www.qic.promo Open in urlscan Pro
52.17.119.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.qic.promo/
Submission: On June 16 via api (June 16th 2024, 11:19:41 am UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 20 domains to perform 53 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.qic.promo.
TLS certificate: Issued by R10 on June 10th 2024. Valid for: 3 months.

This is the only time www.qic.promo was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.17.119.105 52.17.119.105	16509 (AMAZON-02) (AMAZON-02)
15	172.64.153.29 172.64.153.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.232.47 52.222.232.47	16509 (AMAZON-02) (AMAZON-02)
3	18.66.112.117 18.66.112.117	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:284b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:235... 2600:9000:235a:5e00:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2.17.167.9 2.17.167.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
53	24

1 52.17.119.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com

www.qic.promo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-47.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-117.fra56.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:284b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:235a:5e00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.17.167.9 (Rio de Janeiro, Brazil)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-167-9.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 9424	761 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	4 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 937 tr6.snapchat.com — Cisco Umbrella Rank: 1271	1 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	142 KB
3	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 15029	184 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	287 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	73 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8196	127 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132 googleads.g.doubleclick.net — Cisco Umbrella Rank: 63	2 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078 www.google.com — Cisco Umbrella Rank: 5	64 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 938	392 B
1	t.co t.co — Cisco Umbrella Rank: 711	377 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 13911	43 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 881	15 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1286	21 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	qic.promo www.qic.promo	6 KB
53	20

	Domain	Requested by
15	cdn.prod.website-files.com	www.qic.promo cdn.prod.website-files.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com analytics.tiktok.com
5	analytics.tiktok.com	www.qic.promo analytics.tiktok.com
4	tr.snapchat.com	sc-static.net www.qic.promo
3	uploads-ssl.webflow.com	cdn.prod.website-files.com
3	www.googletagmanager.com	www.qic.promo www.googletagmanager.com
2	www.facebook.com	www.qic.promo
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google.de	www.qic.promo
1	tr6.snapchat.com	sc-static.net
1	www.google.com	www.qic.promo
1	px4.ads.linkedin.com	www.qic.promo
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	www.qic.promo
1	t.co	www.qic.promo
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.clickcease.com	www.qic.promo
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	d3e54v103j8qbb.cloudfront.net	www.qic.promo
1	www.qic.promo
53	25

This site contains links to these domains. Also see Links.

Domain
promo.qic.online
qic.online
www.instagram.com
www.facebook.com
instagram.com
facebook.com
twitter.com
www.linkedin.com
www.qcb.gov.qa

Subject Issuer	Validity	Valid
www.qic.promo R10	`2024-06-10` - `2024-09-08`	3 months	crt.sh
prod.website-files.com GTS CA 1P5	`2024-04-26` - `2024-07-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
uploads-ssl.webflow.com Amazon RSA 2048 M02	`2023-07-29` - `2024-08-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-25` - `2024-06-23`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
clickcease.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.qic.promo/
Frame ID: 550E73FB67D69E6BDB4CCD9C4DEF0F52
Requests: 52 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=ed976ef1-51a3-465f-b6b2-22ceeab4ca3d&u_scsid=d3592595-0d88-4e34-a0e1-a6b09e8513fa&u_sclid=fd980283-89fa-4754-9493-8be85f04d090
Frame ID: 87F503C0BC772E4E55E608AC9D30FFEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Choose your guiding star with QIC

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

98 %
HTTPS

38 %
IPv6

20
Domains

25
Subdomains

24
IPs

6
Countries

1587 kB
Transfer

3177 kB
Size

21
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://promo.qic.online/en/stars/
Title: Try your luck ✨

Search URL Search Domain Scan URL

URL: https://promo.qic.online/en/stars?utm_medium=referral&utm_source=qr_code&utm_campaign=stars__web__qatar__travel__broad__all__reach__202406__&utm_content=static__stars_en______broad
Title: Participate now

Search URL Search Domain Scan URL

URL: https://qic.online/en/travel-insurance?utm_medium=referral&utm_source=website&utm_campaign=stars__web__qatar__travel__broad__all__reach__202406__&utm_content=text__all_world______broad
Title: Insure your trip

Search URL Search Domain Scan URL

URL: https://qic.online/ar/travel-insurance-schengen?utm_medium=referral&utm_source=website&utm_campaign=stars__web__qatar__travel__broad__all__reach__202406__&utm_content=text__schengen______broad
Title: Insure your trip

Search URL Search Domain Scan URL

URL: https://www.instagram.com/qic_online/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/qic.online
Title: Facebook

Search URL Search Domain Scan URL

URL: https://qic.online/en/visitors
Title: Visitors Insurance

Search URL Search Domain Scan URL

URL: https://qic.online/en/personal-accident-insurance
Title: Personal Accident

Search URL Search Domain Scan URL

URL: https://qic.online/en/boat-yacht-insurance
Title: Boat & Yacht

Search URL Search Domain Scan URL

URL: https://qic.online/en/car-insurance
Title: Car

Search URL Search Domain Scan URL

URL: https://qic.online/en/home-insurance
Title: Home Contents

Search URL Search Domain Scan URL

URL: https://qic.online/en/motorcycle-insurance
Title: Motorcycle

Search URL Search Domain Scan URL

URL: https://instagram.com/qic_online

Search URL Search Domain Scan URL

URL: http://facebook.com/qic.online

Search URL Search Domain Scan URL

URL: https://twitter.com/qic_online

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/qiconline/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://qic.online/pdf/QIC_Data_Privacy_Notice.pdf
Title: Data Privacy Notice

Search URL Search Domain Scan URL

URL: https://qic.online/pdf/Rules_for_Stars2.pdf
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: http://www.qcb.gov.qa/english/pages/default.aspx
Title: Qatar Central Bank

Search URL Search Domain Scan URL

URL: https://promo.qic.online/en/stars
Title: Participate now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6733449%26time%3D1718536773272%26url%3Dhttps%253A%252F%252Fwww.qic.promo%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F&cookiesTest=true&liSync=true&e_ipv6=AQLZgn-2zjRh3QAAAZAgxiJzx3bIVp0ag2kjIqqAkJD4FgDLd1f_7T2M0aOMRYmA6cFviPMo

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.qic.promo/ 24 KB
6 KB 1110ms
611ms Document
text/html 52.17.119.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qic.promo/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d0cd2d75b61befd642d7916157c220ad432f2391ed0740343103d4a13bda02a6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 6053
content-type: text/html
date: Sun, 16 Jun 2024 11:19:31 GMT
vary: x-wf-forwarded-proto, Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cluster-name: eu-west-1-prod-hosting-red
x-lambda-id: 55bffd26-8f5d-46f2-9a8b-bf8c72fd3708
x-served-by: cache-dub4330-DUB
x-timer: S1718536771.137515,VS0,VE530

GET
H3 200 shooting-stars-480c00.webflow.bf9306b76.min.css
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/ 54 KB
13 KB 639ms
552ms Stylesheet
text/css 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55ff169cccca2657e4241253847f93d679be9768b54477a756bf1f3fa13a51da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
content-encoding: gzip
x-amz-version-id: vx680EmRd67jjyUiW2IndcMzf7VDPlfw
cf-cache-status: HIT
x-amz-request-id: BDV52CZFV3TNM0XJ
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 12718
x-amz-id-2: AjFNx5JLM2tF0M4ULgpPkBWLFR8L/wo7X3HTE4LmXPJk0sllXoL/s0aOjMvKxuFeOBfahoYwpSw=
last-modified: Thu, 13 Jun 2024 13:43:45 GMT
server: cloudflare
etag: "e52fa9d953ee30edb2a682e44e806792"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
cf-ray: 894a67c9088eb620-WAW
expires: Mon, 17 Jun 2024 10:49:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
101 KB 174ms
74ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87ea358414fe60d9466f3f82421f127ceada3865011350b865218d99b7574e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 11:19:32 GMT

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 158ms
49ms Script
application/javascript 52.222.232.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=664dfbdb2927f81691ee601c
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Origin: https://www.qic.promo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 05:44:52 GMT
content-encoding: br
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
age: 20098
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: mpLNQ4yk0ES8ZQyStTnT_5kUC-jlu_b5BPp2f8DMsyCy4ZsDZZyRng==

GET
H3 200 webflow.e564ebfa2.js Show response
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/js/ 225 KB
70 KB 319ms
234ms Script
text/javascript 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/js/webflow.e564ebfa2.js
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa067b1e3bc3342512199c305d2db2acaaa51892b06320d1f73ac8df10138cd5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
content-encoding: gzip
x-amz-version-id: u5A9AAki4QEfiAf5cd1N8WVmeKk3j2p0
cf-cache-status: HIT
x-amz-request-id: BDVD3JDJ68VPDPYH
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 71074
x-amz-id-2: AIC8fferSBa0sqJBLFc0lWBcv2x0lCsYrDxLbN+Iwmc4eOIdf9KllYJLENtb72cWsLbEw7B/ihXXo+dcgYNnoJ7R7zZCFzb7tGJNQTwgPug=
last-modified: Thu, 13 Jun 2024 13:43:45 GMT
server: cloudflare
etag: "2ab30657b1f388c91b78379ad758a68f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
cf-ray: 894a67c90890b620-WAW
expires: Mon, 17 Jun 2024 10:49:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
105 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ba2e6fd461e743415b976369dee60853d13afa3bdf8ee2a7a55745b3281940d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107068
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jun 2024 11:19:32 GMT

GET
H3 200 6667c943254a0d36363d2eb5_img-bg-dunes.webp
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 80 KB
81 KB 215ms
214ms Image
image/webp 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6667c943254a0d36363d2eb5_img-bg-dunes.webp
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9f6e15e2384adc5ac39d5c9f4424ed6ac901544d7b33dc391023ddac2743636

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: qsaICN0Bfzgpktm4K6SzkPoCygYs9LM9
cf-cache-status: HIT
x-amz-request-id: FSZTWE43TRBB35N6
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 82144
x-amz-id-2: k89PpH/iCglD+xwItrH/brv2SdscikFNp4v2p1yFT5HJi7XILF6sG4N9eHOlxetTkpMIcZlRdy0Sp6AWs7GgpN+s2k40/rhp
last-modified: Tue, 11 Jun 2024 03:50:36 GMT
server: cloudflare
etag: "df6bb7934a556eadd50b52cdfee3cdff"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
cf-ray: 894a67ccdf67b620-WAW
expires: Mon, 17 Jun 2024 10:49:32 GMT

GET
H3 200 6652c36748822071f5fadfaf_ic-instagram.svg
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 2 KB
1 KB 272ms
272ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6652c36748822071f5fadfaf_ic-instagram.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa8cf8a1156da76df2454fe6f4fe86caa2738e3afa231f3d511bb2fa4b22a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: ItEfW0HXb7xmGQXELAhSa.0PJ5KsBVzB
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 32FZ8XEPG3ZEMDM1
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: L5HAJe5k0KHCh0zrh/WJ1TxoER18Ie+ZpEIsTOCjOZUaFgtYmetAldjPyQJzujPT93hhlodwtRU=
last-modified: Sun, 26 May 2024 05:06:49 GMT
server: cloudflare
etag: W/"e731580d03ae09d4c61fdb1639da3cf1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 894a67ccdf76b620-WAW
expires: Mon, 16 Jun 2025 11:19:32 GMT

GET
H3 200 6652c36797507adc8f5625b0_ic-facebook.svg
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 1 KB
1 KB 105ms
105ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6652c36797507adc8f5625b0_ic-facebook.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 962c75398fec5b7bba541ed81618d4396f9cdb7a911306261afc3e86354c5a66

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: OXE0KdnpHVkpCG420OKdoxdhe7bLplA5
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: FKS0S51TWAM7W2GT
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5WevYJ9dkk3oCJ7uFqVoVNwe90n96LrjagdOKJCTAA+fnZJ1/TXj1M5yDAPORfex6oNVDO2EQLDF1LLJp8WcYU/evipCsMRXmtqj42SEMTk=
last-modified: Sun, 26 May 2024 05:06:49 GMT
server: cloudflare
etag: W/"fc7beb7ced8d5dc0de3be694710d9fbd"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 894a67ccef7cb620-WAW
expires: Mon, 16 Jun 2025 11:19:32 GMT

GET
H3 200 6652c36748822071f5fadfac_ic-x.svg
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 369 B
682 B 98ms
98ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6652c36748822071f5fadfac_ic-x.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7f713d4726c5ba75cfdb61c9d03d41a422dea47493b0caad0d29f646d698ba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: tUwIxvI.ztuCmiU3RI1XLlvGynuOgvYN
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: BXP1PQF11PHCYVJE
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7v+DNO/dm33eE3rXal7/o+3FGI6a/gGz3iP9SHSTez/HwlE8DhZkGrKLW+GksWOzvgQNcdIJVTkJP7Uc8iAD13maFm7UT9z8AxiXSUucQ+4=
last-modified: Sun, 26 May 2024 05:06:49 GMT
server: cloudflare
etag: W/"da3d53959149d0d7cb2ec8fd3c612f7a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 894a67ccff9fb620-WAW
expires: Mon, 16 Jun 2025 11:19:32 GMT

GET
H3 200 6652c3677d431aabc44fadd6_ic-linkedin.svg
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 595 B
736 B 114ms
114ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6652c3677d431aabc44fadd6_ic-linkedin.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3803fc56073995476714cc66a0f28b321e56ec5bc17cf5337032953fbff50eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: QC6XiWLrtpwc9Ro_Q7feDzHy_NTOZlX3
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: BXPCYFE4CGJNZH5E
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: lLE8oL8ijN0nIkW5rXIV3IK8GON2layeeRf4Z6+yaRCRYu7sK69OThlnyKTUTIcGcZACsHEsYms=
last-modified: Sun, 26 May 2024 05:06:48 GMT
server: cloudflare
etag: W/"dece45db66cace0c0f29411494b7ec56"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 894a67ccffa3b620-WAW
expires: Mon, 16 Jun 2025 11:19:32 GMT

GET
H2 200 6665c12ba9dda0f79cb94d9a_Izmir-Semibold.otf
uploads-ssl.webflow.com/664dfbdb2927f81691ee601c/ 61 KB
62 KB 550ms
97ms Font
application/x-font-otf 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/664dfbdb2927f81691ee601c/6665c12ba9dda0f79cb94d9a_Izmir-Semibold.otf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04388d46bf986bab3d32b86da3e19c3e4b8c0ef238b2162a6f1776cf07a1cb25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.prod.website-files.com/
Origin: https://www.qic.promo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:19:22 GMT
x-amz-version-id: c418bhqnyLHtc21fczK2j2wU91JDi82T
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 536411
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 62840
last-modified: Sun, 09 Jun 2024 14:50:21 GMT
server: AmazonS3
etag: "47238b25883c8ad9f29fbc52eb371bbd"
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: jP9h_hqpMYFOAtXXz0B5Grd2y-JOyHk9Wu3c0dPmbpCbmXMyD5J_eA==

GET
H2 200 6665c12b30132e4759061eaa_Izmir-Regular.otf
uploads-ssl.webflow.com/664dfbdb2927f81691ee601c/ 60 KB
60 KB 500ms
48ms Font
application/x-font-otf 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/664dfbdb2927f81691ee601c/6665c12b30132e4759061eaa_Izmir-Regular.otf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb85918a9b0e5a7d4e0bcce16c43d16fd08d978f3175a4ca8931424570dcaf76

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.prod.website-files.com/
Origin: https://www.qic.promo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:19:22 GMT
x-amz-version-id: I9gvSfFyrGEtnIq763ANqJoZBVIF08RY
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 536411
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 61224
last-modified: Sun, 09 Jun 2024 14:50:21 GMT
server: AmazonS3
etag: "82d7e9377412bcd7cad6bd4d94c4a7ff"
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: tmFuUGnvtNLSRR0OertcvrGW6hTKhzwbMxrsxNBATJLFB5cu50lJpA==

GET
H2 200 6665c12bc3994e0e59a05c3c_Izmir-Medium.otf
uploads-ssl.webflow.com/664dfbdb2927f81691ee601c/ 61 KB
61 KB 570ms
133ms Font
application/x-font-otf 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/664dfbdb2927f81691ee601c/6665c12bc3994e0e59a05c3c_Izmir-Medium.otf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/css/shooting-stars-480c00.webflow.bf9306b76.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8cf22e35113ac293f5dadb9bf8da1b924b14b7efd5554819ea50766e750c6b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.prod.website-files.com/
Origin: https://www.qic.promo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:19:22 GMT
x-amz-version-id: v9lGH_GQ0aM4UtySb1rp1MHrFQORkZDh
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 536411
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 62324
last-modified: Sun, 09 Jun 2024 14:50:21 GMT
server: AmazonS3
etag: "5c2135a5baf4902a84ca54e214fc1b2f"
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: FimArmGwr88ibjyrvvneg4Z13rnRzR8z63FoXYbowE161Gbs7WMMqQ==

GET
H3 200 666877d0ec3b130c8a868df8_qic-logo-60-years.svg
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 7 KB
3 KB 109ms
108ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/666877d0ec3b130c8a868df8_qic-logo-60-years.svg
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7be9c201d2d1bccf4743b7c6cfc736f33d40b810a3831538332a2d65f9a06d9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: rvKRjEHPSYwsqya8Srq2wo.hs.BqZjz5
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: JV0B7WJR7364FMPH
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Y3jhsML+1eeWOdf2DAZSD8npvIQLphKoBs6oin/XgrFm4e2BUvka8UClxcQNhqirNhlgynaFVzg=
last-modified: Tue, 11 Jun 2024 16:14:11 GMT
server: cloudflare
etag: W/"01ae3d2af084386578b8b23bf4b60427"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 894a67cd3827b620-WAW
expires: Mon, 16 Jun 2025 11:19:32 GMT

GET
H3 200 6669c4bbbc2cd26af51846f3_img-prize-iphone%20(1).png
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 453 KB
454 KB 227ms
225ms Image
image/png 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6669c4bbbc2cd26af51846f3_img-prize-iphone%20(1).png
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5cda114236b4f18ed565229cabdccd57f2d7692bcd85f0a7c970de391f4ef00

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: UFoywvGpe7ceYloqC5pRC2dnjoNSYDuo
cf-cache-status: HIT
x-amz-request-id: VKZGGT5QMMVDDDXR
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 464065
x-amz-id-2: Zb0puLLP4SiS21CEvGM6TIUm3QkFtUx7vAeYki+IA9DmdQw0Kf/kNPMyKh7rXr8wisnEd80eXdU=
last-modified: Wed, 12 Jun 2024 15:54:39 GMT
server: cloudflare
etag: "58e070c6a31652c95c9e5e8f5dbadb44"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 894a67cd382cb620-WAW
expires: Mon, 16 Jun 2025 11:19:32 GMT

GET
H3 200 6669c4bbbc2cd26af51846f3_img-prize-iphone%20(1)-p-500.png
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 27 KB
27 KB 137ms
134ms Image
image/png 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6669c4bbbc2cd26af51846f3_img-prize-iphone%20(1)-p-500.png
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d6eeff339f37c82d9aa1b68b008537af524d2b5c1bf9d67bca6f122537b522

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: T9u8HiM98X_EKNBM7jebGQqCw5jPdlEP
cf-cache-status: HIT
x-amz-request-id: HB857ATNEDQ7ZHE7
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 27185
x-amz-id-2: sEMcJuOdQo/4aftsYJCRDhezCIgPjOM3zVmOhjTUn2Oxpl1LEl3yPczyy8r9Yrwhe1VNMtwLnUrEsPKKjzTToO3CwisAObPR
last-modified: Wed, 12 Jun 2024 15:54:47 GMT
server: cloudflare
etag: "f76e329160f9d30cd8dfda72db0074af"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 894a67cd382fb620-WAW
expires: Mon, 16 Jun 2025 11:19:32 GMT

GET
H3 200 6669b9528377dffc75e0cc14_img-prize-suitcase-p-500.webp
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 25 KB
26 KB 230ms
228ms Image
image/webp 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6669b9528377dffc75e0cc14_img-prize-suitcase-p-500.webp
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7964c99af038b259ff8e6b0196dd42333855bb2d91aa939d5d000c522b38c8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: XBBSv20qHVzHN7NJnsn4zkM_LEVkP91O
cf-cache-status: HIT
x-amz-request-id: 2PT2H8ZBKGHK7QE1
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 26010
x-amz-id-2: lvLL4YdXyQOb5c2375I0Dz/AMaD7t+Fhx+mgumtKolAPRoDPddytpqWefY5o8AT/GGpH/dwtng+i3IKgoVJtGOqP/tWCgq1O
last-modified: Wed, 12 Jun 2024 15:16:30 GMT
server: cloudflare
etag: "a2d9ed057711cc0972b3cbbd404d4f04"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
cf-ray: 894a67cd3833b620-WAW
expires: Mon, 17 Jun 2024 10:49:32 GMT

GET
H3 200 6669b670e6bb2abb06364bbb_img-prize-travel-pack-p-500.webp
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 12 KB
12 KB 86ms
85ms Image
image/webp 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/6669b670e6bb2abb06364bbb_img-prize-travel-pack-p-500.webp
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed6625bebe81498cd3d93e8f7fe5b45374e84b96b604034a266dc0a32d9beebf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: v_kVIQpcFBiFkSe4et5zsqASPpFyuA18
cf-cache-status: HIT
x-amz-request-id: 2PT41NHQXWM0D74N
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 12080
x-amz-id-2: KyVn6FPx1Ba7lD878aUXqSPl1URQ9eQQfEYWKT9kVXoHe4knMuh2/ubAUnIvLRPQSlZdOHYvrjA=
last-modified: Wed, 12 Jun 2024 15:16:30 GMT
server: cloudflare
etag: "77ec488d19ea418eff57b1a374b28534"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
cf-ray: 894a67cd3836b620-WAW
expires: Mon, 17 Jun 2024 10:49:32 GMT

GET
H3 200 666060c407bfc15a17004161_img-prize-gift-p-500.webp
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 9 KB
10 KB 1008ms
1007ms Image
image/webp 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/666060c407bfc15a17004161_img-prize-gift-p-500.webp
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e8f61b9d97320c256f84d266d047db687a709764b3cf43f72d38c236b8ff59

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: cf5co3DjhhohCBn.z9t.L_lsTvOdE79d
cf-cache-status: HIT
x-amz-request-id: 4ENZ0XHSW2RCMTEG
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 9476
x-amz-id-2: ahDfq22SyvDE4r80gqtFYmSSLOi4V2hRu3dp02v6RYb+1TPorMmi97ytcLh93v9g3RPtpJyA34k=
last-modified: Wed, 05 Jun 2024 12:59:34 GMT
server: cloudflare
etag: "9b06bf5f9cf5a50395cade2c35ef03a6"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
cf-ray: 894a67cd3837b620-WAW
expires: Mon, 17 Jun 2024 10:49:32 GMT

GET
H3 200 666af5c6e99b17dd29f5710b_img-qr-p-500.png
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 60 KB
60 KB 89ms
88ms Image
image/png 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/666af5c6e99b17dd29f5710b_img-qr-p-500.png
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14808a061b6852ff1815780aa3561fd217537081c6febb4b96348826b2931439

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
x-amz-version-id: ae_jT1rgmLk3tKc4P8hquF0n.owRMj6g
cf-cache-status: HIT
x-amz-request-id: FKSEG9X3ZY9CYE2A
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 61133
x-amz-id-2: 2iVXxWGUcO/+3621/3KmGGq8Lr+udlKqYkluHDExOrMjXWeA5lC+vTKSrPX2CjsKI3ND9Ei2NoPmXX4j5nFUcTuL/Z/IeRjL
last-modified: Thu, 13 Jun 2024 13:36:11 GMT
server: cloudflare
etag: "e47ed3f64d5de0a9b8350508b450ab8d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 894a67cd383ab620-WAW
expires: Mon, 16 Jun 2025 11:19:32 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 353ms
49ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VRPMCST53D&gtm=45je46c0v880855059za200&_p=1718536772544&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1240908060.1718536773&ecid=1673290824&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718536772&sct=1&seg=0&dl=https%3A%2F%2Fwww.qic.promo%2F&dt=Choose%20your%20guiding%20star%20with%20QIC&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=2257&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:19:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.qic.promo
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 357ms
53ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VRPMCST53D&cid=1240908060.1718536773&gtm=45je46c0v880855059za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:19:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.qic.promo
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 342ms
47ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TSY4GRJEX4&gtm=45je46c0v880855059za200&_p=1718536772544&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1240908060.1718536773&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718536772&sct=1&seg=0&dl=https%3A%2F%2Fwww.qic.promo%2F&dt=Choose%20your%20guiding%20star%20with%20QIC&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2271&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:19:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.qic.promo
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 355ms
66ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VRPMCST53D&cid=1240908060.1718536773&gtm=45je46c0v880855059za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=121652058

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:19:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 47 KB
21 KB 308ms
71ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4805ef81fe77acaa28e334ceaf5b9e2773cfffaf6d53f0b01811c57f19fe4802

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
content-encoding: gzip
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 20523
x-amz-cf-id: 59hPsfsxfzxUKSef0Bf-YL2a4O751lH4pVYf_5CUydkhQQuI_XL3uw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 297ms
46ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Jun 2024 11:19:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2815, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: l/kg/GffP9kuWGSDH4y+3NxLMD79JAgIfoy2qy7Ys4c0kYUgZBGdVl8sewJN8wwuFmDQ0tSSI9bp0RPGhXP06g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 293ms
43ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220084-FRA

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 80ms
80ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-AW-327017376&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5381f66a92a9de3cd5b5dc9443969753003fb44ef735809411715507d36d9ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83655
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jun 2024 11:19:32 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 303ms
73ms Script
application/javascript 2a02:26f0:3100::1735:284b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:284b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=59172
accept-ranges: bytes
content-length: 16683

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 142 KB
43 KB 269ms
48ms Script
application/javascript 2600:9000:235a:5e00:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:235a:5e00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding: gzip
via: 1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
date: Sun, 16 Jun 2024 11:19:23 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop: FRA60-P9
age: 12
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 09:05:15 GMT
server: AmazonS3
etag: W/"e112b8bf96f23bc2970347a3c98e37fc"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: M9BBl6ui6XARy6djkLkktXKaOcib3jom68Jhiikp4ndxeoMA0pxPEQ==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 907ms
363ms Script
application/javascript 2.17.167.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDH1C9BC77UEKJIGVU8G&lib=ttq
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.167.9 Rio de Janeiro, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-167-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9ac77a46604705bb3c4838acf07180e7a2682dff6d1831055e7bf0b2a599bfd3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 430177f6.b5a7c30d
date: Sun, 16 Jun 2024 11:19:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240616111933FED68230316F64A599CD-20A05D310841DCCA-00
x-cache: TCP_MISS from a2-16-120-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 137,2.16.120.9
server-timing: cdn-cache; desc=MISS, edge; dur=124, origin; dur=13, inner; dur=4
content-length: 2198
pragma: no-cache
server: nginx
x-tt-logid: 20240616111933FED68230316F64A599CD
x-cache-remote: TCP_MISS from a23-218-223-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.218.223.9
x-tt-trace-host: 01532689ef7b4246a455764dd731acb3d3507a3579a80ba5a6f970bc39993620d6665d257ad9e5fc3ad18fd1f264b27ae1ef9fbaf6883ce234cdbec0e87212ab0f4065b97cbb0c27626674fbccfdb7f34c3a7f28fab8cbe090a713064a686c5133367282d9bda864c1301f692f97ec2f24
expires: Sun, 16 Jun 2024 11:19:33 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-327017376/ 3 KB
1 KB 168ms
80ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-327017376/?random=1718536773143&cv=11&fst=1718536773143&bg=ffffff&guid=ON&async=1&gtm=45be46c0z8849131735za201zb849131735&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.qic.promo%2F&hn=www.googleadservices.com&frm=0&tiba=Choose%20your%20guiding%20star%20with%20QIC&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-327017376&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fde54f0a91d979e11c088b5779c1d6d12a270fed88dede5e4d82c955827f32ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:19:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1428
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 289ms
146ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b7bb53d8-6aff-4091-a9b4-6f0ed354ff8f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=33a32895-44d3-4c31-8981-d5fc21cce9e2&tw_document_href=https%3A%2F%2Fwww.qic.promo%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv2bb&type=javascript&version=2.3.30

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 103
date: Sun, 16 Jun 2024 11:19:32 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9e3b3cebbc194318
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: e5e16fdad61afdc50109832bc8813925db70851753c4017415df50c10595b487
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
392 B 359ms
222ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b7bb53d8-6aff-4091-a9b4-6f0ed354ff8f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=33a32895-44d3-4c31-8981-d5fc21cce9e2&tw_document_href=https%3A%2F%2Fwww.qic.promo%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv2bb&type=javascript&version=2.3.30

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 182
date: Sun, 16 Jun 2024 11:19:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1a98895cec26a416
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: b00a9de4e8f4834e5d19297c7641bf5572f0811ff01406de62c0cd3550233793
content-length: 43

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 322ms
161ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7AE7B071528847ECA10CEAF70B23F298 Ref B: DUS30EDGE0719 Ref C: 2024-06-16T11:19:33Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYbAAXrABox0rdyNBdeEQ==
x-fs-uuid: 00061b0005eb001a31d2b77234175e11

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6733449%26time%3D1718536773272%26url%3Dhttps%253A%252F%252Fwww.qic.promo%252F%26c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F&cookiesTest=true&liSync=true&e_ipv6=AQLZgn-2zjRh3QAAAZAgxiJzx3bIVp0ag2kjIqqAkJD4FgD...

0
264 B

401ms
224ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F&cookiesTest=true&liSync=true&e_ipv6=AQLZgn-2zjRh3QAAAZAgxiJzx3bIVp0ag2kjIqqAkJD4FgDLd1f_7T2M0aOMRYmA6cFviPMo
Requested by: Host: www.qic.promo
URL: https://www.qic.promo/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.qic.promo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A29CFE013B4A4B61A92A2F926EA20EAE Ref B: FRAEDGE1507 Ref C: 2024-06-16T11:19:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbAAX8o3e8TEpIjlTMCA==

Redirect headers

date: Sun, 16 Jun 2024 11:19:34 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2D4373583A6749A6918CA017D14D84C2 Ref B: DUS30EDGE0310 Ref C: 2024-06-16T11:19:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6733449&time=1718536773272&url=https%3A%2F%2Fwww.qic.promo%2F&cookiesTest=true&liSync=true&e_ipv6=AQLZgn-2zjRh3QAAAZAgxiJzx3bIVp0ag2kjIqqAkJD4FgDLd1f_7T2M0aOMRYmA6cFviPMo
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbAAX2d3w7ENh45Q0oQQ==

GET
H2 200 ed976ef1-51a3-465f-b6b2-22ceeab4ca3d.js Show response
tr.snapchat.com/config/promo/ 200 B
476 B 315ms
144ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/promo/ed976ef1-51a3-465f-b6b2-22ceeab4ca3d.js?v=3.19.1-2406112356

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f49fa9a8d3610719cfb5eac76d6115fe014746a5014e2aaf3372b4c0403bb3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Origin: https://www.qic.promo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.qic.promo
x-envoy-upstream-service-time: 95
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200

GET
H2 200 i
tr.snapchat.com/cm/ Frame 87F5 0
0 213ms
57ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=ed976ef1-51a3-465f-b6b2-22ceeab4ca3d&u_scsid=d3592595-0d88-4e34-a0e1-a6b09e8513fa&u_sclid=fd980283-89fa-4754-9493-8be85f04d090

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.qic.promo/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 16 Jun 2024 11:19:33 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
454 B 222ms
58ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=ed976ef1-51a3-465f-b6b2-22ceeab4ca3d&ev=PAGE_VIEW&intg=gtm&pids=ed976ef1-51a3-465f-b6b2-22ceeab4ca3d&u_c1=c171963d-d731-4f49-b9e5-3a17cfb8100f&u_sclid=fd980283-89fa-4754-9493-8be85f04d090&u_scsid=d3592595-0d88-4e34-a0e1-a6b09e8513fa&bg=false&bt=1d53c387&d_a=x86&d_bvs=%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.61%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.61%22%7D%5D&d_os=10.0.0&d_ot=Win32&df=true&huah=true&m_dcl=2308&m_fcps=2181&m_pi=2308&m_pl=0&m_pv=2&m_rd=2737&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.qic.promo%2F&trackId=6aeb0f02-3543-48d6-a07c-949fef7b4554&ts=1718536773327&v=3.19.1-2406112356

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 916738272525912 Show response
connect.facebook.net/signals/config/ 63 KB
14 KB 115ms
114ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/916738272525912?v=2.9.158&r=stable&domain=www.qic.promo&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

158a1dcff007a077ceb39fac8fa5730af21ab19b0bf98ea6bc76b43618e030fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Jun 2024 11:19:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=65, mss=1297, tbw=63575, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: public
x-fb-debug: bab7P7pDSu8aS0Mu/gw9eumgpwROaElhR6iZ/+b4I3Ks7kNKRN1knsvWlaySQ9PBCFEyDbT/rR1Tij2WpybN1g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-327017376/ 42 B
64 B 177ms
62ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-327017376/?random=1718536773143&cv=11&fst=1718535600000&bg=ffffff&guid=ON&async=1&gtm=45be46c0z8849131735za201zb849131735&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.qic.promo%2F&hn=www.googleadservices.com&frm=0&tiba=Choose%20your%20guiding%20star%20with%20QIC&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL_ZhU-dEVsR_znpM7SwlM5kP4Bnn5Og&random=1568558477&rmt_tld=0&ipr=y

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:19:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/AW-327017376/ 42 B
64 B 61ms
60ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-327017376/?random=1718536773143&cv=11&fst=1718535600000&bg=ffffff&guid=ON&async=1&gtm=45be46c0z8849131735za201zb849131735&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.qic.promo%2F&hn=www.googleadservices.com&frm=0&tiba=Choose%20your%20guiding%20star%20with%20QIC&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL_ZhU-dEVsR_znpM7SwlM5kP4Bnn5Og&random=1568558477&rmt_tld=1&ipr=y

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:19:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 283ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=916738272525912&ev=PageView&dl=https%3A%2F%2Fwww.qic.promo&rl=&if=false&ts=1718536773536&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1718536773526.545865461970620428&pm=1&hrl=fe9e7b&ler=empty&cdl=API_unavailable&it=1718536773370&coo=false&tm=1&cs_cc=1&cas=25248150038164816%2C4131117567000930%2C4245811308831949&rqm=GET

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2840, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Jun 2024 11:19:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 578ms
335ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=916738272525912&ev=PageView&dl=https%3A%2F%2Fwww.qic.promo&rl=&if=false&ts=1718536773536&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1718536773526.545865461970620428&pm=1&hrl=fe9e7b&ler=empty&cdl=API_unavailable&it=1718536773370&coo=false&tm=1&cs_cc=1&cas=25248150038164816%2C4131117567000930%2C4245811308831949&rqm=FGET

Requested by

Host: www.qic.promo
URL: https://www.qic.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x83f4e273352ecbd0","source_keys":["1","2"]},{"key_piece":"0xf46ba8fd6e3571ca","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 16 Jun 2024 11:19:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3158, tp=-1, tpl=-1, uplat=294, ullat=0
pragma: no-cache
x-fb-debug: cgEyhutNz9qI9hMVQl33kh7a/uG/xfGPEYiPY0yr+kaf+0FrxXP4t3cRGhm8A8zvGhHhsOqjgpMW9labaeOYoQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
47 B 99ms
52ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 main.MTZmOTQwMTEyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
98 KB 235ms
234ms Script
application/javascript 2.17.167.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDH1C9BC77UEKJIGVU8G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.167.9 Rio de Janeiro, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-167-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cd5efd9242be0331111acd38f5570a894598d0b18d4811f1a27631f9dac41c65

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b5a7c9a3
date: Sun, 16 Jun 2024 11:19:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024061301294021782256E595441BC3A9
x-tt-trace-id: 00-24061301294021782256E595441BC3A9-0451211B8EE1EC89-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-120-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016ec686d3cc07cd0699d81ca987077aecf7ac0a1a2922235431630587272a179339c12a7c91ee35b3f64d872bd5e3619f57d48db9dcb5afafb447f0e5b8ec21cb2faf325a79f4e34f604f0d4bf47ebfff61d52f72b451fd5804ff79af7109a7e4
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 99575

POST
H2 200 p
tr.snapchat.com/ 0
88 B 58ms
51ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 11:19:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.qic.promo
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 234ms
233ms Script
application/javascript 2.17.167.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.167.9 Rio de Janeiro, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-167-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b5a7d870
date: Sun, 16 Jun 2024 11:19:34 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024052114000173094F88C064653E2976
x-tt-trace-id: 00-24052114000173094F88C064653E2976-2C3FEE759CD909FB-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-120-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ffa2ddc2a7f413529d20961a2896b9c2034b893f5dacaccade02f4e59383c5fc8e3d0af60d939dea87b9efa732a64d4ddd4a7a1426b6eade7f2dadad0fa0b5e5e2169e5fe5d83e168944aa503e4bbf78a9dd615a595fd430e43c483c4e673a41
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 39651

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
840 B 380ms
379ms Ping
text/plain 2.17.167.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.167.9 Rio de Janeiro, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-167-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1d8c89ea.b5a7d8e7
date: Sun, 16 Jun 2024 11:19:34 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240616111934DB12001E982686A6274B-23368530E31A1491-00
x-cache: TCP_MISS from a2-16-120-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 137,2.16.120.9
server-timing: cdn-cache; desc=MISS, edge; dur=112, origin; dur=30, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240616111934DB12001E982686A6274B
x-cache-remote: TCP_MISS from a104-112-235-175.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,104.112.235.175
x-tt-trace-host: 01532689ef7b4246a455764dd731acb3d315e40f6a2e6b0e10c38cd4850a27c6a0cba348485da5589e7fcb6b15eaedc4d4e3f819dea4bc3ec104144a99a5e970fb1f4d699bbbf72e6d0a8b30cd386e360cc3d7f1eb7146801f625bb31cf0a1b8426b951a2b06935750cb6c0603fbd5022e
access-control-allow-headers: Authorization,*
expires: Sun, 16 Jun 2024 11:19:34 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 219ms
218ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.qic.promo/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:34 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: CFA68FEA149342BDA8DAA109054888B5 Ref B: DUS30EDGE0310 Ref C: 2024-06-16T11:19:34Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.qic.promo
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYbAAYAIW993WiCpWMhHw==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
840 B 368ms
364ms Ping
text/plain 2.17.167.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.167.9 Rio de Janeiro, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-167-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2dee15b1.b5a7dc3c
date: Sun, 16 Jun 2024 11:19:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240616111935998B8A9772715AA3DA80-37775558B6DFF2C3-00
x-cache: TCP_MISS from a2-16-120-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 128,2.16.120.9
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=20, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240616111935998B8A9772715AA3DA80
x-cache-remote: TCP_MISS from a23-218-223-22.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.218.223.22
x-tt-trace-host: 01532689ef7b4246a455764dd731acb3d3507a3579a80ba5a6f970bc39993620d6f60dec72b157affb01f80793bed72e75d885349430e97be935ebf53ea423f75a3e799e0c6cc4ad60d4d7ae1d2dd5b661172536bc81e669379760590b9092a587372290fe67fefc85c8ecd1309acc1cea
access-control-allow-headers: Authorization,*
expires: Sun, 16 Jun 2024 11:19:35 GMT

GET
H3 200 665727d29c0197913d5ef713_img-favicon.jpg
cdn.prod.website-files.com/664dfbdb2927f81691ee601c/ 3 KB
3 KB 205ms
204ms Other
image/jpeg 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/664dfbdb2927f81691ee601c/665727d29c0197913d5ef713_img-favicon.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7545a24d03dd89963acc7e4ddc17ab6a626d64ec7372ec718243375c5844e86

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.qic.promo/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:19:35 GMT
x-amz-version-id: JK2VKqmH15e5dwxia.x6Q7M.NeRZBqcc
cf-cache-status: HIT
x-amz-request-id: GCQ27E8CBS2ARMNZ
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 2580
x-amz-id-2: 73thq6ovifkA13r0m1rfNpcBogLfniRmHHQ9SbQN/ajgNaHSHIuIDsoLeZ/D4x/zfbv51NqRYQS1p/ImeKWFAw==
cf-bgj: h2pri
last-modified: Wed, 29 May 2024 13:04:21 GMT
server: cloudflare
etag: "3f3f068f41d4bd5d01cf388192ade972"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 894a67db59beb620-WAW
expires: Mon, 16 Jun 2025 11:19:35 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 21:23:43	Name: X-AB Value: d8adc6ba02b1462ba930cf4572193de0
.qic.promo/	1970-01-21 06:58:16	Name: _ga_VRPMCST53D Value: GS1.1.1718536772.1.0.1718536772.60.0.1673290824
.qic.promo/	1970-01-21 06:58:16	Name: _ga Value: GA1.1.1240908060.1718536773
.qic.promo/	1970-01-21 06:58:16	Name: _ga_TSY4GRJEX4 Value: GS1.1.1718536772.1.0.1718536772.0.0.0
.qic.promo/	1970-01-21 06:52:03	Name: _scid Value: c171963d-d731-4f49-b9e5-3a17cfb8100f
.qic.promo/	1970-01-21 06:52:03	Name: _scid_r Value: c171963d-d731-4f49-b9e5-3a17cfb8100f
.doubleclick.net/	1970-01-20 21:22:17	Name: test_cookie Value: CheckForPermission
.qic.promo/	1970-01-20 23:31:52	Name: _fbp Value: fb.1.1718536773526.545865461970620428
.t.co/	1970-01-21 06:58:16	Name: muc_ads Value: e35b1534-ba96-46e5-9dff-3fe874f4d94b
.snapchat.com/	1970-01-21 06:43:52	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIRPyC60CfKRjeuyKze7swUHJ0hyR/yF1FdJoVMKOu8RncbdYD+Z1RGzIAAAA=
.twitter.com/	1970-01-21 06:58:16	Name: personalization_id Value: "v1_V5xalry4CSaOTvkpuZ6hug=="
.linkedin.com/	1970-01-20 23:31:52	Name: li_sugr Value: d7a96666-ed1b-480f-bdbb-a223907c1d05
.linkedin.com/	1970-01-21 06:07:52	Name: bcookie Value: "v=2&0d5b7970-5f19-40f6-8fe7-5ad70f452f6f"
.linkedin.com/	1970-01-20 21:23:43	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3351:u=1:x=1:i=1718536773:t=1718623173:v=2:sig=AQFLvOj7bN44CXMRn_T14M57G2h2TZ__"
.tiktok.com/	1970-01-21 06:43:52	Name: _ttp Value: 2hxXbVybM13Z2qQ2oQ2z9HFDtZp
.linkedin.com/	1970-01-20 22:05:28	Name: UserMatchHistory Value: AQJ16DO2ZJK_1gAAAZAgxiCbgFh2K-pD_iwibDIRGvh-guDXNenFldjo8gDs55dHPbBSGEq9uDqAHA
.linkedin.com/	1970-01-20 22:05:28	Name: AnalyticsSyncHistory Value: AQIDoM3QtwvQ6wAAAZAgxiCbWtYazv9V75m91BWzj9wNePdd1gfm8BHryu6N954f-ct03eraIIzVaPMmeotaVQ
.www.linkedin.com/	1970-01-21 06:07:52	Name: bscookie Value: "v=1&202406161119349d990532-3860-4051-8eb4-0f2147a0f3c6AQHxhUKtxK6Icl0C6Wfi6jk4qh82wofN"
.linkedin.com/	1970-01-21 01:41:28	Name: li_gc Value: MTswOzE3MTg1MzY3NzQ7MjswMjHFHvtsJsAyqQ6usxJz7wnD7TDd1rhB1/Xkq4S35nYJ4A==
.qic.promo/	1970-01-21 06:43:52	Name: _tt_enable_cookie Value: 1
.qic.promo/	1970-01-21 06:43:52	Name: _ttp Value: EAhV26-1PhruBztUX_ziQ0XLxfF

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analytics.twitter.com
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
googleads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
sc-static.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
uploads-ssl.webflow.com
www.clickcease.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.qic.promo
104.244.42.131
13.107.42.14
142.250.181.232
142.250.185.228
143.204.207.250
146.75.120.157
172.217.18.3
172.64.153.29
18.66.112.117
2.17.167.9
2001:4860:4802:32::36
2001:4860:4802:34::36
216.58.206.66
2600:9000:235a:5e00:15:a0d3:77c0:93a1
2620:1ec:21::14
2a00:1450:4001:82f::2008
2a00:1450:400c:c0a::9c
2a02:26f0:3100::1735:284b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.190.43.134
52.17.119.105
52.222.232.47
93.184.221.165
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
04388d46bf986bab3d32b86da3e19c3e4b8c0ef238b2162a6f1776cf07a1cb25
14808a061b6852ff1815780aa3561fd217537081c6febb4b96348826b2931439
158a1dcff007a077ceb39fac8fa5730af21ab19b0bf98ea6bc76b43618e030fd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e7f713d4726c5ba75cfdb61c9d03d41a422dea47493b0caad0d29f646d698ba
3ba2e6fd461e743415b976369dee60853d13afa3bdf8ee2a7a55745b3281940d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4805ef81fe77acaa28e334ceaf5b9e2773cfffaf6d53f0b01811c57f19fe4802
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5381f66a92a9de3cd5b5dc9443969753003fb44ef735809411715507d36d9ba3
55ff169cccca2657e4241253847f93d679be9768b54477a756bf1f3fa13a51da
7be9c201d2d1bccf4743b7c6cfc736f33d40b810a3831538332a2d65f9a06d9d
87ea358414fe60d9466f3f82421f127ceada3865011350b865218d99b7574e59
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
95d6eeff339f37c82d9aa1b68b008537af524d2b5c1bf9d67bca6f122537b522
962c75398fec5b7bba541ed81618d4396f9cdb7a911306261afc3e86354c5a66
9ac77a46604705bb3c4838acf07180e7a2682dff6d1831055e7bf0b2a599bfd3
a8cf22e35113ac293f5dadb9bf8da1b924b14b7efd5554819ea50766e750c6b1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5cda114236b4f18ed565229cabdccd57f2d7692bcd85f0a7c970de391f4ef00
b9f6e15e2384adc5ac39d5c9f4424ed6ac901544d7b33dc391023ddac2743636
c3803fc56073995476714cc66a0f28b321e56ec5bc17cf5337032953fbff50eb
c7545a24d03dd89963acc7e4ddc17ab6a626d64ec7372ec718243375c5844e86
c7964c99af038b259ff8e6b0196dd42333855bb2d91aa939d5d000c522b38c8e
caa8cf8a1156da76df2454fe6f4fe86caa2738e3afa231f3d511bb2fa4b22a03
cd5efd9242be0331111acd38f5570a894598d0b18d4811f1a27631f9dac41c65
d0cd2d75b61befd642d7916157c220ad432f2391ed0740343103d4a13bda02a6
d6e8f61b9d97320c256f84d266d047db687a709764b3cf43f72d38c236b8ff59
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6625bebe81498cd3d93e8f7fe5b45374e84b96b604034a266dc0a32d9beebf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49fa9a8d3610719cfb5eac76d6115fe014746a5014e2aaf3372b4c0403bb3ea
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa067b1e3bc3342512199c305d2db2acaaa51892b06320d1f73ac8df10138cd5
fb85918a9b0e5a7d4e0bcce16c43d16fd08d978f3175a4ca8931424570dcaf76
fde54f0a91d979e11c088b5779c1d6d12a270fed88dede5e4d82c955827f32ab

www.qic.promo Open in urlscan Pro 52.17.119.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

38 %IPv6

20 Domains

25 Subdomains

24 IPs

6 Countries

1587 kBTransfer

3177 kBSize

21 Cookies

20 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.qic.promo Open in urlscan Pro
52.17.119.105 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

38 %
IPv6

20
Domains

25
Subdomains

24
IPs

6
Countries

1587 kB
Transfer

3177 kB
Size

21
Cookies

53 HTTP transactions
0 data transactions