b78de65e
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
fe5302dc2efd230a5b19c349a9d3a9e94d12a146c813a67048d03dd396e9fcf2
feecba50da721e8ceb0882fb157aa5364e21dd2f118321f7a0f6c26be3d23425

qpaytm.com Open in urlscan Pro 162.213.251.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

221 Requests

58 %HTTPS

72 %IPv6

26 Domains

34 Subdomains

29 IPs

8 Countries

2873 kBTransfer

8056 kBSize

28 Cookies

2 Outgoing links

Page URL History

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qpaytm.com Open in urlscan Pro
162.213.251.239 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

58 %
HTTPS

72 %
IPv6

26
Domains

34
Subdomains

29
IPs

8
Countries

2873 kB
Transfer

8056 kB
Size

28
Cookies

221 HTTP transactions
1 data transactions