qicre.com Open in urlscan Pro
104.18.12.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qicre.com/
Effective URL:
https://qicre.com/
Submission Tags: falconsandbox
Submission: On June 18 via api (June 18th 2024, 6:09:26 am UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 41 HTTP transactions. The main IP is 104.18.12.242, located in and belongs to CLOUDFLARENET, US. The main domain is qicre.com.
TLS certificate: Issued by WE1 on June 13th 2024. Valid for: 3 months.

This is the only time qicre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	104.18.12.242 104.18.12.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:276... 2600:9000:2761:3e00:17:faa9:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:283b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
41	16

13 104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)

qicre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2761:3e00:17:faa9:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intelligencebank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:283b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	qicre.com qicre.com	911 KB
9	intelligencebank.com cdn.intelligencebank.com — Cisco Umbrella Rank: 403073	4 MB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	3 KB
4	google.com www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3078	967 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	73 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	182 KB
1	gstatic.com www.gstatic.com	207 KB
1	google.de www.google.de — Cisco Umbrella Rank: 8196	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132	249 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 951	7 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1380	12 KB
41	13

	Domain	Requested by
13	qicre.com	qicre.com static.cloudflareinsights.com
9	cdn.intelligencebank.com	qicre.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
3	www.google.com	qicre.com www.gstatic.com
2	www.facebook.com	qicre.com
2	connect.facebook.net	qicre.com connect.facebook.net
2	www.googletagmanager.com	qicre.com www.googletagmanager.com
1	px4.ads.linkedin.com	qicre.com
1	www.linkedin.com	1 redirects
1	www.gstatic.com	www.google.com
1	www.google.de	qicre.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	snap.licdn.com	qicre.com
1	static.cloudflareinsights.com	qicre.com
1	use.fontawesome.com	qicre.com
41	16

This site contains links to these domains. Also see Links.

Domain
www.qicre.com
townsquare.qicre.com
www.qic.com.au
www.linkedin.com
www.qic.com

Subject Issuer	Validity	Valid
qicre.com WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.intelligencebank.com GeoTrust TLS RSA CA G1	`2024-03-25` - `2025-04-25`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://qicre.com/
Frame ID: 8016A89434D2490D419708CE9D7309A5
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeU-CAeAAAAAEWav9LJFRBdovNsCFweM9MCeUYb&co=aHR0cHM6Ly9xaWNyZS5jb206NDQz&hl=de&type=image&v=KXX4ARWFlYTftefkdODAYWZh&theme=light&size=normal&badge=bottomright&cb=fe1xylazxbad
Frame ID: FA0E99FA9A417AED758C2D76D76CF209
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=KXX4ARWFlYTftefkdODAYWZh&k=6LeU-CAeAAAAAEWav9LJFRBdovNsCFweM9MCeUYb
Frame ID: 5BB85CFE81712389F0DC0B00C5D5AA16
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QIC

Page URL History Show full URLs

http://qicre.com/ HTTP 307
https://qicre.com/ HTTP 307
http://qicre.com/ HTTP 307
https://qicre.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

41
Requests

98 %
HTTPS

73 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

5935 kB
Transfer

9986 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.qicre.com/Properties?type=retail
Title: Retail

Search URL Search Domain Scan URL

URL: https://www.qicre.com/Properties?type=office
Title: Office

Search URL Search Domain Scan URL

URL: https://www.qicre.com/Properties?type=hotel
Title: Hotel

Search URL Search Domain Scan URL

URL: https://www.qicre.com/Properties?type=civic
Title: Civic

Search URL Search Domain Scan URL

URL: https://townsquare.qicre.com/
Title: Portal

Search URL Search Domain Scan URL

URL: https://www.qic.com.au/about-qic/about-us/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/qic-gre

Search URL Search Domain Scan URL

URL: https://www.qic.com/
Title: QIC website

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qicre.com/ HTTP 307
https://qicre.com/ HTTP 307
http://qicre.com/ HTTP 307
https://qicre.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D898748%26time%3D1718690959094%26url%3Dhttps%253A%252F%252Fqicre.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI8WhLVu0ksaAAAAZAp9tVUNlNEnYfVzIEZaxv9Uq2E22Y_-aNViQn_q9I3ufPn2A

41 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
qicre.com/
Redirect Chain

http://qicre.com/
https://qicre.com/
http://qicre.com/
https://qicre.com/

464 KB
39 KB

2347ms
2346ms

Document
text/html

104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08dc55f1d28b70e0ead7bb1cd3029fb9de7cd4f5b7c10f53207717421ed89291

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 89591bdb683635eb-FRA
content-encoding: gzip
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 06:09:10 GMT
expires: -1
pragma: no-cache
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://qicre.com/
Non-Authoritative-Reason: DNS

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
12 KB 638ms
520ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: qicre.com
URL: https://qicre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Origin: https://qicre.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLkoGAzhpZCno4aYNH0%2B2HafQZJrCcsOTosVOWV9beFm%2FTmEhQjErYPwYChqlxU6LTItR7Gk%2B0wUsoUMZvKseuymiK9d3Fo9aLQ%2FwV4H%2FwDakfs%2BK4nHU9XnJ7k4kGyoVdmz%2BTPAZLGZtpjE%2F7kMwpDQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 89591beaf88c03b0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1.aeba82b6.chunk.css
qicre.com/dist/retailer/static/css/ 20 KB
3 KB 1284ms
1283ms Stylesheet
text/css 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/css/1.aeba82b6.chunk.css

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c195544f8a5116c962a3ae7f767a85b2b4b930f6e2ae1b6914c307ff31de59d1

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:12 GMT
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: REVALIDATED
content-encoding: gzip
cf-polished: origSize=20663
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
cf-bgj: minify
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: W/"099aa146ebcda1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bea3a7d35eb-FRA
expires: Wed, 19 Jun 2024 06:09:12 GMT

GET
H3 200 main.aa50752f.chunk.css
qicre.com/dist/retailer/static/css/ 605 KB
104 KB 2208ms
2208ms Stylesheet
text/css 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4bb05fd5045cb32293c3f2f2414cf48ae06fbad7a38b384d8dd884f0c57495a

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: "099aa146ebcda1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bea3a7e35eb-FRA
expires: Wed, 19 Jun 2024 06:09:12 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 090eb2112d5c042f479f4dde6c0549208741afa3c0843d6f0a9bdaa7fa285cde

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Retail+icon
cdn.intelligencebank.com/au/share/qyp3/GJEbr/kZkrP/original/ 766 KB
768 KB 385ms
13ms Image
image/jpeg 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/GJEbr/kZkrP/original/Retail+icon

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

157eae8f997e79ae6362d18aa57a56f51312b02bcb58802f500e7f65b6f62507

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 06:33:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 2244936
x-cache: Hit from cloudfront
content-disposition: filename="Retail icon.jpg"
content-length: 784470
last-modified: Thu, 23 May 2024 06:33:35 GMT
server: nginx
etag: "664ee33f-bf856"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: lT1co9zQQ8JYzAB72S2PffkjjxgzieTacLNTM8hPbsIhVoHG64k0jw==

GET
H2 206 230816_QIC_BrandFilm_ONLINE-2_004B
cdn.intelligencebank.com/au/share/qyp3/27AOy/rZjVe/mp4/ 71 KB
0 381ms
12ms Media
video/mp4 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/27AOy/rZjVe/mp4/230816_QIC_BrandFilm_ONLINE-2_004B

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://qicre.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 17:07:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 6354120
x-cache: Hit from cloudfront
Content-Range: bytes 0-108433866/108433867
content-disposition: filename="230816_QIC_BrandFilm_ONLINE-2_004B.mp4"
Content-Length: 108433867
last-modified: Fri, 05 Apr 2024 15:52:44 GMT
server: nginx
etag: "66101e4c-67691cb"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: video/mp4
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: E_TuAYPkaPC7lMogh6p-pM2mz0Kx_4hl6n2YY04BF1cC0O6JfOmxYA==

GET
H2 206 230816_QIC_BrandFilm_ONLINE-2_004B
cdn.intelligencebank.com/au/share/qyp3/27AOy/rZjVe/mp4/ 196 KB
197 KB 330ms
308ms Media
video/mp4 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/27AOy/rZjVe/mp4/230816_QIC_BrandFilm_ONLINE-2_004B

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4a4a21e81594baac51654c0c90d7bfad71100019e79a2500a964493e1ab64c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://qicre.com/
Range: bytes=108232704-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 17:07:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P8
age: 6354120
x-cache: Hit from cloudfront
Content-Range: bytes 108232704-108433866/108433867
content-disposition: filename="230816_QIC_BrandFilm_ONLINE-2_004B.mp4"
Content-Length: 201163
last-modified: Fri, 05 Apr 2024 15:52:44 GMT
server: nginx
etag: "66101e4c-67691cb"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: video/mp4
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: rokXUpRKRNeLirzV-UN-VesxWOEVWFSTUP8scQT1vqCzXGKgvzn6MA==

GET
H2 206 230816_QIC_BrandFilm_ONLINE-2_004B
cdn.intelligencebank.com/au/share/qyp3/27AOy/rZjVe/mp4/ 97 KB
0 0ms
0ms Media
video/mp4 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/27AOy/rZjVe/mp4/230816_QIC_BrandFilm_ONLINE-2_004B

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://qicre.com/
Range: bytes=65536-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 17:07:11 GMT
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P8
age: 6354120
x-cache: Hit from cloudfront
Content-Range: bytes 65536-108433866/108433867
content-disposition: filename="230816_QIC_BrandFilm_ONLINE-2_004B.mp4"
Content-Length: 108368331
last-modified: Fri, 05 Apr 2024 15:52:44 GMT
server: nginx
etag: "66101e4c-67691cb"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: video/mp4
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: rokXUpRKRNeLirzV-UN-VesxWOEVWFSTUP8scQT1vqCzXGKgvzn6MA==

GET
H2 206 230816_QIC_BrandFilm_ONLINE-2_004B
cdn.intelligencebank.com/au/share/qyp3/27AOy/rZjVe/mp4/ 128 KB
0 0ms
0ms Media
video/mp4 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/27AOy/rZjVe/mp4/230816_QIC_BrandFilm_ONLINE-2_004B

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://qicre.com/
Range: bytes=163840-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 17:07:11 GMT
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P8
age: 6354120
x-cache: Hit from cloudfront
Content-Range: bytes 163840-108433866/108433867
content-disposition: filename="230816_QIC_BrandFilm_ONLINE-2_004B.mp4"
Content-Length: 108270027
last-modified: Fri, 05 Apr 2024 15:52:44 GMT
server: nginx
etag: "66101e4c-67691cb"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: video/mp4
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: rokXUpRKRNeLirzV-UN-VesxWOEVWFSTUP8scQT1vqCzXGKgvzn6MA==

GET
H2 200 Castle+Towers
cdn.intelligencebank.com/au/share/qyp3/GJEbr/8v7p9/original/ 1 MB
1 MB 371ms
363ms Image
image/jpeg 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/GJEbr/8v7p9/original/Castle+Towers

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

87e5565fc0d9672fd13504de097b72b1744905a034e7cd93f5a3f3ce39d0b906

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 06:33:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 2244936
x-cache: Hit from cloudfront
content-disposition: filename="Castle Towers.jpg"
content-length: 1400771
last-modified: Thu, 23 May 2024 06:33:35 GMT
server: nginx
etag: "664ee33f-155fc3"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: AqEPCwvYFVyC5B4fWwLtyeRtja3_tA2W9C-1hE63Izgu6k6LQM4gGQ==

GET
H2 200 Retail+icon
cdn.intelligencebank.com/au/share/qyp3/GJEbr/kZkrP/original/ 766 KB
0 18ms
18ms Image
image/jpeg 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/GJEbr/kZkrP/original/Retail+icon

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

157eae8f997e79ae6362d18aa57a56f51312b02bcb58802f500e7f65b6f62507

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 06:33:35 GMT
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P8
age: 2244936
x-cache: Hit from cloudfront
content-disposition: filename="Retail icon.jpg"
content-length: 784470
last-modified: Thu, 23 May 2024 06:33:35 GMT
server: nginx
etag: "664ee33f-bf856"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: lT1co9zQQ8JYzAB72S2PffkjjxgzieTacLNTM8hPbsIhVoHG64k0jw==

GET
H3 200 1.3acc4586.chunk.js Show response
qicre.com/dist/retailer/static/js/ 1 MB
464 KB 1850ms
1835ms Script
application/x-javascript 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/js/1.3acc4586.chunk.js

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c150309a4dfc284a2fa13f38440457aaead98e579e0f087cbaa029c9f19f22

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: "099aa146ebcda1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bf52fa935eb-FRA
expires: Wed, 19 Jun 2024 06:09:14 GMT

GET
H3 200 main.7b2d4655.chunk.js Show response
qicre.com/dist/retailer/static/js/ 347 KB
70 KB 1321ms
1306ms Script
application/x-javascript 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/js/main.7b2d4655.chunk.js

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea8e2d8f6b683a57a05beacadebe59ec1c30b33cd83e613b8fcbfc54a89a7c6

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:13 GMT
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: REVALIDATED
content-encoding: gzip
cf-polished: origSize=355862
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
cf-bgj: minify
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: W/"099aa146ebcda1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bf52faa35eb-FRA
expires: Wed, 19 Jun 2024 06:09:13 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 224ms
48ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: qicre.com
URL: https://qicre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Origin: https://qicre.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:12 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89591bf61fa29bca-FRA

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 MarkPro-medium.9af1bc42.woff
qicre.com/dist/retailer/static/media/ 83 KB
83 KB 1242ms
1227ms Font
application/font-woff 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/media/MarkPro-medium.9af1bc42.woff

Requested by

Host: qicre.com
URL: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a214303f89edcbda725987a06dc5bcea66705a961d05edb6bec73c7277cef462

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css
Origin: https://qicre.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
cf-cache-status: REVALIDATED
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: W/"099aa146ebcda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bfc583635eb-FRA
expires: Wed, 19 Jun 2024 06:09:14 GMT

GET
H3 200 retailericons.aeb0a116.woff
qicre.com/dist/retailer/static/media/ 20 KB
13 KB 1549ms
1534ms Font
application/font-woff 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/media/retailericons.aeb0a116.woff

Requested by

Host: qicre.com
URL: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2253c37e0e9e0e5b09bfeaf86026b08e57fad7b42dc9b8d76191b45d9544befd

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css
Origin: https://qicre.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
cf-cache-status: MISS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: W/"099aa146ebcda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bfc583735eb-FRA
expires: Wed, 19 Jun 2024 06:09:14 GMT

GET
H3 200 Freight-BigBook.f186dadb.woff
qicre.com/dist/retailer/static/media/ 25 KB
25 KB 1226ms
1211ms Font
application/font-woff 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/media/Freight-BigBook.f186dadb.woff

Requested by

Host: qicre.com
URL: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97c8822a93f4ef8d4b02054a641b0c5eacdb71e7d92e98139310b1dbb825a71c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css
Origin: https://qicre.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
cf-cache-status: REVALIDATED
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: W/"099aa146ebcda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bfc583835eb-FRA
expires: Wed, 19 Jun 2024 06:09:14 GMT

GET
H3 200 MarkPro.0d9286e0.woff
qicre.com/dist/retailer/static/media/ 68 KB
68 KB 1889ms
1874ms Font
application/font-woff 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/media/MarkPro.0d9286e0.woff

Requested by

Host: qicre.com
URL: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a562578588fcd5d9956ea3595a8795c362d6b6b3fa8665385cdadbed1395433

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css
Origin: https://qicre.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
cf-cache-status: MISS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: W/"099aa146ebcda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bfc583a35eb-FRA
expires: Wed, 19 Jun 2024 06:09:14 GMT

GET
H3 200 MarkPro-bold.d09c020b.woff
qicre.com/dist/retailer/static/media/ 22 KB
22 KB 1258ms
1247ms Font
application/font-woff 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/dist/retailer/static/media/MarkPro-bold.d09c020b.woff

Requested by

Host: qicre.com
URL: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fafddbee519f51cf67547cf336606705e59624d9742060abb5a31029a0c4e1be

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/dist/retailer/static/css/main.aa50752f.chunk.css
Origin: https://qicre.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
cf-cache-status: REVALIDATED
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: W/"099aa146ebcda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 89591bfc583b35eb-FRA
expires: Wed, 19 Jun 2024 06:09:14 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 257 KB
82 KB 647ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K46JWXX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e70ccad6b29e7baa8be0c0d949373a72056f601a8807143de528b760c86af4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 06:09:16 GMT

GET
H3 200 transparent.8fa3865e.png
qicre.com/dist/retailer/static/media/ 19 KB
19 KB 1521ms
1520ms Image
image/png 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qicre.com/dist/retailer/static/media/transparent.8fa3865e.png

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

090eb2112d5c042f479f4dde6c0549208741afa3c0843d6f0a9bdaa7fa285cde

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 19521
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Wed, 12 Jun 2024 02:13:14 GMT
server: cloudflare
etag: "099aa146ebcda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 89591c0bb93c35eb-FRA
expires: Wed, 19 Jun 2024 06:09:17 GMT

GET
H2 200 13_Woodgrove_DSC_1354
cdn.intelligencebank.com/au/share/qyp3/4wql/O4OEb/preset=EX4Vb/ 2 MB
2 MB 15ms
14ms Image
image/png 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/4wql/O4OEb/preset=EX4Vb/13_Woodgrove_DSC_1354

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c64e8a8a25667ebb7d4b0e9f1d1f4b6e1b988b563fb08b4424e8d79e0b2a5bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 06:33:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 2244940
x-cache: Hit from cloudfront
content-disposition: filename="13_Woodgrove_DSC_1354.png"
content-length: 2229791
last-modified: Tue, 21 May 2024 09:15:36 GMT
server: nginx
etag: "664c6638-22061f"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: NIYsmF7rbyafRgDkNdx5gZ5tb_HK0hwbiRDZiDxG5-8pbamlJ_L_8g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 106ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4ZDXR4C1E0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K46JWXX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08a88ec2ae472cd7b4afd38a410cd61f593bedc7b32fa9f11193d5ac65e68e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 06:09:17 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 1786ms
27ms Script
application/javascript 2a02:26f0:3100::1735:283b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:283b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=60617
accept-ranges: bytes
content-length: 16683

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 1356ms
0ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 18 Jun 2024 06:09:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=15, mss=1297, tbw=2795, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: WjjzM4lQkk9CNOGO9FS8acejFyznxJsAPbcQ/Vo482ygixrYjHJLLZ8VLIQRa/NwZkEMUDUgBWkHQAkRCJtevg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
967 B 1458ms
85ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: qicre.com
URL: https://qicre.com/dist/retailer/static/js/1.3acc4586.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

ed387e241d87000ab43b49f66cc66727d07e03b2ca1dd233865bbd6f12e63045

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 18 Jun 2024 06:09:18 GMT

GET
H2 200 QIC+logo_mono+black
cdn.intelligencebank.com/au/share/qyp3/nLNlM/wrnlw/original/ 4 KB
4 KB 24ms
13ms Image
image/png 2600:9000:2761:3e00:17:faa9:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.intelligencebank.com/au/share/qyp3/nLNlM/wrnlw/original/QIC+logo_mono+black

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:3e00:17:faa9:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1cf0df4993a94f791a8c58d4fb50e01b83196e61527cfce6d3b7c88ba7630417

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 03:19:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 3034186
x-cache: Hit from cloudfront
content-disposition: filename="QIC logo_mono black.png"
content-length: 4034
last-modified: Tue, 14 May 2024 03:19:31 GMT
server: nginx
etag: "6642d843-fc2"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: sid, Content-Type
x-amz-cf-id: Y6v-iTxl1b-nVIcuUXqm0m_XRAgHvvuC5qXqvBBjtodjtyqjVml2ng==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 957ms
10ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4ZDXR4C1E0&gtm=45je46c0v898806695z876215104za200zb76215104&_p=1718690956052&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=628932325.1718690959&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718690958&sct=1&seg=0&dl=https%3A%2F%2Fqicre.com%2F&dt=QIC&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=14023&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZDXR4C1E0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 06:09:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qicre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 1226ms
93ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4ZDXR4C1E0&cid=628932325.1718690959&gtm=45je46c0v898806695z876215104za200zb76215104&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZDXR4C1E0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 06:09:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qicre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 201ms
35ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4ZDXR4C1E0&cid=628932325.1718690959&gtm=45je46c0v898806695z876215104za200zb76215104&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1446077866

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 06:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 701479574318486 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 174ms
138ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/701479574318486?v=2.9.158&r=stable&domain=qicre.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d952ca55bfddf8dc62c60814933d9ef75bdf1e9dc6a99c06ccbb0c8c305150df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 18 Jun 2024 06:09:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=56, mss=1297, tbw=63555, tp=-1, tpl=-1, uplat=133, ullat=0
pragma: public
x-fb-debug: YjrhdMDi1zoI9Rvzm+0qLb5tU/yr7BWhJ7NdmpzreH281zZd3XSYhWdCZ9+l7zDc7NrY47L7thhwGWDTW2iSpQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 518 KB
207 KB 999ms
65ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Origin: https://qicre.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 18:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210814
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jun 2025 18:10:37 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 1089ms
175ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:19 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A27CFC5B368A48FFAE488C2B600E720C Ref B: FRAEDGE1510 Ref C: 2024-06-18T06:09:20Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYbI+wnjhiyv0RyAQ7saw==
x-fs-uuid: 00061b23ec278e18b2bf4472010eec6b

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D898748%26time%3D1718690959094%26url%3Dhttps%253A%252F%252Fqicre.com%252F%26cookie...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI8WhLVu0ksaAAAAZAp9tVUNlNEnYfVzIEZaxv9Uq2E22Y_-aNV...

0
265 B

440ms
236ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI8WhLVu0ksaAAAAZAp9tVUNlNEnYfVzIEZaxv9Uq2E22Y_-aNViQn_q9I3ufPn2A
Requested by: Host: qicre.com
URL: https://qicre.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://qicre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 18 Jun 2024 06:09:20 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9FA93E6964B04BBEA195089D4E08F38F Ref B: FRAEDGE1320 Ref C: 2024-06-18T06:09:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbI+w3bFrno/4fJgpZdg==

Redirect headers

date: Tue, 18 Jun 2024 06:09:19 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5631BF32788C439BB3E557631B46C72B Ref B: DUS30EDGE0312 Ref C: 2024-06-18T06:09:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=898748&time=1718690959094&url=https%3A%2F%2Fqicre.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI8WhLVu0ksaAAAAZAp9tVUNlNEnYfVzIEZaxv9Uq2E22Y_-aNViQn_q9I3ufPn2A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbI+wxNlz9IiHD+b6QOA==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 573ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=701479574318486&ev=PageView&dl=https%3A%2F%2Fqicre.com%2F&rl=&if=false&ts=1718690959665&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718690959612.150113292747835617&cs_est=true&ler=empty&cdl=API_unavailable&it=1718690959068&coo=false&rqm=GET

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1297, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 18 Jun 2024 06:09:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 726ms
162ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=701479574318486&ev=PageView&dl=https%3A%2F%2Fqicre.com%2F&rl=&if=false&ts=1718690959665&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718690959612.150113292747835617&cs_est=true&ler=empty&cdl=API_unavailable&it=1718690959068&coo=false&rqm=FGET

Requested by

Host: qicre.com
URL: https://qicre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x005a3d863298bd0c","source_keys":["1","2"]},{"key_piece":"0x017c9e9ee298d351","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 18 Jun 2024 06:09:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381721466670125234", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1297, tbw=3095, tp=-1, tpl=-1, uplat=139, ullat=0
pragma: no-cache
x-fb-debug: Jibo6qNehK7R3s5Rej8d5Te7tmva0x8ormtnRghUG7HiqYivcPZY1vv8XLLfybTAPV7RWyRV942YdYakQf4tgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381721466670125234"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame FA0E 0
0 298ms
96ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeU-CAeAAAAAEWav9LJFRBdovNsCFweM9MCeUYb&co=aHR0cHM6Ly9xaWNyZS5jb206NDQz&hl=de&type=image&v=KXX4ARWFlYTftefkdODAYWZh&theme=light&size=normal&badge=bottomright&cb=fe1xylazxbad

Requested by

Host: qicre.com
URL: https://qicre.com/dist/retailer/static/js/1.3acc4586.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cRQPzTg3Yk1QqFhr_ncGxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://qicre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cRQPzTg3Yk1QqFhr_ncGxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jun 2024 06:09:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
191 B 188ms
185ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://qicre.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:20 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1FC2316B1CA24FF98B897EC635B15927 Ref B: DUS30EDGE0312 Ref C: 2024-06-18T06:09:21Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://qicre.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYbI+w8CgxGiEnPnWKUlg==

POST
H3 204 rum Show response
qicre.com/cdn-cgi/ 0
136 B 92ms
90ms XHR
text/plain 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 18 Jun 2024 06:09:21 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://qicre.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 89591c2d78f335eb-FRA

GET
H3 200 favicon-32x32.png
qicre.com/-/jssmedia/Intelligence-Bank/Retailer/Favicon/ 2 KB
1 KB 1334ms
1320ms Other
image/svg+xml 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qicre.com/-/jssmedia/Intelligence-Bank/Retailer/Favicon/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a514142aba78c135453e57874a4e1d1eacaf23eeaf35749d07cc246c037848ef

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qicre.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:09:22 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
cf-cache-status: MISS
content-encoding: gzip
content-disposition: inline; filename="favicon-32x32.svg"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a8fdbd8c-5f5f-4ecf-805f-38f3922a926b
last-modified: Sun, 06 Mar 2022 22:58:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 89591c2dc94035eb-FRA
expires: Tue, 25 Jun 2024 06:09:22 GMT

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 5BB8 0
0 58ms
43ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=KXX4ARWFlYTftefkdODAYWZh&k=6LeU-CAeAAAAAEWav9LJFRBdovNsCFweM9MCeUYb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WOS0u2JsnnkDLN9rQ8hwKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://qicre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WOS0u2JsnnkDLN9rQ8hwKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jun 2024 06:09:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.qicre.com/	1970-01-20 21:24:54	Name: TiPMix Value: 38.758006646053204
.qicre.com/	1970-01-20 21:24:54	Name: x-ms-routing-name Value: self
.qicre.com/	1970-01-21 07:00:50	Name: _ga_4ZDXR4C1E0 Value: GS1.1.1718690958.1.0.1718690958.60.0.0
.qicre.com/	1970-01-21 07:00:50	Name: _ga Value: GA1.1.628932325.1718690959
.qicre.com/	1970-01-20 23:34:26	Name: _fbp Value: fb.1.1718690959612.150113292747835617
.linkedin.com/	1970-01-20 23:34:26	Name: li_sugr Value: 646fa2d8-2722-48c1-bf8b-d0ed1625ddd1
.linkedin.com/	1970-01-21 06:10:26	Name: bcookie Value: "v=2&7bdfbc4a-6244-4d8a-8442-179d8988272c"
.linkedin.com/	1970-01-20 21:26:17	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=3056:u=1:x=1:i=1718690960:t=1718777360:v=2:sig=AQE7-1kffExe133DulFrXXcCD-obQLmy"
.linkedin.com/	1970-01-20 22:08:02	Name: UserMatchHistory Value: AQINKBblHQAXjgAAAZAp9tNpgBPA_T2JudcBHYxOMRmOgsWEuw_FR3QZjI1HbBjjDypo8eT3NLzyoA
.linkedin.com/	1970-01-20 22:08:02	Name: AnalyticsSyncHistory Value: AQKlwCQmm_4wWAAAAZAp9tNpiSDsbNeQl502eQwL-kB_Dp7iKgxOmtl7ld-P4-nqKJU4xtrwrT86Dvx8BxmE0g
.www.linkedin.com/	1970-01-21 06:10:26	Name: bscookie Value: "v=1&202406180609201e1195cb-c104-432e-8031-0682dc30e65eAQE2ZcuSy5O8y-HZiSP6E_9xI0d4mpzS"
.linkedin.com/	1970-01-21 01:44:02	Name: li_gc Value: MTswOzE3MTg2OTA5NjA7MjswMjFL7pBYEAwEaV1dpfDm9B0yR1wbjI69wMBu7Z0UilBYIA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.intelligencebank.com
connect.facebook.net
px.ads.linkedin.com
px4.ads.linkedin.com
qicre.com
region1.analytics.google.com
snap.licdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
104.18.12.242
13.107.42.14
142.250.185.67
2001:4860:4802:32::36
216.58.206.68
2600:9000:2761:3e00:17:faa9:1fc0:93a1
2606:4700:3036::6815:1b98
2606:4700::6810:5049
2620:1ec:21::14
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9d
2a02:26f0:3100::1735:283b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
08a88ec2ae472cd7b4afd38a410cd61f593bedc7b32fa9f11193d5ac65e68e61
08dc55f1d28b70e0ead7bb1cd3029fb9de7cd4f5b7c10f53207717421ed89291
090eb2112d5c042f479f4dde6c0549208741afa3c0843d6f0a9bdaa7fa285cde
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
157eae8f997e79ae6362d18aa57a56f51312b02bcb58802f500e7f65b6f62507
1cf0df4993a94f791a8c58d4fb50e01b83196e61527cfce6d3b7c88ba7630417
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2253c37e0e9e0e5b09bfeaf86026b08e57fad7b42dc9b8d76191b45d9544befd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a4a21e81594baac51654c0c90d7bfad71100019e79a2500a964493e1ab64c7c
5ea8e2d8f6b683a57a05beacadebe59ec1c30b33cd83e613b8fcbfc54a89a7c6
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
68c150309a4dfc284a2fa13f38440457aaead98e579e0f087cbaa029c9f19f22
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
87e5565fc0d9672fd13504de097b72b1744905a034e7cd93f5a3f3ce39d0b906
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
97c8822a93f4ef8d4b02054a641b0c5eacdb71e7d92e98139310b1dbb825a71c
9a562578588fcd5d9956ea3595a8795c362d6b6b3fa8665385cdadbed1395433
a214303f89edcbda725987a06dc5bcea66705a961d05edb6bec73c7277cef462
a4bb05fd5045cb32293c3f2f2414cf48ae06fbad7a38b384d8dd884f0c57495a
a514142aba78c135453e57874a4e1d1eacaf23eeaf35749d07cc246c037848ef
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c195544f8a5116c962a3ae7f767a85b2b4b930f6e2ae1b6914c307ff31de59d1
c64e8a8a25667ebb7d4b0e9f1d1f4b6e1b988b563fb08b4424e8d79e0b2a5bb0
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d952ca55bfddf8dc62c60814933d9ef75bdf1e9dc6a99c06ccbb0c8c305150df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70ccad6b29e7baa8be0c0d949373a72056f601a8807143de528b760c86af4ee
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed387e241d87000ab43b49f66cc66727d07e03b2ca1dd233865bbd6f12e63045
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fafddbee519f51cf67547cf336606705e59624d9742060abb5a31029a0c4e1be

qicre.com Open in urlscan Pro 104.18.12.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

73 %IPv6

13 Domains

16 Subdomains

16 IPs

4 Countries

5935 kBTransfer

9986 kBSize

12 Cookies

8 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qicre.com Open in urlscan Pro
104.18.12.242 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

73 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

5935 kB
Transfer

9986 kB
Size

12
Cookies

41 HTTP transactions
7 data transactions