URL: http://www.qubapalace.com/
Submission: On December 01 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 53 HTTP transactions. The main IP is 5.187.4.163, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is www.qubapalace.com.
This is the only time www.qubapalace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 5.187.4.163 44066 (DE-FIRSTC...)
1 2a00:1450:400... 15169 (GOOGLE)
3 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f12... 32934 (FACEBOOK)
1 2a03:2880:f02... 32934 (FACEBOOK)
53 7
Apex Domain
Subdomains
Transfer
34 qubapalace.com
www.qubapalace.com
2 MB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9421
3 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 134
socialplugin.facebook.net — Cisco Umbrella Rank: 11198
202 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3665
72 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
43 KB
53 7
Domain Requested by
34 www.qubapalace.com www.qubapalace.com
8 mc.yandex.com 2 redirects www.qubapalace.com
mc.yandex.ru
5 www.facebook.com www.qubapalace.com
connect.facebook.net
3 connect.facebook.net www.qubapalace.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects www.qubapalace.com
1 socialplugin.facebook.net connect.facebook.net
1 www.googletagmanager.com www.qubapalace.com
53 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.pinterest.com
www.simplebooking.it
advance.az
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-10-18 -
2023-03-30
5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-09 -
2022-12-08
3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.qubapalace.com/
Frame ID: 2F8E93CDC199E2E181127AE122B9EF55
Requests: 53 HTTP requests in this frame

Screenshot

Page Title

Quba Palace Hotel ☆☆☆☆☆

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

32 %
HTTPS

86 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

2049 kB
Transfer

3369 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9839.AWO8SeJpjejShnmTng2liOrtLiVVIpFKQAAAHos0EFjCbf8VfMhTi6nUlMozDorZ.iSewYAzgCU1SV3zFgnUZ1zmF5WU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9839.RYfD0wf4NanV9PHV2OCL3FO4Chlv069HaZ5phH034Awl-mXC-lzPm58l4TDd1WwYl8kEtzVkV_G2GjtxZkShMIKhCOveG0MMVQA6Xvo-o0Y%2C.BVM_TqVx1Q5UlNDriUlxFLV0WVQ%2C
Request Chain 42
  • https://mc.yandex.com/watch/50791324?wmode=7&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A248%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A752757570324%3Ahid%3A2544549%3Az%3A0%3Ai%3A20221201132742%3Aet%3A1669901263%3Ac%3A1%3Arn%3A884493136%3Arqn%3A1%3Au%3A1669901263601444271%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A46%2C22%2C67%2C1%2C0%2C0%2C%2C149%2C17%2C%2C%2C%2C286%3Acpf%3A1%3Antf%3A1%3Ans%3A1669901262197%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669901263%3At%3AQuba%20Palace%20Hotel%20%E2%98%86%E2%98%86%E2%98%86%E2%98%86%E2%98%86&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/50791324/1?wmode=7&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A248%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A752757570324%3Ahid%3A2544549%3Az%3A0%3Ai%3A20221201132742%3Aet%3A1669901263%3Ac%3A1%3Arn%3A884493136%3Arqn%3A1%3Au%3A1669901263601444271%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A46%2C22%2C67%2C1%2C0%2C0%2C%2C149%2C17%2C%2C%2C%2C286%3Acpf%3A1%3Antf%3A1%3Ans%3A1669901262197%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669901263%3At%3AQuba%20Palace%20Hotel%20%E2%98%86%E2%98%86%E2%98%86%E2%98%86%E2%98%86&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.qubapalace.com/
13 KB
4 KB
Document
General
Full URL
http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
8cc67a018be75e4c769ce3b940f846866b53e7a8668dd071f40c0bdc8d1910d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3583
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Dec 2022 13:27:42 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
bootstrap.css
www.qubapalace.com/assets/4a9d5520/css/
143 KB
21 KB
Stylesheet
General
Full URL
http://www.qubapalace.com/assets/4a9d5520/css/bootstrap.css
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Sat, 31 Jul 2021 15:19:13 GMT
Server
nginx
ETag
W/"610569f1-23a5a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
lightgallery.min.css
www.qubapalace.com/css/
20 KB
4 KB
Stylesheet
General
Full URL
http://www.qubapalace.com/css/lightgallery.min.css
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
e1674bef70205ec246e49022bb83f033e31f5e9d25cd608e5ddf3461b3d3a739

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Aug 2018 17:32:32 GMT
Server
nginx
ETag
W/"5b6491b0-4fed"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
swiper.min.css
www.qubapalace.com/css/
19 KB
3 KB
Stylesheet
General
Full URL
http://www.qubapalace.com/css/swiper.min.css
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Aug 2018 17:32:32 GMT
Server
nginx
ETag
W/"5b6491b0-4d3e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
www.qubapalace.com/assets/bf39ccfb/css/
30 KB
7 KB
Stylesheet
General
Full URL
http://www.qubapalace.com/assets/bf39ccfb/css/font-awesome.min.css
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Sat, 31 Jul 2021 15:19:13 GMT
Server
nginx
ETag
W/"610569f1-7918"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
hint.min.css
www.qubapalace.com/css/
9 KB
2 KB
Stylesheet
General
Full URL
http://www.qubapalace.com/css/hint.min.css
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
11a4767b7735172a662ac28335999607a7123ea8be73fc173d7d1e4102b08fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 12:00:24 GMT
Server
nginx
ETag
W/"5bb600d8-259b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
www.qubapalace.com/css/
26 KB
5 KB
Stylesheet
General
Full URL
http://www.qubapalace.com/css/style.css
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
a0fca81c1fff78a3acd59699f04613a41c23a59cd39e8048d5c924587fa17f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Apr 2019 15:38:09 GMT
Server
nginx
ETag
W/"5cbddfe1-6666"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
media.css
www.qubapalace.com/css/
13 KB
3 KB
Stylesheet
General
Full URL
http://www.qubapalace.com/css/media.css
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
c22c8ee12d500cf23839cc6fd510a778d5eab8a3a24ab00992304cbf44dcf628

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Apr 2019 16:06:11 GMT
Server
nginx
ETag
W/"5cbde673-3294"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-127077258-1
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
290baee09a0493bb64c0a783b60d7821b65d47a43adade335522c16970c10aaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:27:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43540
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Dec 2022 13:27:42 GMT
preloader.svg
www.qubapalace.com/images/
2 KB
818 B
Image
General
Full URL
http://www.qubapalace.com/images/preloader.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
df30d1d10a4e076aec18cf3eaaa033daab8cf336a56fd0c9f76eec9419011d9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Aug 2018 17:32:32 GMT
Server
nginx
ETag
W/"5b6491b0-697"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-2.svg
www.qubapalace.com/images/
26 KB
6 KB
Image
General
Full URL
http://www.qubapalace.com/images/logo-2.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
df9dca58959bc1bacf36dcd3eafc2137db0995df2aeed4ea5b52407f2afbf7a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-6805"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
about.svg
www.qubapalace.com/images/icons/
10 KB
3 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/about.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
87e1c28c9d644f4db2195f84a2597376c010630d976fd0bc988ce79225e5d51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-28bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
entertainment.svg
www.qubapalace.com/images/icons/
3 KB
2 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/entertainment.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
ef12e50a276e1f6fbe7ec1d2d8d075127b049b29e70bd2757c3f2269980ca6df

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-b7f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
spa.svg
www.qubapalace.com/images/icons/
4 KB
2 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/spa.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
4a4251828862c02a37d1ae6b43310b187e1bef393c6fa91662c9739e841247c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-f19"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
rooms.svg
www.qubapalace.com/images/icons/
839 B
1 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/rooms.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
04e7ab1391b4c816c20eed6c6606b885d9ab57017f46656b100dfdf601ef8b23

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
"5b961203-347"
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
839
Expires
Thu, 31 Dec 2037 23:55:55 GMT
meeting.svg
www.qubapalace.com/images/icons/
3 KB
1 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/meeting.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
2b4edad64e58eb8260ea01f0d88bc04f9b123c0033a983de962363ec468a0fae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-c10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
news.svg
www.qubapalace.com/images/icons/
1 KB
944 B
Image
General
Full URL
http://www.qubapalace.com/images/icons/news.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
f6057249f04f06eba013c9f7cb264b65879bbe8495f13cc8af2c4fc1af8f993f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-459"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
golf.svg
www.qubapalace.com/images/icons/
2 KB
1 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/golf.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
3b64dd59372c2562216c7394524f76a0328a9c375aa1f115906948b58ef72d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-912"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
restaurants.svg
www.qubapalace.com/images/icons/
1 KB
1 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/restaurants.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
a8305c77428de5967e06e0dbf88e6590944d5158718cb787a3f511b8e3f1c613

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-59f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gallery.svg
www.qubapalace.com/images/icons/
931 B
1 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/gallery.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
4ab1bf82ce895b34144de26ae3fdb03c38eed5e1ff40e8cfd30f6e0dad4f8539

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
"5b961203-3a3"
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
931
Expires
Thu, 31 Dec 2037 23:55:55 GMT
services.svg
www.qubapalace.com/images/icons/
3 KB
2 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/services.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
bb571942147b7f6a5bf62d8264c53746a81b5a1ab1a5541da2f410c032188876

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-c0c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
calendar.svg
www.qubapalace.com/images/icons/
3 KB
1 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/calendar.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
8ac9920e033b2d480a08b36be56ab58b226bd8762d562ae74c8dcfddbad65c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 06:41:07 GMT
Server
nginx
ETag
W/"5b961203-c02"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
code.svg
www.qubapalace.com/images/
817 B
1 KB
Image
General
Full URL
http://www.qubapalace.com/images/code.svg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
3bb8a492fb0bc6d4c80f1006e24b2c01accec54f2c99647d38954931ac2566db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Mon, 11 Feb 2019 10:30:50 GMT
Server
nginx
ETag
"5c614eda-331"
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
817
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
www.qubapalace.com/assets/b6c36585/
252 KB
75 KB
Script
General
Full URL
http://www.qubapalace.com/assets/b6c36585/jquery.js
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Sat, 31 Jul 2021 15:19:13 GMT
Server
nginx
ETag
W/"610569f1-3ee0f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
yii.js
www.qubapalace.com/assets/968ced99/
20 KB
6 KB
Script
General
Full URL
http://www.qubapalace.com/assets/968ced99/yii.js
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
bb7a8c984417a77f846d70464f10364b4e5cb40c50ad1140b805bf43f2984b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Sat, 31 Jul 2021 15:19:13 GMT
Server
nginx
ETag
W/"610569f1-4eeb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
lightgallery-all.min.js
www.qubapalace.com/js/
48 KB
12 KB
Script
General
Full URL
http://www.qubapalace.com/js/lightgallery-all.min.js
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
c32104412090bf98bd5bdf0dc95d85e6b86f31b59278b831601e4f8188e28cb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Aug 2018 17:32:32 GMT
Server
nginx
ETag
W/"5b6491b0-c184"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
swiper.min.js
www.qubapalace.com/js/
118 KB
30 KB
Script
General
Full URL
http://www.qubapalace.com/js/swiper.min.js
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
8e9658f1f65508b773cda6f1ff2f5d936af852310c3ca8f076c8f12566e1b421

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Aug 2018 17:32:32 GMT
Server
nginx
ETag
W/"5b6491b0-1d657"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
common.js
www.qubapalace.com/js/
10 KB
2 KB
Script
General
Full URL
http://www.qubapalace.com/js/common.js
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
1a2cac98872ac2db7d63bab665656e9d7a98271edd0f4c43519ce94bca770f4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Aug 2018 12:05:12 GMT
Server
nginx
ETag
W/"5b868bf8-28d7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
background-texture.png
www.qubapalace.com/images/
21 KB
21 KB
Image
General
Full URL
http://www.qubapalace.com/images/background-texture.png
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/css/style.css
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
b9a096b727f63a9db909343816a94edf14510feaf1086d73e48dee603de7d22c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Fri, 03 Aug 2018 17:32:32 GMT
Server
nginx
ETag
"5b6491b0-5480"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21632
Expires
Thu, 31 Dec 2037 23:55:55 GMT
tag.js
mc.yandex.ru/metrika/
209 KB
72 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:27:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 30 Nov 2022 16:40:22 GMT
etag
"63875d46-11e96"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73366
expires
Thu, 01 Dec 2022 14:27:42 GMT
fbevents.js
connect.facebook.net/en_US/
103 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Dec 2022 13:27:42 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
56rfFZONPLxAyyyQR8kH/1I4g2ePftUzlMSTSf4pBey7vwjtELOOZb9eBz/vUdjCtKEjdUTLg3K7RmYYTQl/cA==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
xfbml.customerchat.js
connect.facebook.net/ru_RU/sdk/
316 KB
89 KB
Script
General
Full URL
https://connect.facebook.net/ru_RU/sdk/xfbml.customerchat.js
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e4cf9a22cdaeac879d2a6982fd06dcf8fb34d796a11c18327266496708265a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Dec 2022 13:27:42 GMT
content-md5
TmN4vPGu2BI3j9uXWxe9rg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
91151
x-fb-rlafr
0
x-fb-debug
Ua9+fehLZ/7JFg2egQB2a9jZXHvwlazKU7BjanALBP3Cg3D0cAcMP9a+Y4JyphsXXTIGv7peyR6YeDRN32jT3A==
x-fb-trip-id
2050670934
x-fb-content-md5
966cf66acfcdaef4d1ba9ae953c3da04
cross-origin-opener-policy
same-origin-allow-popups
etag
"9d717b32f25e4b9b9f616d0fed837a4b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 01 Dec 2022 13:45:12 GMT
slider-arrow.png
www.qubapalace.com/images/icons/
2 KB
2 KB
Image
General
Full URL
http://www.qubapalace.com/images/icons/slider-arrow.png
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/css/style.css
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
5b50f68de6e8f11528316a2d516bad317e4d84038ffc1cc12e7697399b43672c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Fri, 03 Aug 2018 17:32:32 GMT
Server
nginx
ETag
"5b6491b0-73f"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
Expires
Thu, 31 Dec 2037 23:55:55 GMT
SF-Light.otf
www.qubapalace.com/fonts/
356 KB
356 KB
Font
General
Full URL
http://www.qubapalace.com/fonts/SF-Light.otf
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/css/style.css
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
1809851721921448c6bc7a05dad18f61b4fe787818fc407dfca816c67400663f

Request headers

Referer
http://www.qubapalace.com/css/style.css
Origin
http://www.qubapalace.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Fri, 31 Aug 2018 10:30:04 GMT
Server
nginx
ETag
"5b8918ac-58e78"
Content-Type
application/octet-stream
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
364152
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
www.qubapalace.com/assets/bf39ccfb/fonts/
75 KB
76 KB
Font
General
Full URL
http://www.qubapalace.com/assets/bf39ccfb/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/assets/bf39ccfb/css/font-awesome.min.css
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
http://www.qubapalace.com/assets/bf39ccfb/css/font-awesome.min.css
Origin
http://www.qubapalace.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Sat, 31 Jul 2021 15:19:13 GMT
Server
nginx
ETag
"12d68-5c86cdbcd5394"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77160
wcINWV1yNTQjiUyXpDAWCdsU0iEXYmO7.png
www.qubapalace.com/upload/banners/
445 KB
445 KB
Image
General
Full URL
http://www.qubapalace.com/upload/banners/wcINWV1yNTQjiUyXpDAWCdsU0iEXYmO7.png
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
d5e6731cb5a1d96765686e776b4dc416b60c39020a97500a16b577b408183ae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Tue, 25 Oct 2022 13:12:40 GMT
Server
nginx
ETag
"6357e0c8-6f352"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
455506
Expires
Thu, 31 Dec 2037 23:55:55 GMT
d28AXF1RqWfa_JnZugKHZ5ZmWYzGyMR6.jpg
www.qubapalace.com/upload/banners/
164 KB
164 KB
Image
General
Full URL
http://www.qubapalace.com/upload/banners/d28AXF1RqWfa_JnZugKHZ5ZmWYzGyMR6.jpg
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
f22258485a73b4a640a3325c682d7257dcd2fc2890c8242a18d5bbb5e0edc80f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:42 GMT
Last-Modified
Sat, 09 Apr 2022 21:00:00 GMT
Server
nginx
ETag
"6251f3d0-290b2"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
168114
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127077258-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Dec 2022 13:15:51 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
711
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 01 Dec 2022 15:15:51 GMT
1209958632452342
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1209958632452342?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bbc2d65380701f2394aa2c4b7bfeb3bf723a14c18b0867e0045588ae74c650a4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Dec 2022 13:27:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
rA1MbL06t62EKaQPpRaDcJ27bRbxK5xLKAiUCtpjxRQLFh8DR13+6ZC7GAbU1QJf46svoUEcNks2d3MSfeuv9w==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=351803551&t=pageview&_s=1&dl=http%3A%2F%2Fwww.qubapalace.com%2F&ul=en-us&de=UTF-8&dt=Quba%20Palace%20Hotel%20%E2%98%86%E2%98%86%E2%98%86%E2%98%86%E2%98%86&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1515064218&gjid=1735135827&cid=1552515430.1669901263&tid=UA-127077258-1&_gid=120146935.1669901263&_r=1&gtm=2oubs0&z=1803720134
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.qubapalace.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 13:27:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.qubapalace.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1209958632452342&ev=PageView&dl=http%3A%2F%2Fwww.qubapalace.com%2F&rl=&if=false&ts=1669901262813&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669901262812.736595372&it=1669901262559&coo=false&rqm=GET
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Dec 2022 13:27:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9839.AWO8SeJpjejShnmTng2liOrtLiVVIpFKQAAAHos0EFjCbf8VfMhTi6nUlMozDorZ.iSewYAzgCU1SV3zFgnUZ1zmF5WU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9839.RYfD0wf4NanV9PHV2OCL3FO4Chlv069HaZ5phH034Awl-mXC-lzPm58l4TDd1WwYl8kEtzVkV_G2GjtxZkShMIKhCOveG0MMVQA6Xvo-o0Y%2C.BVM_TqVx1Q5UlNDriUlxFLV0WVQ%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9839.RYfD0wf4NanV9PHV2OCL3FO4Chlv069HaZ5phH034Awl-mXC-lzPm58l4TDd1WwYl8kEtzVkV_G2GjtxZkShMIKhCOveG0MMVQA6Xvo-o0Y%2C.BVM_TqVx1Q5UlNDriUlxFLV0WVQ%2C
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:27:43 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9839.RYfD0wf4NanV9PHV2OCL3FO4Chlv069HaZ5phH034Awl-mXC-lzPm58l4TDd1WwYl8kEtzVkV_G2GjtxZkShMIKhCOveG0MMVQA6Xvo-o0Y%2C.BVM_TqVx1Q5UlNDriUlxFLV0WVQ%2C
date
Thu, 01 Dec 2022 13:27:42 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
112 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:27:42 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 30 Nov 2022 16:40:22 GMT
etag
"63875d46-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 01 Dec 2022 14:27:42 GMT
1
mc.yandex.com/watch/50791324/
Redirect Chain
  • https://mc.yandex.com/watch/50791324?wmode=7&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A248%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.com/watch/50791324/1?wmode=7&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A248%3Afu%3A0%3Aen%3Autf-...
454 B
536 B
XHR
General
Full URL
https://mc.yandex.com/watch/50791324/1?wmode=7&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A248%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A752757570324%3Ahid%3A2544549%3Az%3A0%3Ai%3A20221201132742%3Aet%3A1669901263%3Ac%3A1%3Arn%3A884493136%3Arqn%3A1%3Au%3A1669901263601444271%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A46%2C22%2C67%2C1%2C0%2C0%2C%2C149%2C17%2C%2C%2C%2C286%3Acpf%3A1%3Antf%3A1%3Ans%3A1669901262197%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669901263%3At%3AQuba%20Palace%20Hotel%20%E2%98%86%E2%98%86%E2%98%86%E2%98%86%E2%98%86&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
121ff5f9508525ccdc5365105af7fbb57b0e17bf96832ee938b3c55237a47160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 13:27:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 01-Dec-2022 13:27:43 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
454
x-xss-protection
1; mode=block
expires
Thu, 01-Dec-2022 13:27:43 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Dec 2022 13:27:43 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 01-Dec-2022 13:27:43 GMT
location
/watch/50791324/1?wmode=7&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A248%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A752757570324%3Ahid%3A2544549%3Az%3A0%3Ai%3A20221201132742%3Aet%3A1669901263%3Ac%3A1%3Arn%3A884493136%3Arqn%3A1%3Au%3A1669901263601444271%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A46%2C22%2C67%2C1%2C0%2C0%2C%2C149%2C17%2C%2C%2C%2C286%3Acpf%3A1%3Antf%3A1%3Ans%3A1669901262197%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669901263%3At%3AQuba%20Palace%20Hotel%20%E2%98%86%E2%98%86%E2%98%86%E2%98%86%E2%98%86&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 01-Dec-2022 13:27:43 GMT
/
socialplugin.facebook.net/new_domain_gating/
40 B
876 B
XHR
General
Full URL
https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=2061270777463244&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.qubapalace.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
date
Thu, 01 Dec 2022 13:27:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
PnjpRFS+HIDpZM52JbQ/PQ3KBllpqgoiCsW3sB7HtA4oo3A+ihQd64cdhUaxjwwtGlgB2erDSxR4VmLV2zQRSg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/
0
28 B
XHR
General
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c152f74430fc8%26domain%3Dwww.qubapalace.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.qubapalace.com%252Ff2597bd1bf3c06%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.qubapalace.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=ru_RU&log_id=5753cd1b-3f9c-4375-b9b5-e7e4cd05f05e&page_id=2061270777463244&request_time=1669901263286&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%2327463b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.qubapalace.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Thu, 01 Dec 2022 13:27:43 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
M32bFJ42ltsGedU8LmUN8WBuKG4Ug5IswG9pQBCuHZjWM18wdkmJ9dStrpviRT9zcQnaad/ioKM+da1DsSVeZQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/facade/
1 KB
782 B
XHR
General
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c152f74430fc8%26domain%3Dwww.qubapalace.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.qubapalace.com%252Ff2597bd1bf3c06%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.qubapalace.com%2F&is_loaded_by_facade=true&locale=ru_RU&log_id=5753cd1b-3f9c-4375-b9b5-e7e4cd05f05e&page_id=2061270777463244&request_time=1669901263286&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%2327463b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba95a3ce8e9e1c55ad9ec459aff843787607fed12d68be0bcc574d971c9b352d
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.qubapalace.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 01 Dec 2022 13:27:43 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
bLm/ZAb/cD+1lj7XYWVpKnEQxHjP8crvE8Zlh515Uh45m46g3syg4XND2KFty6CnQg8uLqUI5ERBumsU5q8bBQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate
x-frame-options
DENY
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1209958632452342&ev=Microdata&dl=http%3A%2F%2Fwww.qubapalace.com%2F&rl=&if=false&ts=1669901263331&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Quba%20Palace%20Hotel%20%E2%98%86%E2%98%86%E2%98%86%E2%98%86%E2%98%86%22%2C%22meta%3Adescription%22%3A%22%20Quba%20%C5%9F%C9%99h%C9%99rind%C9%99%205%20ulduzlu%20otel%20%5C%22Quba%20Palace%20Hotel%5C%22.%20Otaqlar%C4%B1n%20sifari%C5%9Fi%2C%20transfer%20xidm%C9%99tl%C9%99ri%2C%20kiray%C9%99%20villalar%C4%B1%2C%20restoranlar%2C%20%C9%99yl%C9%99nc%C9%99%2C%20konsertl%C9%99r.%20%C6%8Fski%20%C4%B0qr%C4%B1q%20K%C9%99ndi%22%2C%22meta%3Akeywords%22%3A%22%20%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22%2Fimages%2Fguba-palace-opengraph.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669901262812.736595372&it=1669901262559&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Dec 2022 13:27:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/plugins/customer_chat/SDK/
0
25 B
XHR
General
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c152f74430fc8%26domain%3Dwww.qubapalace.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.qubapalace.com%252Ff2597bd1bf3c06%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.qubapalace.com%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=208&locale=ru_RU&log_id=5753cd1b-3f9c-4375-b9b5-e7e4cd05f05e&page_id=2061270777463244&request_time=1669901263494&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%2327463b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.qubapalace.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Thu, 01 Dec 2022 13:27:43 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
t+nyISp03F2+phLDSxVwC4iUhtDMOOgIgTC2OSvBwI4yiPC2IDB9r82MTlkREcsKPAArEz5yg1hYpYNUr9U3LQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
50791324
mc.yandex.com/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/50791324?wmode=0&wv-part=1&wv-hit=2544549&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&rn=489200204&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669901266%3Aw%3A1600x1200%3Av%3A923%3Az%3A0%3Ai%3A20221201132745%3Au%3A1669901263601444271%3Avf%3Ahfefmzcw94fsyu18inugs%3Awe%3A1%3Ast%3A1669901266&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.qubapalace.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 13:27:45 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 01-Dec-2022 13:27:45 GMT
content-type
image/gif
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01-Dec-2022 13:27:45 GMT
wcINWV1yNTQjiUyXpDAWCdsU0iEXYmO7.png
www.qubapalace.com/upload/banners/
445 KB
445 KB
Image
General
Full URL
http://www.qubapalace.com/upload/banners/wcINWV1yNTQjiUyXpDAWCdsU0iEXYmO7.png
Requested by
Host: www.qubapalace.com
URL: http://www.qubapalace.com/js/swiper.min.js
Protocol
HTTP/1.1
Server
5.187.4.163 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
201583.fornex.cloud
Software
nginx /
Resource Hash
d5e6731cb5a1d96765686e776b4dc416b60c39020a97500a16b577b408183ae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.qubapalace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:27:45 GMT
Last-Modified
Tue, 25 Oct 2022 13:12:40 GMT
Server
nginx
ETag
"6357e0c8-6f352"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
455506
Expires
Thu, 31 Dec 2037 23:55:55 GMT
50791324
mc.yandex.com/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/50791324?wmode=0&wv-part=1&wv-hit=2544549&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&rn=809869794&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1669901266%3Aw%3A1600x1200%3Av%3A923%3Az%3A0%3Ai%3A20221201132745%3Au%3A1669901263601444271%3Avf%3Ahfefmzcw94fsyu18inugs%3Awe%3A1%3Ast%3A1669901266&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.qubapalace.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 13:27:46 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 01-Dec-2022 13:27:46 GMT
content-type
image/gif
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01-Dec-2022 13:27:46 GMT
50791324
mc.yandex.com/webvisor/
43 B
176 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/50791324?wmode=0&wv-part=2&wv-hit=2544549&page-url=http%3A%2F%2Fwww.qubapalace.com%2F&rn=687349801&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669901267%3Aw%3A1600x1200%3Av%3A923%3Az%3A0%3Ai%3A20221201132747%3Au%3A1669901263601444271%3Avf%3Ahfefmzcw94fsyu18inugs%3Awe%3A1%3Ast%3A1669901267&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.qubapalace.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 13:27:47 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 01-Dec-2022 13:27:47 GMT
content-type
image/gif
access-control-allow-origin
http://www.qubapalace.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01-Dec-2022 13:27:47 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| fbq function| _fbq function| gtag object| dataLayer function| routerFun function| $ function| jQuery object| yii function| Swiper object| win object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| FB object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter50791324

17 Cookies

Domain/Path Name / Value
.qubapalace.com/ Name: advanced
Value: jqemj8ft2vrhcfi8onmj6hrqvr
www.qubapalace.com/ Name: _csrf-frontend
Value: 3d99c693eca476c66abcb56ab8efdf3e63020c51dbd18587d8969a72e2e5b5b7a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22xaSCw88QT_NqWA45-9NRp8tb9zl9j9wv%22%3B%7D
.qubapalace.com/ Name: _ga
Value: GA1.2.1552515430.1669901263
.qubapalace.com/ Name: _gid
Value: GA1.2.120146935.1669901263
.qubapalace.com/ Name: _gat_gtag_UA_127077258_1
Value: 1
.qubapalace.com/ Name: _fbp
Value: fb.1.1669901262812.736595372
.qubapalace.com/ Name: _ym_uid
Value: 1669901263601444271
.qubapalace.com/ Name: _ym_d
Value: 1669901263
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2524262586fake
.qubapalace.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1366505121fake
mc.yandex.com/ Name: yabs-sid
Value: 1901746931669901263
.yandex.com/ Name: i
Value: McBArMWGRv7qsGPbiP+hM7FueWsrveaDQ2mIv0gvHV4c9gvPdeqpDfXdNAp4O8M/arb++5hkyovaK/wKgmXOfWj1+C0=
.yandex.com/ Name: yandexuid
Value: 3797738361669901263
.yandex.com/ Name: yuidss
Value: 3797738361669901263
.yandex.com/ Name: ymex
Value: 1701437263.yc.1669901263#1701437263.yrts.1669901263#1701437263.yrtsi.1669901263
.qubapalace.com/ Name: _ym_visorc
Value: w

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9839.RYfD0wf4NanV9PHV2OCL3FO4Chlv069HaZ5phH034Awl-mXC-lzPm58l4TDd1WwYl8kEtzVkV_G2GjtxZkShMIKhCOveG0MMVQA6Xvo-o0Y%2C.BVM_TqVx1Q5UlNDriUlxFLV0WVQ%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
mc.yandex.com
mc.yandex.ru
socialplugin.facebook.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.qubapalace.com
2a00:1450:4001:808::200e
2a00:1450:4001:82f::2008
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
5.187.4.163
04e7ab1391b4c816c20eed6c6606b885d9ab57017f46656b100dfdf601ef8b23
11a4767b7735172a662ac28335999607a7123ea8be73fc173d7d1e4102b08fbd
121ff5f9508525ccdc5365105af7fbb57b0e17bf96832ee938b3c55237a47160
1809851721921448c6bc7a05dad18f61b4fe787818fc407dfca816c67400663f
1a2cac98872ac2db7d63bab665656e9d7a98271edd0f4c43519ce94bca770f4d
290baee09a0493bb64c0a783b60d7821b65d47a43adade335522c16970c10aaf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4edad64e58eb8260ea01f0d88bc04f9b123c0033a983de962363ec468a0fae
3b64dd59372c2562216c7394524f76a0328a9c375aa1f115906948b58ef72d56
3bb8a492fb0bc6d4c80f1006e24b2c01accec54f2c99647d38954931ac2566db
4a4251828862c02a37d1ae6b43310b187e1bef393c6fa91662c9739e841247c2
4ab1bf82ce895b34144de26ae3fdb03c38eed5e1ff40e8cfd30f6e0dad4f8539
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b50f68de6e8f11528316a2d516bad317e4d84038ffc1cc12e7697399b43672c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87e1c28c9d644f4db2195f84a2597376c010630d976fd0bc988ce79225e5d51e
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8ac9920e033b2d480a08b36be56ab58b226bd8762d562ae74c8dcfddbad65c6e
8cc67a018be75e4c769ce3b940f846866b53e7a8668dd071f40c0bdc8d1910d3
8e9658f1f65508b773cda6f1ff2f5d936af852310c3ca8f076c8f12566e1b421
a0fca81c1fff78a3acd59699f04613a41c23a59cd39e8048d5c924587fa17f28
a8305c77428de5967e06e0dbf88e6590944d5158718cb787a3f511b8e3f1c613
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9a096b727f63a9db909343816a94edf14510feaf1086d73e48dee603de7d22c
ba95a3ce8e9e1c55ad9ec459aff843787607fed12d68be0bcc574d971c9b352d
bb571942147b7f6a5bf62d8264c53746a81b5a1ab1a5541da2f410c032188876
bb7a8c984417a77f846d70464f10364b4e5cb40c50ad1140b805bf43f2984b4d
bbc2d65380701f2394aa2c4b7bfeb3bf723a14c18b0867e0045588ae74c650a4
c22c8ee12d500cf23839cc6fd510a778d5eab8a3a24ab00992304cbf44dcf628
c32104412090bf98bd5bdf0dc95d85e6b86f31b59278b831601e4f8188e28cb2
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d5e6731cb5a1d96765686e776b4dc416b60c39020a97500a16b577b408183ae0
df30d1d10a4e076aec18cf3eaaa033daab8cf336a56fd0c9f76eec9419011d9b
df9dca58959bc1bacf36dcd3eafc2137db0995df2aeed4ea5b52407f2afbf7a6
e1674bef70205ec246e49022bb83f033e31f5e9d25cd608e5ddf3461b3d3a739
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cf9a22cdaeac879d2a6982fd06dcf8fb34d796a11c18327266496708265a19
ef12e50a276e1f6fbe7ec1d2d8d075127b049b29e70bd2757c3f2269980ca6df
f22258485a73b4a640a3325c682d7257dcd2fc2890c8242a18d5bbb5e0edc80f
f6057249f04f06eba013c9f7cb264b65879bbe8495f13cc8af2c4fc1af8f993f