urlscan.io logo urlscan.io
SecurityTrails logo

qic.online Open in urlscan Pro
212.70.101.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qic.online/www/r/nR8BvboQdh1NaBm6xjSs?lang=en
Effective URL: https://qic.online/win/?utm_source=invite_win&lang=en
Submission: On January 25 via manual from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 24 domains to perform 114 HTTP transactions. The main IP is 212.70.101.74, located in Doha, Qatar and belongs to VODAFONEQATAR, QA. The main domain is qic.online.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 4th 2023. Valid for: a year.
This is the only time qic.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 39 212.70.101.74 48728 (VODAFONEQ...)
8 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 143.204.207.250 16509 (AMAZON-02)
1 146.75.116.157 54113 (FASTLY)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
6 104.126.37.145 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 10 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.206.178 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.74.198 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
5 35.190.43.134 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
114 30
39    212.70.101.74 (Doha, Qatar)

ASN48728 (VODAFONEQATAR, QA)
qic.online
8    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
5    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:780::210:a45b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
6    104.126.37.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-145.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    52.222.206.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-178.fra56.r.cloudfront.net
cdn.amplitude.com
1    2600:9000:225e:e00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.clickcease.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
13548668.fls.doubleclick.net
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
39 qic.online
qic.online
1 MB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2616
adservice.google.com — Cisco Umbrella Rank: 98
37 KB
8 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
13548668.fls.doubleclick.net
4 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8747
3 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
www.linkedin.com — Cisco Umbrella Rank: 632
px4.ads.linkedin.com — Cisco Umbrella Rank: 6550
5 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 752
148 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 6518
856 B
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
464 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 922
tr6.snapchat.com — Cisco Umbrella Rank: 1368
1 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
442 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
247 B
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3982
72 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
106 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
4 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
61 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
394 B
1 t.co
t.co — Cisco Umbrella Rank: 656
376 B
1 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 11720
43 KB
1 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2634
27 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 2274
66 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 783
16 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 745
15 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1260
18 KB
114 24
Domain Requested by
39 qic.online 2 redirects qic.online
8 www.google.com qic.online
www.gstatic.com
www.google.com
7 mc.yandex.com 3 redirects qic.online
mc.yandex.ru
6 analytics.tiktok.com www.googletagmanager.com
qic.online
analytics.tiktok.com
6 www.google.de qic.online
5 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
5 www.googletagmanager.com qic.online
www.googletagmanager.com
www.google-analytics.com
4 tr.snapchat.com sc-static.net
qic.online
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.facebook.com qic.online
3 mc.yandex.ru 1 redirects qic.online
3 connect.facebook.net qic.online
connect.facebook.net
3 region1.analytics.google.com www.googletagmanager.com
2 cdnjs.cloudflare.com www.googletagmanager.com
2 13548668.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ajax.googleapis.com www.googletagmanager.com
2 fonts.gstatic.com www.google.com
1 tr6.snapchat.com sc-static.net
1 adservice.google.com 13548668.fls.doubleclick.net
1 px4.ads.linkedin.com qic.online
1 www.linkedin.com 1 redirects
1 analytics.twitter.com qic.online
1 t.co qic.online
1 www.clickcease.com qic.online
1 cdn.amplitude.com qic.online
1 www.googleoptimize.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
114 32

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
Subject Issuer Validity Valid
www.qic.online
Entrust Certification Authority - L1K		 2023-09-04 -
2024-10-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-03 -
2024-02-01		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M02		 2023-12-14 -
2025-01-12		 a year crt.sh
clickcease.com
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.google.de
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 4 frames:

Primary Page: https://qic.online/win/?utm_source=invite_win&lang=en
Frame ID: 8BF27E714257D4B196248BD8790BD4F2
Requests: 107 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
Frame ID: D75C86D253C2809EDA5F0247C6257060
Requests: 8 HTTP requests in this frame

Frame: https://13548668.fls.doubleclick.net/activityi;dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45He41m0v849131735;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den
Frame ID: C242981313E044A05544FB3EA2CB9995
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=ed976ef1-51a3-465f-b6b2-22ceeab4ca3d&u_scsid=56301b55-99f1-42e8-bf6d-d13ac517d979&u_sclid=22ef0960-51ce-4b3e-b987-8213e4b6b626
Frame ID: 82BAA80E96D58EDF93FF6089058DD206
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Who’ll win? Guess the winner and get your prize!

Page URL History Show full URLs

  1. https://qic.online/www/r/nR8BvboQdh1NaBm6xjSs?lang=en HTTP 302
    https://qic.online/win?utm_source=invite_win&lang=en HTTP 301
    https://qic.online/win/?utm_source=invite_win&lang=en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

114
Requests

97 %
HTTPS

66 %
IPv6

24
Domains

32
Subdomains

30
IPs

5
Countries

3005 kB
Transfer

7777 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qic.online/www/r/nR8BvboQdh1NaBm6xjSs?lang=en HTTP 302
    https://qic.online/win?utm_source=invite_win&lang=en HTTP 301
    https://qic.online/win/?utm_source=invite_win&lang=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://13548668.fls.doubleclick.net/activityi;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45He41m0v849131735;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den HTTP 302
  • https://13548668.fls.doubleclick.net/activityi;dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45He41m0v849131735;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den
Request Chain 62
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3412522%252C4836521%26time%3D1706168172008%26url%3Dhttps%253A%252F%252Fqic.online%252Fwin%252F%253Futm_source%253Dinvite_win%2526lang%253Den%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&cookiesTest=true&liSync=true&e_ipv6=AQLo8PGBAG3LwwAAAY0_jEDMI3UBWEJ2c__x-uZEoynnPhSNRGYJ0VmeV6p8fYJLeLLYwPUPfW7HG97oloncIat4ToEcBw
Request Chain 78
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10259.Uy0h4kScXysbEDzUGZg_3fomoL_2BKdpv0pghXzY6Ggd_CxEeBBTMRUo8MNVrmR-.OnrzV8bu77QJ-NaqEtRPw0MDAH4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10259.jy8XwzgPusPEnrbWmz8A8RFEGfYYiK6JT8JfQr42d3Ymv7riutHT8_0xRSANcjgTJdzcu_cf7B9KgQin1GGLzIkVbVKSv7Jf_vRvNUIeU9opdzvwogflSv7kSe4N94ycyP7xww5xVyL-KGZcF5337JhYPfUZ4SyS6xrCz5xVVJcqbTLLlKpgei6YduxLjIWsGkI0SHNwl1HInroJF8bzULFUS3m4Dsaxi2NDyrD0Des%2C.mVLay7jU0w_3m-1VDxujQwliCz8%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10259.J9IK4FI1Yl1v2VgUIRb-Xs0u93GPqJpNzcgX6YTjN0pDLDwtOYWdsEN0sD-rr8HIzEO-Q8orWcehHGeO8yHJx8sfBbkmni2pWbgnruArwyanczXEy5-B4a6oSeRcugApsvB0mg76aOsz8cX_3XnTe1YXihkYnqUdqNsnal39_xYhB6nwvOv3SXyP5kxN-TweuRsKnsixa5PDP1eT97vAtg%2C%2C.tyNDgYZV444K2-pU2azh2ZSDsxE%2C
Request Chain 87
  • https://mc.yandex.com/watch/83435941?wmode=7&page-url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1059396472773%3Ahid%3A1805105%3Az%3A60%3Ai%3A20240125083612%3Aet%3A1706168172%3Ac%3A1%3Arn%3A833079397%3Arqn%3A1%3Au%3A1706168172261564225%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C158%2C113%2C778%2C778%2C2%2C7%2C0%2C%2C%2C%2C2025%3Aco%3A0%3Acpf%3A1%3Ans%3A1706168169854%3Agi%3AR0ExLjIuMTEwMjYwNjc3Mi4xNzA2MTY4MTcy%3Afp%3A1059%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706168172%3At%3AWho%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/83435941/1?wmode=7&page-url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1059396472773%3Ahid%3A1805105%3Az%3A60%3Ai%3A20240125083612%3Aet%3A1706168172%3Ac%3A1%3Arn%3A833079397%3Arqn%3A1%3Au%3A1706168172261564225%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C158%2C113%2C778%2C778%2C2%2C7%2C0%2C%2C%2C%2C2025%3Aco%3A0%3Acpf%3A1%3Ans%3A1706168169854%3Agi%3AR0ExLjIuMTEwMjYwNjc3Mi4xNzA2MTY4MTcy%3Afp%3A1059%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706168172%3At%3AWho%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qic.online/win/
Redirect Chain
  • https://qic.online/www/r/nR8BvboQdh1NaBm6xjSs?lang=en
  • https://qic.online/win?utm_source=invite_win&lang=en
  • https://qic.online/win/?utm_source=invite_win&lang=en
116 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
c6853a4913bbc3616c4caa910dbd7e714bef38aac05c1ed69e2606521b24ad81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
none
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Jan 2024 07:35:34 GMT
ETag
"1d154-FGjKOuVPTYIhpML9gh7RPeP3JW4"
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'none'
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Jan 2024 07:35:34 GMT
Location
/win/?utm_source=invite_win&lang=en
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8769ff21d2a1f1e2dd4243195b8be9f5480375c7db0b58d6a0ef04f345b2656
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 25 Jan 2024 07:36:10 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c91af5286269fd53f0d751721a3738e3ecdda73ecebbe732f878f3cb500af07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86499
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jan 2024 07:36:10 GMT
gtm.js
qic.online/win/analytics/ 		535 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/analytics/gtm.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
1a400fd2618843eea77df485073933629b263b60585bbf1047d15f9a90f627e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:17:54 GMT
ETag
W/"217-18d30764940"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
be6d4ee.js
qic.online/win/_wwwnuxt/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/be6d4ee.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
17085a546a6ce49ac151d8ec1a8061a83cd3ee4ed7bcd967a024957dfca9a420
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"996-18d3077e2c4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
3642727.js
qic.online/win/_wwwnuxt/ 		299 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/3642727.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
ee13718c53e64f0a73cd39f99b97c72c9dc544ac19df47c06ef9469b99391ba4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"4ab96-18d3077e2b0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
44c4b5c.js
qic.online/win/_wwwnuxt/ 		988 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/44c4b5c.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
dde66260091c6778809ab78cc11210fe82af7140836e313a8cc20aa8d735551b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"f6ea9-18d3077e2c4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
1d0e3c0.js
qic.online/win/_wwwnuxt/ 		279 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/1d0e3c0.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
10fc0854417b093d97e681682e87a2731db6e0acebf877b53a4e6526101e3be5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"45acd-18d3077e2b0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
02791ab.js
qic.online/win/_wwwnuxt/ 		127 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/02791ab.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
aedd08ff1f8a3c2b697dcb0327575e5c7ea0364a00fe53a6a90dc8961a71606a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"1fd84-18d3077e2b0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
f68ecf8.js
qic.online/win/_wwwnuxt/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/f68ecf8.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
b95ed2c9b2e17735f778b047b639832bfa5299ec4320a852dcc4cbf9e8d5141b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"1c10e-18d3077e2c8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
AhmetAltun-Izmir-Heavy.e383b03.otf
qic.online/win/_wwwnuxt/fonts/ 		62 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/fonts/AhmetAltun-Izmir-Heavy.e383b03.otf
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
1796f0985254dc701c7f0b35267f4aa96f4fe1c8c38d0bd09e917e779aef6cba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qic.online/win/?utm_source=invite_win&lang=en
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"f8c4-18d3077e26c"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/otf
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
AhmetAltun-Izmir-Regular.3a02780.otf
qic.online/win/_wwwnuxt/fonts/ 		60 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/fonts/AhmetAltun-Izmir-Regular.3a02780.otf
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
fb85918a9b0e5a7d4e0bcce16c43d16fd08d978f3175a4ca8931424570dcaf76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qic.online/win/?utm_source=invite_win&lang=en
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"ef28-18d3077e260"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/otf
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
AhmetAltun-Izmir-Bold.4447ee0.otf
qic.online/win/_wwwnuxt/fonts/ 		62 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/fonts/AhmetAltun-Izmir-Bold.4447ee0.otf
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
3e38481d6cd9b5b4a1485a17f692785e9d038668fd3ccedb268ca173a6b8c844
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qic.online/win/?utm_source=invite_win&lang=en
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"f628-18d3077e26c"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/otf
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
URWGeometricArabic-SemiBold.cece9cd.ttf
qic.online/win/_wwwnuxt/fonts/ 		197 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/fonts/URWGeometricArabic-SemiBold.cece9cd.ttf
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
de739f85efb415dd22060e0f6a8725a1173f632b130d7c5ad4d50d884d2afe38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qic.online/win/?utm_source=invite_win&lang=en
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"31220-18d3077e27c"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/ttf
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		506 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qic.online/
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207845
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 18:50:58 GMT
URWGeometricArabic-Regular.b25dff2.ttf
qic.online/win/_wwwnuxt/fonts/ 		197 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/fonts/URWGeometricArabic-Regular.b25dff2.ttf
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
eaf52f809143a05826b64cc43b2d746c76b17bb2f1a17f96e8304e7f14583e52
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qic.online/win/?utm_source=invite_win&lang=en
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"312f0-18d3077e27c"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/ttf
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
anchor
www.google.com/recaptcha/api2/ Frame D75C 		44 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9b5ec040d031c8911373ed2a36d3f20db148aca7e98318dbf8485ddcb5d68b3a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-52EcDcsH2KBysp0W5Q1U7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qic.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-52EcDcsH2KBysp0W5Q1U7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 07:36:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame D75C 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 04:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jan 2025 04:25:49 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame D75C 		506 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207845
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 18:50:58 GMT
qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js
www.google.com/js/bg/ Frame D75C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 14:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
61483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6914
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 14:31:28 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D75C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:56:54 GMT
x-content-type-options
nosniff
age
214757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 29 Jan 2024 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D75C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:31:50 GMT
x-content-type-options
nosniff
age
266661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 05:31:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D75C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:09:14 GMT
x-content-type-options
nosniff
age
167217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 09:09:14 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D75C 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZ6g8pAAAAAPtvtFy5yZ3P0kFQ90ay5qWX9uXl&co=aHR0cHM6Ly9xaWMub25saW5lOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ndhci34ado71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 25 Jan 2024 07:36:11 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-202550618-3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82aca294bc5806857b9c0ea4e52e2a3a8d5be3ee148314cc1861800bea4eaf37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68731
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Jan 2024 07:36:11 GMT
gtm.js
www.googletagmanager.com/ 		435 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Requested by
Host: qic.online
URL: https://qic.online/win/analytics/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ecbe77d994133a2d59f66e6d94a8cfac67e0f61a7f3419e4e11fc11016b30f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115693
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Jan 2024 07:36:11 GMT
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VRPMCST53D&gtm=45je41m0v880855059&_p=1706168171727&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1102606772.1706168172&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1706168171&sct=1&seg=0&dl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&dt=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=1889
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VRPMCST53D&cid=1102606772.1706168172&gtm=45je41m0v880855059&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VRPMCST53D&cid=1102606772.1706168172&gtm=45je41m0v880855059&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1657029634
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-202550618-3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 Jan 2024 05:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6482
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 25 Jan 2024 07:48:09 GMT
5e6ba3b.js
qic.online/win/_wwwnuxt/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/5e6ba3b.js
Requested by
Host: qic.online
URL: https://qic.online/win/_wwwnuxt/be6d4ee.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
e5c9f7097f75dd633860972b5dcd83f6f8e3fb642eb90480e518d8e6b060c2f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"1485-18d3077e2c8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
getmatchesforvoting
qic.online/api/whowillwin/ 		545 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qic.online/api/whowillwin/getmatchesforvoting?Language=en
Requested by
Host: qic.online
URL: https://qic.online/win/_wwwnuxt/3642727.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
ad656d5ed522b344995a62118f7afc66c73f979a8c245c56ef5da2ef07979ddb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/plain, */*
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Strict-Transport-Security
max-age=63072000
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
isuserauthorized
qic.online/api/whowillwin/ 		53 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qic.online/api/whowillwin/isuserauthorized
Requested by
Host: qic.online
URL: https://qic.online/win/_wwwnuxt/3642727.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
845995eccfdaebc0979d704d50b5ead527ca5a265c670fd148cb77afc919218f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/plain, */*
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Strict-Transport-Security
max-age=63072000
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
destination
www.googletagmanager.com/gtag/ 		280 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-5W0QNSBVYS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18875453a887503aa6e3090ab9fc60a73ab49d4403e4e53ea0060d5d76b4b8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94150
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jan 2024 07:36:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 25 Jan 2024 07:36:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57021
x-xss-protection
0
pragma
public
x-fb-debug
iBbKmEmoL7wiLGf4EXHQl4YesbJkdeI1VXG050oKhI0Khgd3+E/vbCi7dYP57KJGfWhYq7e/xWfVy84ksPjyNA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		41 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
gzip
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
17883
x-amz-cf-id
mpms0wSdXs7mIhjC4V4YeLy_lESQmApsQlL0My6sEnFLEIOvYs5iWA==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230090-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jan 2024 14:42:29 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=17027
accept-ranges
bytes
content-length
15732
sdk.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CDH1C9BC77UEKJIGVU8G
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e85399e3f73c1de6b7d7a9a0c08e8af5457d1247cfe735cffe7f2f2a908dfe7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id
b48a0cbe.70a5bc
date
Thu, 25 Jan 2024 07:36:12 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24012507361250CAF9B01757ED012B0A-37AD02AEB449273A-00
x-cache
TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time
88,104.126.37.141
server-timing
cdn-cache; desc=MISS, edge; dur=83, origin; dur=6, inner; dur=3
content-length
2303
pragma
no-cache
server
nginx
x-tt-logid
2024012507361250CAF9B01757ED012B0A
x-cache-remote
TCP_MISS from a23-48-200-42.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.48.200.42
x-tt-trace-host
0104c902ee5e7ef4b00cd2382972ed8e6c1fd53ae3c5fec71961ba89e9918e1593064287cc299c52ce215e70669d77a2aca16a4585e9ef40a57aa623806024f8ec50ad71222dcd5709ec58f4a6d632dc73401167be475c613e6218ff3a29ae328a6b83f7a056cf86a7aa6c88b198d90a18
expires
Thu, 25 Jan 2024 07:36:12 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-327017376/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-327017376/?random=1706168171903&cv=11&fst=1706168171903&bg=ffffff&guid=ON&async=1&gtm=45He41m0v849131735&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&hn=www.googleadservices.com&frm=0&tiba=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&pscdl=noapi&auid=1507523689.1706168172&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1a99aff7e4373db85911c60d3b8c0133c93710503795359b0869945ade8327d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		204 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Mon, 22 Jan 2024 14:13:04 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65ae77f0-11838"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71736
expires
Thu, 25 Jan 2024 08:36:12 GMT
optimize.js
www.googleoptimize.com/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-N5FP22Q
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9278cf09359f8e49c43b6774529ec36fedaae812c65c8156a7607b5b78d7862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67500
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jan 2024 07:36:11 GMT
amplitude-8.17.0-min.gz.js
cdn.amplitude.com/libs/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-178.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

Referer
https://qic.online/
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 02:09:14 GMT
content-encoding
gzip
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
x-amz-version-id
wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
x-amz-cf-pop
FRA56-P3
age
10474018
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27400
last-modified
Fri, 25 Mar 2022 19:53:18 GMT
server
AmazonS3
etag
"e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
-Kqn9TCFTmnDlW1V99C72b5bW2c8m0SlqbLDgIFXgea3VkqDQPBpDg==
stat.js
www.clickcease.com/monitor/ 		142 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
date
Thu, 25 Jan 2024 07:36:03 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop
FRA60-P4
age
12
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Sep 2023 09:05:15 GMT
server
AmazonS3
etag
W/"e112b8bf96f23bc2970347a3c98e37fc"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
microphone 'none'; camera 'none';
x-amz-cf-id
RnlgziXp2DwjrVkZOl4y0x4UJHFhdcLh_Mmz3Bt-J-HD5-hSMfEJSw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 15:42:32 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDH1C9BC77UEKJIGVU8G&lib=ttq
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dd44eae73d290f09d3ca595ab3c827404378b6aff2d95cca724aa4792ad47ee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id
5084133.70a601
date
Thu, 25 Jan 2024 07:36:12 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24012507361202B321220FFA8434F74B-651D7A9CBA8211D2-00
x-cache
TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time
99,104.126.37.141
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=13, inner; dur=3
content-length
1933
pragma
no-cache
server
nginx
x-tt-logid
2024012507361202B321220FFA8434F74B
x-cache-remote
TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.220.105.199
x-tt-trace-host
0104c902ee5e7ef4b00cd2382972ed8e6c1fd53ae3c5fec71961ba89e9918e1593bdf639d8751e21518fd682d65f184d65fd3db21d0e3d674d0a6d5ba4a8025c472ed47ae19f18f0f1f6bea93178317b35f0aac7a2a0d88694a9363846fdba6ccb6eac89051881735aa225ad008e4197e0
expires
Thu, 25 Jan 2024 07:36:12 GMT
collect
www.google-analytics.com/j/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=635463476&t=pageview&_s=1&dl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&ul=en-us&de=UTF-8&dt=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1661699142&gjid=267210898&cid=1102606772.1706168172&tid=UA-202550618-3&_gid=1868760513.1706168172&_r=1&gtm=457e41m0z8880855059&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=970160466
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=635463476&t=pageview&_s=1&dl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&ul=en-us&de=UTF-8&dt=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1184403711&gjid=370993972&cid=1102606772.1706168172&tid=UA-202550618-3&_gid=1868760513.1706168172&_r=1&_slc=1&gtm=45He41m0n815LFKBJNv849131735&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=235171746
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=635463476&t=pageview&_s=1&dl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&ul=en-us&de=UTF-8&dt=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=219488814&gjid=1377590370&cid=1102606772.1706168172&tid=UA-202550618-2&_gid=1868760513.1706168172&_r=1&_slc=1&gtm=45He41m0n815LFKBJNv849131735&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1525334194
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
20994e931260d3067776033f5e70d9c2a807051a06fc888c9b0b9adc086cf5ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
7af6951.js
qic.online/win/_wwwnuxt/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/7af6951.js
Requested by
Host: qic.online
URL: https://qic.online/win/_wwwnuxt/be6d4ee.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
981bdb933f951639689aed24feb86e900330f147389b960d7ab64f0642fb5af4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"63a4-18d3077e2b4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-202550618-3&cid=1102606772.1706168172&jid=1661699142&gjid=267210898&_gid=1868760513.1706168172&_u=YADAAUAAAAAAACAAI~&z=1937820222
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-202550618-3&cid=1102606772.1706168172&jid=1184403711&gjid=370993972&_gid=1868760513.1706168172&_u=YADAAUABAAAAACAAI~&z=1979332170
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-202550618-2&cid=1102606772.1706168172&jid=219488814&gjid=1377590370&_gid=1868760513.1706168172&_u=YADAAUABAAAAACAAI~&z=695679981
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L6X3NW3PG7&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72ff1a8f4a0f9f4dd0dc2b02d6509a380d7a0d025a5270f283921917838c7d72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87165
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jan 2024 07:36:11 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-202550618-3&cid=1102606772.1706168172&jid=1661699142&_u=YADAAUAAAAAAACAAI~&z=1255507053
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-202550618-3&cid=1102606772.1706168172&jid=1661699142&_u=YADAAUAAAAAAACAAI~&z=1255507053
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-202550618-3&cid=1102606772.1706168172&jid=1184403711&_u=YADAAUABAAAAACAAI~&z=1847325211
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-202550618-3&cid=1102606772.1706168172&jid=1184403711&_u=YADAAUABAAAAACAAI~&z=1847325211
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-202550618-2&cid=1102606772.1706168172&jid=219488814&_u=YADAAUABAAAAACAAI~&z=160515814
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-202550618-2&cid=1102606772.1706168172&jid=219488814&_u=YADAAUABAAAAACAAI~&z=160515814
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45H...
13548668.fls.doubleclick.net/ Frame C242
Redirect Chain
  • https://13548668.fls.doubleclick.net/activityi;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=...
  • https://13548668.fls.doubleclick.net/activityi;dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite...
596 B
696 B 		Document
General
Check archive.org
Download Go to
Full URL
https://13548668.fls.doubleclick.net/activityi;dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45He41m0v849131735;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
7a45746313ac856b23f9f62cda9584e46725ba17178f64022cb705e7000b08b8
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qic.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
357
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 07:36:12 GMT
expires
Thu, 25 Jan 2024 07:36:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 07:36:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13548668.fls.doubleclick.net/activityi;dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45He41m0v849131735;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=bd566f77-008c-47cc-98c4-fb2a45bc77d8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=89196a47-eb87-46b8-b047-a2748de7f0e0&tw_document_href=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv2bb&type=javascript&version=2.3.29
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
181
date
Thu, 25 Jan 2024 07:36:11 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
c31d59f1925b53c5
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
ca3669c225a0b5a34f91ad90e6ea42570f42d6a8c332568134b725f28d79c11f
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=bd566f77-008c-47cc-98c4-fb2a45bc77d8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=89196a47-eb87-46b8-b047-a2748de7f0e0&tw_document_href=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv2bb&type=javascript&version=2.3.29
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
180
date
Thu, 25 Jan 2024 07:36:11 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
2901026159015914
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
5595ebcbf8682a2453dd11fb9bd1e8216476de916d7ccc475ceb86b050daa5f8
content-length
43
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3412522%252C4836521%26time%3D1706168172008%26url%3Dhttps%253A%252F%252Fqic.online...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&cookiesTest=true&liSync=true&e_i...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&cookiesTest=true&liSync=true&e_ipv6=AQLo8PGBAG3LwwAAAY0_jEDMI3UBWEJ2c__x-uZEoynnPhSNRGYJ0VmeV6p8fYJLeLLYwPUPfW7HG97oloncIat4ToEcBw
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D9BD81FE736E481592DFC30A78B74EB0 Ref B: FRAEDGE1509 Ref C: 2024-01-25T07:36:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPwDvhYHW8qQI5WcfUDg==

Redirect headers

date
Thu, 25 Jan 2024 07:36:12 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 960E15F2886A4096941DCF03359F41E8 Ref B: FRAEDGE1205 Ref C: 2024-01-25T07:36:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3412522%2C4836521&time=1706168172008&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&cookiesTest=true&liSync=true&e_ipv6=AQLo8PGBAG3LwwAAAY0_jEDMI3UBWEJ2c__x-uZEoynnPhSNRGYJ0VmeV6p8fYJLeLLYwPUPfW7HG97oloncIat4ToEcBw
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPwDvdBRCDQ+gK3ux39g==
/
px.ads.linkedin.com/wa/ 		0
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 07:36:11 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D5D52C56B1E74F3BB69928C24E0B86FF Ref B: FRAEDGE1205 Ref C: 2024-01-25T07:36:12Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://qic.online
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYPwDvT+dMRLC863hBOKw==
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-L6X3NW3PG7&gtm=45je41m0v9164396902&_p=1706168171727&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1102606772.1706168172&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&dt=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&sid=1706168172&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2227
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L6X3NW3PG7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L6X3NW3PG7&cid=1102606772.1706168172&gtm=45je41m0v9164396902&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L6X3NW3PG7&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L6X3NW3PG7&cid=1102606772.1706168172&gtm=45je41m0v9164396902&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=2084976632
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
916738272525912
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/916738272525912?v=2.9.142&r=stable&domain=qic.online
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b43bf31d5060d93563d56a5156c72d7463cb7137bd6128177955c48d5fe19b36
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 25 Jan 2024 07:36:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
fRfKekHUA9pW10XiEZcIatjyBkrBF7CkNRPq/fN9eKcCq6d0mU91Ox4mVY+kmeE3hb3+mUw+hxAcyKEQyM3fLA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/AW-327017376/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/AW-327017376/?random=1706168171903&cv=11&fst=1706166000000&bg=ffffff&guid=ON&async=1&gtm=45He41m0v849131735&u_w=1600&u_h=1200&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&frm=0&tiba=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_B1P-EGwnp7SmYm2cGprD-YKp8Ka8sQ&random=3720260569&rmt_tld=0&ipr=y
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-327017376/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/AW-327017376/?random=1706168171903&cv=11&fst=1706166000000&bg=ffffff&guid=ON&async=1&gtm=45He41m0v849131735&u_w=1600&u_h=1200&url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&frm=0&tiba=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_B1P-EGwnp7SmYm2cGprD-YKp8Ka8sQ&random=3720260569&rmt_tld=1&ipr=y
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ed976ef1-51a3-465f-b6b2-22ceeab4ca3d.js
tr.snapchat.com/config/online/ 		186 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/online/ed976ef1-51a3-465f-b6b2-22ceeab4ca3d.js?v=3.8.0-2401042024
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
3af1e68ba763ce8e4466c1dbc0d9eafaf44bb0c81d5f7a03166c7b0aa8f51e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://qic.online/
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://qic.online
x-envoy-upstream-service-time
91
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186
i
tr.snapchat.com/cm/ Frame 82BA 		0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=ed976ef1-51a3-465f-b6b2-22ceeab4ca3d&u_scsid=56301b55-99f1-42e8-bf6d-d13ac517d979&u_sclid=22ef0960-51ce-4b3e-b987-8213e4b6b626
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://qic.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 25 Jan 2024 07:36:12 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ 		68 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=ed976ef1-51a3-465f-b6b2-22ceeab4ca3d&ev=PAGE_VIEW&intg=gtm&pids=ed976ef1-51a3-465f-b6b2-22ceeab4ca3d&u_c1=4ae8afe7-e2fe-4c1c-8386-268900478bb3&u_sclid=22ef0960-51ce-4b3e-b987-8213e4b6b626&u_scsid=56301b55-99f1-42e8-bf6d-d13ac517d979&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=2025&m_fcps=1059&m_pi=1056&m_pl=0&m_pv=2&m_rd=2257&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&trackId=c16251d0-e0f2-4c8a-a2ad-3466731e2028&ts=1706168172112&v=3.8.0-2401042024
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
main.MWI0MWYzMDk5MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		398 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CDH1C9BC77UEKJIGVU8G
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d8f1e9f5418eb1ed8419bd7ed548bc711b06503620133d211dc124c551fbbb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id
70a7bb
date
Thu, 25 Jan 2024 07:36:12 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024012315154264BC45938B43369967FE
x-tt-trace-id
00-24012315154264BC45938B43369967FE-2C7EDB55FEFFA63B-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01476898453b59740a5a1f5193190effb89cb38a341952fa1e1dff5e4bc3f2f7346bc8867bc97762da93545fd6bce50f508a580fd0c97a464c22ddc805a01f1b12739e981fff0c351004806f778dcdcdf9a236fc6bdf6ef71706579b134abb4c4e
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length
105819
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3056466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1339
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h68mqju4154h5JQ6kiH0Lxg%2BbZSBMDlRTK0mXza8KunPxgI64dy%2BNBu7ovQ%2FDPHrkbOP0vqkCmuHpUGVRz4dGMNRg43vlj3BwZ5mr6ddNlqnpeNILjRvmzDNyPXa%2FEgts2%2Fl6iUsfd1iq%2Bg0n6bA4Q3o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84aed8041da54d9e-FRA
expires
Tue, 14 Jan 2025 07:36:12 GMT
identify_0a875.js
analytics.tiktok.com/i18n/pixel/static/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id
70a8b6
date
Thu, 25 Jan 2024 07:36:12 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401231515446A5F9594963C1C97A7E4
x-tt-trace-id
00-2401231515446A5F9594963C1C97A7E4-6E9507D48E434750-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01df44dae11d3c200464c328a8af956f9110aadf24e1a9456eced2c49e1ba927580babd73faf3270bc93758032b9846a20f242bbad2e131ad8eec0db9ab4d3f30f59739437f9df094ba4f22abfd68eaf2b40444fa623d2eddffc045239171bf331
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
37074
pixel
analytics.tiktok.com/api/v2/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
64592c0.70a8f9
date
Thu, 25 Jan 2024 07:36:12 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240125073612A0E02EED865C9801936B-729D6DA8A9DC7558-00
x-cache
TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time
484,104.126.37.141
server-timing
cdn-cache; desc=MISS, edge; dur=132, origin; dur=361, inner; dur=41
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240125073612A0E02EED865C9801936B
x-cache-remote
TCP_MISS from a23-36-66-38.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
362,23.36.66.38
x-tt-trace-host
0104c902ee5e7ef4b00cd2382972ed8e6c1fd53ae3c5fec71961ba89e9918e1593421efa95198d37396aa2281b6cc2ee353d43ae89f9323b23e007a61e93f633601e1f2a3bb4a0d4c1c5b6bf3c685074e647521a467352c2b5a82ef6f10a46384f330f5c36c791edd16367ac8fd1a1938a
access-control-allow-headers
Authorization,*
expires
Thu, 25 Jan 2024 07:36:12 GMT
dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=*;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45He41m0v849131735;gcd=11l1l1l1l1...
adservice.google.com/ddm/fls/z/ Frame C242 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=*;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45He41m0v849131735;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den
Requested by
Host: 13548668.fls.doubleclick.net
URL: https://13548668.fls.doubleclick.net/activityi;dc_pre=CMrrzN6D-IMDFR1FHgIdwnsDDA;src=13548668;type=qicc;cat=allsite;ord=6327671980521;auiddc=1507523689.1706168172;u1=1102606772.1706168172;u2=invite_win;u3=undefined;pscdl=noapi;gtm=45He41m0v849131735;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://13548668.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10259.Uy0h4kScXysbEDzUGZg_3fomoL_2BKdpv0pghXzY6Ggd_CxEeBBTMRUo8MNVrmR-.OnrzV8bu77QJ-NaqEtRPw0MDAH4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10259.jy8XwzgPusPEnrbWmz8A8RFEGfYYiK6JT8JfQr42d3Ymv7riutHT8_0xRSANcjgTJdzcu_cf7B9KgQin1GGLzIkVbVKSv7Jf_vRvNUIeU9opdzvwogflSv7kSe4N94ycyP7xww5xVy...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10259.J9IK4FI1Yl1v2VgUIRb-Xs0u93GPqJpNzcgX6YTjN0pDLDwtOYWdsEN0sD-rr8HIzEO-Q8orWcehHGeO8yHJx8sfBbkmni2pWbgnruArwyanc...
43 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10259.J9IK4FI1Yl1v2VgUIRb-Xs0u93GPqJpNzcgX6YTjN0pDLDwtOYWdsEN0sD-rr8HIzEO-Q8orWcehHGeO8yHJx8sfBbkmni2pWbgnruArwyanczXEy5-B4a6oSeRcugApsvB0mg76aOsz8cX_3XnTe1YXihkYnqUdqNsnal39_xYhB6nwvOv3SXyP5kxN-TweuRsKnsixa5PDP1eT97vAtg%2C%2C.tyNDgYZV444K2-pU2azh2ZSDsxE%2C
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10259.J9IK4FI1Yl1v2VgUIRb-Xs0u93GPqJpNzcgX6YTjN0pDLDwtOYWdsEN0sD-rr8HIzEO-Q8orWcehHGeO8yHJx8sfBbkmni2pWbgnruArwyanczXEy5-B4a6oSeRcugApsvB0mg76aOsz8cX_3XnTe1YXihkYnqUdqNsnal39_xYhB6nwvOv3SXyP5kxN-TweuRsKnsixa5PDP1eT97vAtg%2C%2C.tyNDgYZV444K2-pU2azh2ZSDsxE%2C
date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 18 Jan 2024 16:14:38 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65a94e6e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 25 Jan 2024 08:36:12 GMT
isuserauthorized
qic.online/api/whowillwin/ 		53 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qic.online/api/whowillwin/isuserauthorized
Requested by
Host: qic.online
URL: https://qic.online/win/_wwwnuxt/3642727.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
845995eccfdaebc0979d704d50b5ead527ca5a265c670fd148cb77afc919218f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/plain, */*
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Strict-Transport-Security
max-age=63072000
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
914871661901111
connect.facebook.net/signals/config/ 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/914871661901111?v=2.9.142&r=stable&domain=qic.online
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4c0e292142ba0a3b80ac702ee85a720afbdf07f85b63770713b385388308efe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 25 Jan 2024 07:36:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
tRIiITXqVGQ7cs48FlGRTIo9awsb6qO9AKpVrXXlN+31GsMj6Jl2VpNE+yg9Aktkm8fyH2OskC4vRVpFe3/5Fg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=916738272525912&ev=PageView&dl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&rl=&if=false&ts=1706168172284&sw=1600&sh=1200&v=2.9.142&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.1.1706168172283.437541175&ler=empty&it=1706168172097&coo=false&eid=94527daf-e6fa-42d7-9ee3-19f4460668b7_undefined.1&exp=d2&rqm=GET
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 25 Jan 2024 07:36:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=916738272525912&ev=PageView&dl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&rl=&if=false&ts=1706168172285&sw=1600&sh=1200&v=2.9.142&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1706168172283.437541175&ler=empty&it=1706168172097&coo=false&tm=1&exp=d2&rqm=GET
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 25 Jan 2024 07:36:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
p
tr6.snapchat.com/ 		0
42 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
5084455.70abcd
date
Thu, 25 Jan 2024 07:36:12 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240125073612E4D77F26D47311384377-5CDC184BEF9DB9F9-00
x-cache
TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time
104,104.126.37.141
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=22, inner; dur=20
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240125073612E4D77F26D47311384377
x-cache-remote
TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
22,23.220.105.199
x-tt-trace-host
0104c902ee5e7ef4b00cd2382972ed8e6c1fd53ae3c5fec71961ba89e9918e1593bdf639d8751e21518fd682d65f184d65fd3db21d0e3d674d0a6d5ba4a8025c4746d4ead1f78c57c91fcc459031b028a1b2b6a4653166468beb714ee06620fb27569e8d5fb90060a8fa103696e4c4cbe5
access-control-allow-headers
Authorization,*
expires
Thu, 25 Jan 2024 07:36:12 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=914871661901111&ev=ViewContent&dl=https%3A%2F%2Fqic.online&rl=&if=false&ts=1706168172435&sw=1600&sh=1200&v=2.9.142&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1706168172283.437541175&ler=empty&pm=1&hrl=2f96b9&it=1706168172097&coo=false&tm=1&cs_cc=1&ccs=1682253645357939&cas=6760840093954758%2C6887523647929676%2C5130740370325563%2C4737675456329683%2C4402059343178940&exp=d2&rqm=GET
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 25 Jan 2024 07:36:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1
mc.yandex.com/watch/83435941/
Redirect Chain
  • https://mc.yandex.com/watch/83435941?wmode=7&page-url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt...
  • https://mc.yandex.com/watch/83435941/1?wmode=7&page-url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632m...
440 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/83435941/1?wmode=7&page-url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1059396472773%3Ahid%3A1805105%3Az%3A60%3Ai%3A20240125083612%3Aet%3A1706168172%3Ac%3A1%3Arn%3A833079397%3Arqn%3A1%3Au%3A1706168172261564225%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C158%2C113%2C778%2C778%2C2%2C7%2C0%2C%2C%2C%2C2025%3Aco%3A0%3Acpf%3A1%3Ans%3A1706168169854%3Agi%3AR0ExLjIuMTEwMjYwNjc3Mi4xNzA2MTY4MTcy%3Afp%3A1059%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706168172%3At%3AWho%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
046abc93ff7001addd0a36506f9d4cdaddd5e22ab193f89fd01b22b53e6e5db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 25-Jan-2024 07:36:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://qic.online
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
440
x-xss-protection
1; mode=block
expires
Thu, 25-Jan-2024 07:36:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 25-Jan-2024 07:36:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/83435941/1?wmode=7&page-url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1059396472773%3Ahid%3A1805105%3Az%3A60%3Ai%3A20240125083612%3Aet%3A1706168172%3Ac%3A1%3Arn%3A833079397%3Arqn%3A1%3Au%3A1706168172261564225%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C158%2C113%2C778%2C778%2C2%2C7%2C0%2C%2C%2C%2C2025%3Aco%3A0%3Acpf%3A1%3Ans%3A1706168169854%3Agi%3AR0ExLjIuMTEwMjYwNjc3Mi4xNzA2MTY4MTcy%3Afp%3A1059%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706168172%3At%3AWho%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://qic.online
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 25-Jan-2024 07:36:12 GMT
p
tr.snapchat.com/ 		0
88 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 07:36:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://qic.online
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
game-ribbon-desktop.bba515f.png
qic.online/win/_wwwnuxt/img/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/game-ribbon-desktop.bba515f.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
2809f4bc5f9e45040951e7b4b120ca50841528f8e2d38266ecb059ec7fb2d995
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"27625-18d3077e240"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
game-ball-1-desk.5f6ec54.png
qic.online/win/_wwwnuxt/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/game-ball-1-desk.5f6ec54.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
cea259def845428dc1964994be987586e378bdca75ccb0f1e52be500673e2007
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"d48-18d3077e240"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
game-ball-2-desk.9e6dccd.png
qic.online/win/_wwwnuxt/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/game-ball-2-desk.9e6dccd.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
94f9ea094bf8769a838987d5f5734ceda7fdcfa98fac3fa4bcdcaf134984fcee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"68c-18d3077e240"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
game-ball-3-desk.65770e9.png
qic.online/win/_wwwnuxt/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/game-ball-3-desk.65770e9.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
b0064b10e59032fd7b81226230443731094a1c79f1cd1df3b08f14f8dc2040d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"1d14-18d3077e240"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
game-ball-4-desk.12b8683.png
qic.online/win/_wwwnuxt/img/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/game-ball-4-desk.12b8683.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
7f6798c4e0b795f6cc60e5e55ca675e6ff28cd46f8b6cb12c160fd16d38a97f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"f25b-18d3077e240"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
soccer-ball.de41bdf.png
qic.online/win/_wwwnuxt/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/soccer-ball.de41bdf.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
43d425912981e2dfed99952b7b25fe0a06f6ee7655e462aab3b129ad08f074d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"5fd7-18d3077e240"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
614b056a67351219198aba67f8d8be4e5a3d5249d7c8d4b0e64d6c5f4e312cc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
party-popper.d86c37d.png
qic.online/win/_wwwnuxt/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/party-popper.d86c37d.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
b709485708e76c7a633cc313f0956a6a77ebe00f5cf6697aba7a9af2c3fe4ccc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"6370-18d3077e240"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
AhmetAltun-Izmir-Semibold.925f615.otf
qic.online/win/_wwwnuxt/fonts/ 		61 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/fonts/AhmetAltun-Izmir-Semibold.925f615.otf
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
04388d46bf986bab3d32b86da3e19c3e4b8c0ef238b2162a6f1776cf07a1cb25
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qic.online/win/?utm_source=invite_win&lang=en
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"f578-18d3077e26c"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/otf
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
AhmetAltun-Izmir-Extrabold.57a5355.otf
qic.online/win/_wwwnuxt/fonts/ 		62 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qic.online/win/_wwwnuxt/fonts/AhmetAltun-Izmir-Extrabold.57a5355.otf
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
6b273a326da5306a080e2d669aa0b907c31a15afe66291479dd4f1286ae2bf9d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qic.online/win/?utm_source=invite_win&lang=en
Origin
https://qic.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"f94c-18d3077e26c"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/otf
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
SouthKorea.2856474.svg
qic.online/win/_wwwnuxt/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/SouthKorea.2856474.svg
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
f8b6c97b1c6dd5369e7f5bdc8fae5965a0137983b30beb88ea9cda3a7c7f6b0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"f5b-18d3077e25c"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
handshake.dbc8244.png
qic.online/win/_wwwnuxt/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/handshake.dbc8244.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
b87f43174299f0185c3b37a49af1d8e92a353f0d01b5e8f08db34965e692613b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"4e0c-18d3077e23c"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Malaysia.dd8db53.svg
qic.online/win/_wwwnuxt/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/Malaysia.dd8db53.svg
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
12f67fd424d4e8f4c2768a16b647edf0a283fc6fcf9794cf835b96d23f9b5fb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"992-18d3077e254"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
truncated
/ 		894 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9b03c6cd2a6c229146c63b7985172a3e12b565cd2fc3368393dd5918702f5b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		448 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccc792fe9524ed5fdfbfcecc8fea74108b31a115e84542578e38ee172978c93a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
SaudiArabia.85209d2.svg
qic.online/win/_wwwnuxt/img/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/SaudiArabia.85209d2.svg
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
57208c8d7d946d91df97a02490b32112d691bde603649ba6a95f40d9b9733674
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"2b1b-18d3077e25c"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
truncated
/ 		544 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7193915da5857115181aff2052813f1c365b8000df4c4fa174b00aab0ad0912e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
KyrgyzRepublic.1a80596.svg
qic.online/win/_wwwnuxt/img/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/KyrgyzRepublic.1a80596.svg
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
627805c8e80d024b06823404a361adaed91cfa84a68f855599d30df1fd159f2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"1566-18d3077e254"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Oman.d165e48.svg
qic.online/win/_wwwnuxt/img/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/Oman.d165e48.svg
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
ed747b049da0e0787b8ef2b87b104e965ab4fe4d70aad389cf8e7374d9718396
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"1ae1-18d3077e254"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
1.9a4836b.png
qic.online/win/_wwwnuxt/img/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/1.9a4836b.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
f71aab4276aafce1f01160042a7cc85009c9f49b0f84692f833c80793e9384cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"11dcd-18d3077e288"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
2.088788d.png
qic.online/win/_wwwnuxt/img/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/2.088788d.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
2bb0f5fa2a6e0db89fb323f21e2bfc4d688030d9a405a828b8c6b4466dfbf84d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:36 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"802e-18d3077e28c"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
3.b448c75.png
qic.online/win/_wwwnuxt/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/3.b448c75.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
8a43cdab717fa6b1bc29b01e761092ada6617fb3f7c96428f3e235c0adce0c08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:37 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"6a8e-18d3077e28c"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
4.34b9ad7.png
qic.online/win/_wwwnuxt/img/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qic.online/win/_wwwnuxt/img/4.34b9ad7.png
Requested by
Host: qic.online
URL: https://qic.online/win/?utm_source=invite_win&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.70.101.74 Doha, Qatar, ASN48728 (VODAFONEQATAR, QA),
Reverse DNS
Software
/
Resource Hash
0a074951dec638a5ff77802f6f1d7f64895eb8b30c7854b7b07d9703571643e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/win/?utm_source=invite_win&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 07:35:37 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=63072000
Last-Modified
Mon, 22 Jan 2024 09:19:39 GMT
ETag
W/"2106b-18d3077e28c"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 15:42:32 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFKBJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3056467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1339
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZK8Kkb9sXQ3wS4GUYv3dLcyl1rAo0gbDtzkMfs6sZe0BExw1cH%2FQXvrwcuT%2Bdw7fuaTRuH7QnKcDb06N%2Bmbak39NeAuzoUdWqiTtD6cSwl%2F8AsoFcpHXcSGWTTXUSu6uldxk23Vu2sk4eNeQ2i0YAJgz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84aed80d0ff14d9e-FRA
expires
Tue, 14 Jan 2025 07:36:13 GMT
83435941
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/83435941?wv-part=1&wv-type=7&wmode=0&wv-hit=1805105&page-url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&rn=637877011&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1706168175%3Aw%3A1600x1200%3Av%3A1211%3Az%3A60%3Ai%3A20240125083615%3Au%3A1706168172261564225%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1706168175&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:15 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 25-Jan-2024 07:36:15 GMT
content-type
image/gif
access-control-allow-origin
https://qic.online
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 25-Jan-2024 07:36:15 GMT
83435941
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/83435941?wv-part=1&wv-type=7&wmode=0&wv-hit=1805105&page-url=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&rn=357050018&browser-info=we%3A1%3Aet%3A1706168175%3Aw%3A1600x1200%3Av%3A1211%3Az%3A60%3Ai%3A20240125083615%3Au%3A1706168172261564225%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1706168175&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qic.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:15 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 25-Jan-2024 07:36:15 GMT
content-type
image/gif
access-control-allow-origin
https://qic.online
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 25-Jan-2024 07:36:15 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VRPMCST53D&gtm=45je41m0v880855059z8849131735&_p=1706168171727&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1102606772.1706168172&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&sid=1706168171&sct=1&seg=0&dl=https%3A%2F%2Fqic.online%2Fwin%2F%3Futm_source%3Dinvite_win%26lang%3Den&dt=Who%E2%80%99ll%20win%3F%20Guess%20the%20winner%20and%20get%20your%20prize!&en=gtm.dom&ep.event_id=94527daf-e6fa-42d7-9ee3-19f4460668b7_undefined.1&ep.event_name=PageView&_et=151&tfd=7043
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRPMCST53D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qic.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 07:36:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qic.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| __NUXT__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| dataLayer object| recaptcha object| closure_lm_298559 function| gtag object| gaGlobal object| webpackJsonp string| GoogleAnalyticsObject function| ga object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $workbox object| $nuxt function| fbq function| _fbq function| snaptr object| _fbq_gtm_ids function| twq string| _linkedin_data_partner_id object| GooglebQhCsO function| ym object| amplitude object| script string| target object| elem string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| TiktokAnalyticsObject object| ttq object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| twttr boolean| _already_called_lintrk object| ORIBILI object| analyticsConnectorInstances object| _scPxHelper object| google_optimize function| $ function| jQuery object| ccConsole function| getBrowserFingerprint boolean| ccinstalled object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| md5 object| Ya object| yaCounter83435941

51 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: dc4e3509882e40c68a170453af779220
qic.online/win Name: session_source
Value: invite_win
qic.online/win Name: session_medium
Value: undefined
qic.online/win Name: qic_google_id
Value: 1102606772.1706168172
.qic.online/ Name: CARQICINSUREDSESSIONID
Value: JBFavyrsX4ehJexMSJxt5EV93D0Y8cYj
qic.online/ Name: i18n_redirected
Value: en
.qic.online/ Name: TS01bd40dc
Value: 01f00338fe26e6ef71ec76776337ce3ce163bc16be71e1bd43a91bf6a4ab6ced108c20940ead56c9f82332a1c8ccd053ac07cdfc59e98292adcf38806aa0df4ef753ac6e0ca51088ca511d14aa2e912d5de4b46e0f
.qic.online/ Name: _ga_VRPMCST53D
Value: GS1.1.1706168171.1.0.1706168171.60.0.0
.qic.online/ Name: _gcl_au
Value: 1.1.1507523689.1706168172
.qic.online/ Name: _ga
Value: GA1.2.1102606772.1706168172
.qic.online/ Name: _gid
Value: GA1.2.1868760513.1706168172
.qic.online/ Name: _gat_gtag_UA_202550618_3
Value: 1
.qic.online/ Name: _gat_UA-202550618-3
Value: 1
.qic.online/ Name: _gat_UA-202550618-2
Value: 1
.qic.online/ Name: amp_e093a2
Value: GqelwASXJEhMa8km2AkktS...1hkvoofgk.1hkvoofgk.0.0.0
.qic.online/ Name: _ga_L6X3NW3PG7
Value: GS1.2.1706168172.1.0.1706168172.60.0.0
.qic.online/ Name: _scid
Value: 4ae8afe7-e2fe-4c1c-8386-268900478bb3
.qic.online/ Name: _scid_r
Value: 4ae8afe7-e2fe-4c1c-8386-268900478bb3
.tiktok.com/ Name: _ttp
Value: 2bRBmnXGdeawhLPOEEuSaFvbCtg
.doubleclick.net/ Name: IDE
Value: AHWqTUlN-Ga8Zb_EgCgHeAQ1FoAqYBwkzyuAeywCPAGsLbqUZRdq9PIeEkjUrJwcjis
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIQgEsIlIOCCHP47iMwXD21bnOtspjroS6lc+Oy0eip9WjN0zSCW4kDb6ACxt14cyAAAA
.qic.online/ Name: _tt_enable_cookie
Value: 1
.qic.online/ Name: _ttp
Value: 0T-23FARzU1ImM0Os7tNpFmRPj5
.qic.online/ Name: _ym_uid
Value: 1706168172261564225
.qic.online/ Name: _ym_d
Value: 1706168172
.linkedin.com/ Name: li_sugr
Value: b7f0f01c-f54b-4786-b7fd-4b1d1b833188
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3199:u=1:x=1:i=1706168172:t=1706254572:v=2:sig=AQG2BNVi4JYwXO9kMiAyTr21yKPFVYtY"
.t.co/ Name: muc_ads
Value: 5730541a-e207-4df2-bf6a-7ef65829e424
.twitter.com/ Name: personalization_id
Value: "v1_I62bAY1DELXLKYzdos46Pg=="
.qic.online/ Name: _fbp
Value: fb.1.1706168172283.437541175
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2877716164fake
.yandex.com/ Name: i
Value: DcPbaRQ2okfT4GQWxOkC8+h0HVpJGufnAy8pcBpInWCr+8YSJJ8KhsvQ7PsBkZtjUnxFAHwMJAeztAVubBHMsCNszSw=
.yandex.com/ Name: yandexuid
Value: 7161631471706168172
.qic.online/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 75909937fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.linkedin.com/ Name: UserMatchHistory
Value: AQIzS-qnw8gkZAAAAY0_jD88Pk4btW2jTWyF_s3uxYTr2iT49CKTfagPP_CHpnHlMr4TD_R9t4aOzw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJtLPS2J0b9zAAAAY0_jD89tNLOEnjEH54TQWGOzGVeArQuzUyJMcSmwifKWczI2HTJittXXbi7-_1-wdZsIA
.linkedin.com/ Name: bcookie
Value: "v=2&799a720b-0073-47b6-8e1e-06f365c53317"
.yandex.ru/ Name: yandexuid
Value: 7161631471706168172
.yandex.ru/ Name: yuidss
Value: 7161631471706168172
.yandex.ru/ Name: i
Value: DcPbaRQ2okfT4GQWxOkC8+h0HVpJGufnAy8pcBpInWCr+8YSJJ8KhsvQ7PsBkZtjUnxFAHwMJAeztAVubBHMsCNszSw=
.yandex.ru/ Name: yp
Value: 1706254572.yu.8802404091706168172
.yandex.ru/ Name: ymex
Value: 1708760172.oyu.8802404091706168172
mc.yandex.com/ Name: yabs-sid
Value: 1748635121706168172
.yandex.com/ Name: yuidss
Value: 7161631471706168172
.yandex.com/ Name: ymex
Value: 1737704172.yrts.1706168172
.yandex.com/ Name: bh
Value: KgI/MA==
.qic.online/ Name: _ym_visorc
Value: w
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240125073612cbd0a8bd-73b3-4501-8b58-244d0e2ef8faAQGeOwPd9o0Pb-tP_9e_as9tLv8dWtKr"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDYxNjgxNzI7MjswMjEJSS0vAcAvDufVTBlroXwL4DeKXEPDdL6hqxaNqLd85Q==

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/916738272525912?v=2.9.142&r=stable&domain=qic.online(Line 127)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13548668.fls.doubleclick.net
adservice.google.com
ajax.googleapis.com
analytics.tiktok.com
analytics.twitter.com
cdn.amplitude.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
px.ads.linkedin.com
px4.ads.linkedin.com
qic.online
region1.analytics.google.com
sc-static.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
104.126.37.145
104.244.42.195
104.244.42.5
13.107.42.14
142.250.74.198
143.204.207.250
146.75.116.157
2001:4860:4802:32::36
212.70.101.74
2600:9000:225e:e00:15:a0d3:77c0:93a1
2606:4700::6811:190e
2620:1ec:21::14
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9a
2a02:26f0:780::210:a45b
2a02:6b8::1:119
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.190.43.134
52.222.206.178
04388d46bf986bab3d32b86da3e19c3e4b8c0ef238b2162a6f1776cf07a1cb25
046abc93ff7001addd0a36506f9d4cdaddd5e22ab193f89fd01b22b53e6e5db4
0a074951dec638a5ff77802f6f1d7f64895eb8b30c7854b7b07d9703571643e1
0d8f1e9f5418eb1ed8419bd7ed548bc711b06503620133d211dc124c551fbbb6
10fc0854417b093d97e681682e87a2731db6e0acebf877b53a4e6526101e3be5
12f67fd424d4e8f4c2768a16b647edf0a283fc6fcf9794cf835b96d23f9b5fb9
17085a546a6ce49ac151d8ec1a8061a83cd3ee4ed7bcd967a024957dfca9a420
1796f0985254dc701c7f0b35267f4aa96f4fe1c8c38d0bd09e917e779aef6cba
18875453a887503aa6e3090ab9fc60a73ab49d4403e4e53ea0060d5d76b4b8f1
1a400fd2618843eea77df485073933629b263b60585bbf1047d15f9a90f627e0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ecbe77d994133a2d59f66e6d94a8cfac67e0f61a7f3419e4e11fc11016b30f7
20994e931260d3067776033f5e70d9c2a807051a06fc888c9b0b9adc086cf5ae
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
2809f4bc5f9e45040951e7b4b120ca50841528f8e2d38266ecb059ec7fb2d995
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bb0f5fa2a6e0db89fb323f21e2bfc4d688030d9a405a828b8c6b4466dfbf84d
39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5
3af1e68ba763ce8e4466c1dbc0d9eafaf44bb0c81d5f7a03166c7b0aa8f51e4a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e38481d6cd9b5b4a1485a17f692785e9d038668fd3ccedb268ca173a6b8c844
43d425912981e2dfed99952b7b25fe0a06f6ee7655e462aab3b129ad08f074d8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57208c8d7d946d91df97a02490b32112d691bde603649ba6a95f40d9b9733674
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
614b056a67351219198aba67f8d8be4e5a3d5249d7c8d4b0e64d6c5f4e312cc6
627805c8e80d024b06823404a361adaed91cfa84a68f855599d30df1fd159f2b
6b273a326da5306a080e2d669aa0b907c31a15afe66291479dd4f1286ae2bf9d
6c91af5286269fd53f0d751721a3738e3ecdda73ecebbe732f878f3cb500af07
7193915da5857115181aff2052813f1c365b8000df4c4fa174b00aab0ad0912e
72ff1a8f4a0f9f4dd0dc2b02d6509a380d7a0d025a5270f283921917838c7d72
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a45746313ac856b23f9f62cda9584e46725ba17178f64022cb705e7000b08b8
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6
7f6798c4e0b795f6cc60e5e55ca675e6ff28cd46f8b6cb12c160fd16d38a97f3
82aca294bc5806857b9c0ea4e52e2a3a8d5be3ee148314cc1861800bea4eaf37
845995eccfdaebc0979d704d50b5ead527ca5a265c670fd148cb77afc919218f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8a43cdab717fa6b1bc29b01e761092ada6617fb3f7c96428f3e235c0adce0c08
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
94f9ea094bf8769a838987d5f5734ceda7fdcfa98fac3fa4bcdcaf134984fcee
981bdb933f951639689aed24feb86e900330f147389b960d7ab64f0642fb5af4
9b5ec040d031c8911373ed2a36d3f20db148aca7e98318dbf8485ddcb5d68b3a
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a8769ff21d2a1f1e2dd4243195b8be9f5480375c7db0b58d6a0ef04f345b2656
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad656d5ed522b344995a62118f7afc66c73f979a8c245c56ef5da2ef07979ddb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedd08ff1f8a3c2b697dcb0327575e5c7ea0364a00fe53a6a90dc8961a71606a
b0064b10e59032fd7b81226230443731094a1c79f1cd1df3b08f14f8dc2040d3
b43bf31d5060d93563d56a5156c72d7463cb7137bd6128177955c48d5fe19b36
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b709485708e76c7a633cc313f0956a6a77ebe00f5cf6697aba7a9af2c3fe4ccc
b87f43174299f0185c3b37a49af1d8e92a353f0d01b5e8f08db34965e692613b
b95ed2c9b2e17735f778b047b639832bfa5299ec4320a852dcc4cbf9e8d5141b
c6853a4913bbc3616c4caa910dbd7e714bef38aac05c1ed69e2606521b24ad81
ccc792fe9524ed5fdfbfcecc8fea74108b31a115e84542578e38ee172978c93a
cea259def845428dc1964994be987586e378bdca75ccb0f1e52be500673e2007
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1a99aff7e4373db85911c60d3b8c0133c93710503795359b0869945ade8327d
d9278cf09359f8e49c43b6774529ec36fedaae812c65c8156a7607b5b78d7862
dd44eae73d290f09d3ca595ab3c827404378b6aff2d95cca724aa4792ad47ee6
dde66260091c6778809ab78cc11210fe82af7140836e313a8cc20aa8d735551b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de739f85efb415dd22060e0f6a8725a1173f632b130d7c5ad4d50d884d2afe38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c9f7097f75dd633860972b5dcd83f6f8e3fb642eb90480e518d8e6b060c2f4
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
e85399e3f73c1de6b7d7a9a0c08e8af5457d1247cfe735cffe7f2f2a908dfe7d
e9b03c6cd2a6c229146c63b7985172a3e12b565cd2fc3368393dd5918702f5b6
eaf52f809143a05826b64cc43b2d746c76b17bb2f1a17f96e8304e7f14583e52
ed747b049da0e0787b8ef2b87b104e965ab4fe4d70aad389cf8e7374d9718396
ee13718c53e64f0a73cd39f99b97c72c9dc544ac19df47c06ef9469b99391ba4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f4c0e292142ba0a3b80ac702ee85a720afbdf07f85b63770713b385388308efe
f71aab4276aafce1f01160042a7cc85009c9f49b0f84692f833c80793e9384cc
f8b6c97b1c6dd5369e7f5bdc8fae5965a0137983b30beb88ea9cda3a7c7f6b0a
fb85918a9b0e5a7d4e0bcce16c43d16fd08d978f3175a4ca8931424570dcaf76
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e