q3.qwintry.com Open in urlscan Pro
104.26.13.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://q3.qwintry.com/ru/workspace/payments/?method=bitpay
Effective URL:
https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Submission: On December 01 via api (December 1st 2023, 11:22:11 am UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 18 domains to perform 78 HTTP transactions. The main IP is 104.26.13.187, located in and belongs to CLOUDFLARENET, US. The main domain is q3.qwintry.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 17th 2023. Valid for: a year.

This is the only time q3.qwintry.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	104.26.13.187 104.26.13.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.26.12.187 104.26.12.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	62.210.196.96 62.210.196.96	12876 (Online SAS) (Online SAS)
3	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	87.240.129.133 87.240.129.133	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	172.67.68.102 172.67.68.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	80.239.201.67 80.239.201.67	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	163.172.207.27 163.172.207.27	12876 (Online SAS) (Online SAS)
78	23

17 104.26.13.187 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

q3.qwintry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q3-api.qwintry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.187 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

q3.qwintry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.210.196.96 (France)

ASN12876 (Online SAS, FR)
PTR: 62-210-196-96.rev.poneytelecom.eu

cloud-eu.roistat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o74079.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.129.133 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv133-129-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.102 (United States)

ASN13335 (CLOUDFLARENET, US)

q3-api.qwintry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.67 (Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.172.207.27 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-207-27.rev.poneytelecom.eu

cllctr.roistat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	qwintry.com 2 redirects q3.qwintry.com q3-api.qwintry.com	822 KB
9	yandex.ru 4 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182	5 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	83 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6765	991 B
6	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	4 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 v.clarity.ms — Cisco Umbrella Rank: 7267 c.clarity.ms — Cisco Umbrella Rank: 1377	27 KB
5	roistat.com cloud-eu.roistat.com cllctr.roistat.com — Cisco Umbrella Rank: 189253	84 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	408 KB
3	vk.com 1 redirects vk.com — Cisco Umbrella Rank: 7251	22 KB
3	sentry.io o74079.ingest.sentry.io	468 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	730 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 26422	856 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	762 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	19 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	87 KB
78	18

	Domain	Requested by
17	q3.qwintry.com	2 redirects q3.qwintry.com
9	mc.yandex.ru	4 redirects q3.qwintry.com
8	www.google-analytics.com	q3.qwintry.com www.googletagmanager.com
6	www.google.de	q3.qwintry.com
5	www.google.com	q3.qwintry.com
5	www.googletagmanager.com	q3.qwintry.com www.googletagmanager.com
4	stats.g.doubleclick.net	q3.qwintry.com www.googletagmanager.com
3	vk.com	1 redirects q3.qwintry.com
3	o74079.ingest.sentry.io	q3.qwintry.com
3	cloud-eu.roistat.com	q3.qwintry.com cloud-eu.roistat.com
2	cllctr.roistat.com	cloud-eu.roistat.com cllctr.roistat.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	q3.qwintry.com
2	mc.yandex.com	1 redirects q3.qwintry.com
2	mc.webvisor.org	1 redirects q3.qwintry.com
2	v.clarity.ms	q3.qwintry.com
2	region1.analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com www.googleadservices.com
2	q3-api.qwintry.com	q3.qwintry.com
2	connect.facebook.net	q3.qwintry.com connect.facebook.net
2	www.clarity.ms	q3.qwintry.com www.clarity.ms
1	c.bing.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.jsdelivr.net	q3.qwintry.com
78	25

This site contains links to these domains. Also see Links.

Domain
qwintry.com
accounts.google.com
apps.apple.com
play.google.com
qwintry.store
postcalc.usps.com
tracker.qwintry.com
logistics.qwintry.com
www.trustpilot.com

Subject Issuer	Validity	Valid
qwintry.com Cloudflare Inc ECC CA-3	`2023-03-17` - `2024-03-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.roistat.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-31` - `2024-06-30`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-09` - `2023-12-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Frame ID: 31F007864BC0C7F113F6548CBC8EFA95
Requests: 77 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Войти

Page URL History Show full URLs

https://q3.qwintry.com/ru/workspace/payments/?method=bitpay HTTP 301
http://q3.qwintry.com/ru/workspace/payments?method=bitpay HTTP 301
https://q3.qwintry.com/ru/workspace/payments?method=bitpay Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

78
Requests

92 %
HTTPS

56 %
IPv6

18
Domains

25
Subdomains

23
IPs

8
Countries

1648 kB
Transfer

4739 kB
Size

58
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://qwintry.com/ru

Search URL Search Domain Scan URL

URL: https://accounts.google.com/o/oauth2/auth?client_id=982010981341-nhdqlkgd913up2o1m7ku5g5se07rd0nc.apps.googleusercontent.com&redirect_uri=https%3A%2F%2Fq3.qwintry.com%2Fweb-hook%2Fsocial-code&response_type=code&scope=profile+email&state=https%3A%2F%2Fq3.qwintry.com%2Fru%2Fsignup
Title: Войти с Google

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ru/app/qwintry/id1015885334

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.app.qwintry

Search URL Search Domain Scan URL

URL: https://qwintry.com/ru/news
Title: Новости

Search URL Search Domain Scan URL

URL: https://qwintry.com/ru/stores
Title: Магазины

Search URL Search Domain Scan URL

URL: https://qwintry.com/ru/payments
Title: Способы оплаты

Search URL Search Domain Scan URL

URL: https://qwintry.store/
Title: Qwintry.Store

Search URL Search Domain Scan URL

URL: https://postcalc.usps.com/
Title: Калькулятор USPS

Search URL Search Domain Scan URL

URL: https://tracker.qwintry.com/
Title: Трекер

Search URL Search Domain Scan URL

URL: https://qwintry.com/ru/contacts
Title: Наши Контакты

Search URL Search Domain Scan URL

URL: https://logistics.qwintry.com/
Title: Логистика для бизнеса

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/qwintry.com?utm_medium=trustbox&utm_source=MicroReviewCount

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://q3.qwintry.com/ru/workspace/payments/?method=bitpay HTTP 301
http://q3.qwintry.com/ru/workspace/payments?method=bitpay HTTP 301
https://q3.qwintry.com/ru/workspace/payments?method=bitpay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://vk.com/js/api/openapi.js?167 HTTP 302
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?167

Request Chain 46

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A2%3Adp%3A0%3Als%3A492539198203%3Ahid%3A953251001%3Az%3A60%3Ai%3A20231201122204%3Aet%3A1701429724%3Ac%3A1%3Arn%3A191404531%3Arqn%3A1%3Au%3A1701429724981654103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C511%2C2%2C382%2C0%2C%2C435%2C0%2C%2C%2C%2C1330%3Aco%3A0%3Acpf%3A1%3Ans%3A1701429722880%3Agi%3AR0ExLjIuMTU5Mjk4MDc0NS4xNzAxNDI5NzI0%3Ast%3A1701429724&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A2%3Adp%3A0%3Als%3A492539198203%3Ahid%3A953251001%3Az%3A60%3Ai%3A20231201122204%3Aet%3A1701429724%3Ac%3A1%3Arn%3A191404531%3Arqn%3A1%3Au%3A1701429724981654103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C511%2C2%2C382%2C0%2C%2C435%2C0%2C%2C%2C%2C1330%3Aco%3A0%3Acpf%3A1%3Ans%3A1701429722880%3Agi%3AR0ExLjIuMTU5Mjk4MDc0NS4xNzAxNDI5NzI0%3Ast%3A1701429724&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 48

https://mc.yandex.ru/watch/21268135?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A1540852423689%3Ahid%3A953251001%3Az%3A60%3Ai%3A20231201122204%3Aet%3A1701429724%3Ac%3A1%3Arn%3A478074043%3Arqn%3A1%3Au%3A1701429724981654103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C511%2C2%2C382%2C0%2C%2C435%2C0%2C%2C%2C%2C1330%3Aco%3A0%3Acpf%3A1%3Ans%3A1701429722880%3Agi%3AR0ExLjIuMTU5Mjk4MDc0NS4xNzAxNDI5NzI0%3Arqnl%3A1%3Ast%3A1701429724%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/21268135/1?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A1540852423689%3Ahid%3A953251001%3Az%3A60%3Ai%3A20231201122204%3Aet%3A1701429724%3Ac%3A1%3Arn%3A478074043%3Arqn%3A1%3Au%3A1701429724981654103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C511%2C2%2C382%2C0%2C%2C435%2C0%2C%2C%2C%2C1330%3Aco%3A0%3Acpf%3A1%3Ans%3A1701429722880%3Agi%3AR0ExLjIuMTU5Mjk4MDc0NS4xNzAxNDI5NzI0%3Arqnl%3A1%3Ast%3A1701429724%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 66

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10204.7xMEhiHWPexwA8UQimKcLLiCRi1tg1vVofeo6SYfHluDJelKXCnVatRdSgzSC4D7.7uuHO6dhVcUXZlzRiya0Ipln1u4%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=10204.xdqYE-qV8l88qG3YtLicqaYE_byZZqJy0q6fivE9Yxfdz23vefN01o2N37Zyo_pzqdoTsYmxgfaC6k6zKtc-NXf3gMITPsa34vi-D2dQdWothQZjKECfj1P3YSv8nLfO1mH3Lc6BZJjWuELmU-if3Bc1PGIBIvz7uhxvf4tiemzYaoaOoYqNaJgYR1bL_hUbzrVgPPc9VWCrdW4ekX8gxkY08gkqyvq5OFk3X1RES4s%2C.gZxNQ2rbBP-IqSwGMdZAzBcBKwo%2C

Request Chain 67

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10204.iZnTY3rcBBg8zxZ4DcgGZEotlz2G775CjsnnpXEINTcbt5_7iX0L8hg6qJIKPdah.YYYVURUIpMXqgBkilZbWGL6Ju0E%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10204.3atOpBF4AxHaBAKcYQjPtP2LuAtZ9ev-RqHXSWOnDWP5D4uH96qgMVJeIZaZcBK2u6ZM8iKf2r66hk1AhXM-4sdPG8VUM9xTOhNKBhUBwV7PcJsc3xg-PDz5LBRWzhoMMh-TJoaJ9DecCotLGwdS6lWbKq9iAs8TKZ_dHga1xj9awbDZfBKrWhU0UlYYbvCHhB98OyCPro1powAKHjal5d2RsGO3jvRiJ-WLntpl8os%2C.fJEa7wcP8YeD_Mkyt2Az3a1cfzw%2C

Request Chain 70

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D061CBCDC272483C8013B8EF876D0A97&RedC=c.clarity.ms&MXFR=0A31E7152E0B6FD3329BF4CF2A0B6140 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D061CBCDC272483C8013B8EF876D0A97&MUID=14CF2AFFC9DB659925393925C87764E9

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request payments Show response
q3.qwintry.com/ru/workspace/
Redirect Chain

https://q3.qwintry.com/ru/workspace/payments/?method=bitpay
http://q3.qwintry.com/ru/workspace/payments?method=bitpay
https://q3.qwintry.com/ru/workspace/payments?method=bitpay

10 KB
5 KB

511ms
511ms

Document
text/html

104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66c8d62a1719e1b50f20d2fbcfa1d55a4db3411b243ce221b1af00b402f5355d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-expose-headers: X-Pagination-Current-Page, X-Pagination-Page-Count, X-Pagination-Per-Page, X-Pagination-Total-Count
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82eaf33a8cbc3a4a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 11:22:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHd3i971QwxK13i%2F840YGVbt69AAf3%2FettE8kEh5e1%2BnKGPi4RlCWssQ0eH1x29JuVqX5vGDfoM3HU1bhEVs0PswKo8X%2F2CDlzYtMFlRobojD5t4yiDArCDbaqaeDvap"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 82eaf33a1ef7bb8c-FRA
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 01 Dec 2023 11:22:03 GMT
Location: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4B9styPDKW0kjGfVFtW8WYM9%2FXj9od8GIKUAWQMyDPRMOigJrbRbX5ZVcyVb2T0ZfViMnrTMBKFuUsDsP2S9KoM07lp25bhXPykqcDItRMjLKa7y5%2FWxR1rTNEd4oPu"}],"group":"cf-nel","max_age":604800}
Server: cloudflare

GET
H2 200 styles.css
q3.qwintry.com/fonts/ 4 KB
841 B 48ms
47ms Stylesheet
text/css 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3.qwintry.com/fonts/styles.css
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4abab1e5c446b09c0fa59f427d572432f36cd73d66ab426c5870701b0dd8427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2019 07:32:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2690127
etag: W/"5d1470fd-1072"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mW5LHdZwdspUqM%2BXB63nerZSjSpQ21i6oK%2BHJrgVZBMPNUqvLrQqtYdFSpccun%2B3usZWL%2F0hqkDDPVWoHjCt858DLKtM6YvaJqc3%2F4YkbGaeAvuhg3EjkbCL%2Bfcpq8HF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 82eaf33db82e3a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 workspace.js Show response
q3.qwintry.com/js/workspace/ 3 MB
771 KB 67ms
67ms Script
application/javascript 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2a24e9d78d5973c8ed3fffd8a6efd23c9ac3a40d2a6092689b0285f92c727a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 07:40:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12997
etag: W/"65698dda-29e3c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppKj%2BnGCeJA5cBReSEJXMi1kb7qV%2B49CGCi%2Bcwi91SbFLPbM1lrhe28545YTwP6M7M5fDWFd7cvHzz2mcaljA5%2BSWPNe2O8hox04RPgNuuT73qSnqi%2FogYRHn8nIdAXa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82eaf33db82f3a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 q3-analytics.js Show response
q3.qwintry.com/js/ 5 KB
3 KB 98ms
97ms Script
application/javascript 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3.qwintry.com/js/q3-analytics.js?t=1701429723
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef7b2694e0bdd75ace1485daf9e6a6e810cad96e672dda47fbacadcfcac91d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Aug 2018 12:16:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b741999-1517"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpIEutm41HsG6m44TZhRrBjwvoZLitcqv1bysEpJuDkFfEFjTLqApa6vnGwSFxIMQS1Ql9ilcBa8LgEapfAD9qD3NWzdEH4Y1C42LObKOybLT%2FayRjBasb3Rk3xflo64"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82eaf33e08903a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 0
21 KB 125ms
39ms Other
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 09:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5545
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 11:49:38 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 0
90 KB 231ms
144ms Other
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW7QBK5

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91756
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 11:22:03 GMT

GET
H/1.1 200
OK module.js
cloud-eu.roistat.com/dist/ 0
40 KB 225ms
108ms Other
application/javascript 62.210.196.96
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-eu.roistat.com/dist/module.js
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 62.210.196.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-196-96.rev.poneytelecom.eu
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 11:22:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 14:27:30 GMT
Server: nginx
ETag: W/"65674a52-1f242"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Fri, 01 Dec 2023 12:22:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 260 KB
90 KB 143ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW7QBK5

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f0818c6444aa463ffa8a33b7ceec446d0a3e333001349a8c2d0178738bc9cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91757
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 11:22:03 GMT

GET
H/1.1 200
OK init Show response
cloud-eu.roistat.com/api/site/1.0/0f0324f7f948850329016c615f934868/ 128 KB
40 KB 259ms
143ms Script
application/javascript 62.210.196.96
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-eu.roistat.com/api/site/1.0/0f0324f7f948850329016c615f934868/init?referrer=https%3A%2F%2Fq3.qwintry.com%2Fru%2Fworkspace%2Fpayments%3Fmethod%3Dbitpay
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 62.210.196.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-196-96.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 5dceeea5ddbf6a9d568202d81bb9e32723a7a1c9573724a0128229c351861fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 11:22:04 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive

POST
H2 200 / Show response
o74079.ingest.sentry.io/api/1207668/envelope/ 2 B
333 B 157ms
43ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o74079.ingest.sentry.io/api/1207668/envelope/?sentry_key=74f675273f2343519f5881c8e1b748b7&sentry_version=7

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 09:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5546
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 11:49:38 GMT

GET
H2 200 197.2d3fbb6dba9af2acb507.js Show response
q3.qwintry.com/js/workspace/scripts/ 24 KB
10 KB 52ms
52ms Script
application/javascript 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3.qwintry.com/js/workspace/scripts/197.2d3fbb6dba9af2acb507.js
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ec3850b4935fdb402e3026eb66f70a6c296353f877cb2e69228f906ca6dd8a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 06:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26901
etag: W/"6566db09-606e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uvu9Xfj6hO3IiZq08M1%2BR0K8QB8Di12ttUVdSh9MyV5GIifjNuC8GxlrSGLEeXvKaoqgi6h3PtVw8Wu8rGMCxujV2ClTx9ndobzic84GxY61TrB7aEGbotM3FTj%2B3NfM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82eaf3400ade3a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 root.08ead228243dfab8e19c.js Show response
q3.qwintry.com/js/workspace/scripts/ 26 KB
7 KB 55ms
55ms Script
application/javascript 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3.qwintry.com/js/workspace/scripts/root.08ead228243dfab8e19c.js
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 801d01cd213dc18ed6471da89d01fb71ddb35d7c8d96d97636eecfcf72226963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Nov 2023 07:06:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 285168
etag: W/"65604b79-6883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apqlaEcn2mU%2FvHk1EWYPf6gOAUc2b7PtfbySrc3BkGHWRDInh2uTtr7IfUTEh2vAYVsODrFg%2F%2BAI5W9ICbSY01T1DytcUxNqgTxXOuApS4SczJxEvpTsDx%2BlWMwk7j9r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82eaf3400adf3a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 public.a7dfd48834572bbd750c.js Show response
q3.qwintry.com/js/workspace/scripts/ 476 B
662 B 50ms
50ms Script
application/javascript 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3.qwintry.com/js/workspace/scripts/public.a7dfd48834572bbd750c.js
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 433dafdd82ca1b56a4b76a366c5583b4e9de0bfe959d882da79ecc734ef13e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 12:38:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1462235
etag: W/"65536a2b-1dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhpVe0CwYNI3jlwqQ49Q2zYaeAFN1RAocjDvKrCjfI2RR8WgNtw69T0IL5G%2BNe%2FLMvFctLXELp1FEZpVshP7%2F0FRR6uqrMMr5%2FWtuyDbKnhqi3XX4086ku8FLhfesnDA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82eaf3400ae23a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 login.973ef68ab95d44d2f6fd.js Show response
q3.qwintry.com/js/workspace/scripts/ 12 KB
4 KB 51ms
51ms Script
application/javascript 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3.qwintry.com/js/workspace/scripts/login.973ef68ab95d44d2f6fd.js
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a20536f19d44a1c0595c57899dbdd4efd239e422f6a9848c5955380561b7d07f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 12:38:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1462235
etag: W/"65536a2b-2ff0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geDyLBCOBkSvXWaeRvRKBkGVJidAMSoksrlkWGq8VnTDaPYGqAFnz4gAVWOC%2BnxK0ORGKNX9fB8dNv2T0QCCBoXnf2OeKQYkP8riNEqKZU80%2Fm1%2F2fahebWxv1Xd4eLy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82eaf3400ae33a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.svg
q3.qwintry.com/images/workspace/ 871 B
834 B 52ms
51ms Image
image/svg+xml 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q3.qwintry.com/images/workspace/loading.svg
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a94f6615b15836e3236451a4fc8be4c9a0c00b753e963fef1da5d76c2943a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Mar 2022 08:01:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1879
etag: W/"367-5db1a7bede1c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BADP9bqBr8O7AvMjouTFZfUuu1ZIDf0q7Xo6a%2B3XV1a%2BT7Isv1ecM4GHG0XOF%2BMTbGsl%2B9ykHne3c%2Bgi3YWmVAbERW3RRGqo0Od%2B64BErW29MD6hR2vvSGHW%2BzfoCeEg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
cf-ray: 82eaf3402b013a4a-FRA

GET
H2 200 gbi6hp2r8i Show response
www.clarity.ms/tag/ 668 B
1 KB 223ms
131ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gbi6hp2r8i
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 104ce6b6833b2151bb7fb0372c65b60951a89ca1dfb78d7d476e7fa7fa8d011e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Fri, 01 Dec 2023 11:22:04 GMT
x-azure-ref: 20231201T112204Z-9nppr5c9797pxcbv36g5uwpr2000000008h00000000012kd
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 668
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
91 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZVZ3FW02ZW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW7QBK5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

485e6c7c104016e453fe5bf552dbf46f881f70050ce0b865f8a60578bb009d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 11:22:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11349495972&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW7QBK5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b5cb80436ebcd6f789533402983bc86f8e06b291fe6559c5cf56c4f45d896b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75393
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 11:22:04 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW7QBK5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 09:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5546
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 11:49:38 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 215 KB
87 KB 147ms
58ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6da40d72351a7ae8385f56c56c35f0178976f28bae295d177ca2522bf1ecbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14951
x-jsd-version: 1.301.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230072-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"35c77-Iw5IkIXJy5JKLftvyhaECeuLxhg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bf7JjIiVGOjhPdShM5zI7vX6ODJLsldgaeH0obk0s7%2Fc5asJKUFUpfWJVJ5rI%2FkR8ILxnFGJzGU%2BO8e8nn3YkMtEjo6J%2F7qz3ALgI1I12OJpRMuLqF1ehDKUooVgTau3%2F%2FLe0KoWB420zZX0pmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82eaf3410be94d54-FRA

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
19 KB 182ms
82ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js?1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW7QBK5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f6b627515bab40101390996384d0da1d77ad683c0d825c0f9062ff7583a7cffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18825
x-xss-protection: 0
server: cafe
etag: 9198316013556847774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:22:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 130ms
42ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/workspace/payments?method=bitpay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 11:22:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: t0IMF6dCT3Hp2QF6EUUxzytlDkiP/6QnwWQYVnFHC4IL9o7bU9i0QGRqDIDppIyAoG1+Gfu7/ClyrrWsP3E5LQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

openapi.917ca96d9331f956d945e39706791fde.js Show response
vk.com/dist/public/api/
Redirect Chain

https://vk.com/js/api/openapi.js?167
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?167

56 KB
21 KB

147ms
146ms

Script
application/x-javascript

87.240.129.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?167
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login
Protocol: H2
Server: 87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv133-129-240-87.vk.com
Software: kittenx /
Resource Hash: 8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: cixMS4UTjwKvw9v6i2qoRl9ZZNzcyg
date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: gzip
x-frontend: front623306
last-modified: Mon, 23 Oct 2023 22:26:41 GMT
server: kittenx
etag: W/"6536f321-e147"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Tue, 05 Dec 2023 11:22:04 GMT

Redirect headers

x-trace-id: m_kOk1y__s8S6VUelsdAypp0AYtgpw
date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: gzip
x-frontend: front623306
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115163
content-type: text/html; charset=windows-1251
location: /dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?167
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 20

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
63 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33037087-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW7QBK5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f559d8fc829471f745a5e815a9f8b6fece41fe120620819633126b37355b8917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64852
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 11:22:04 GMT

OPTIONS
H2 200 auth
q3-api.qwintry.com/ru/frontend/social-accounts/ 0
0 179ms
75ms Preflight
application/json 172.67.68.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3-api.qwintry.com/ru/frontend/social-accounts/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-roistat-visit
Access-Control-Request-Method: GET
Origin: https://q3.qwintry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Roistat-Visit
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://q3.qwintry.com
access-control-expose-headers: X-Pagination-Current-Page, X-Pagination-Page-Count, X-Pagination-Per-Page, X-Pagination-Total-Count, X-Roistat-Visit, X-Hub
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 82eaf3415f5839c7-FRA
content-length: 4
content-type: application/json; charset=UTF-8
date: Fri, 01 Dec 2023 11:22:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Swjm7dRWoks97m8IFY%2FNT32IwlcHwkyKQkifDiNdYfLHgy5pThinrmIvOu24nkaJznUZC27J%2FTG5n%2FLZF56fr%2BNZQmTELXQaFRzyUjyt46nIcgLkSlA9QNore5NrYPxIaxhZDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept

POST
H2 200 / Show response
o74079.ingest.sentry.io/api/1207668/envelope/ 2 B
66 B 61ms
45ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o74079.ingest.sentry.io/api/1207668/envelope/?sentry_key=74f675273f2343519f5881c8e1b748b7&sentry_version=7

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 / Show response
o74079.ingest.sentry.io/api/1207668/envelope/ 2 B
69 B 60ms
44ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o74079.ingest.sentry.io/api/1207668/envelope/?sentry_key=74f675273f2343519f5881c8e1b748b7&sentry_version=7

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 logo-ru.svg
q3.qwintry.com/images/workspace/ 7 KB
3 KB 51ms
50ms Image
image/svg+xml 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q3.qwintry.com/images/workspace/logo-ru.svg
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 158fba606023bda57fd24ea364dc129b37297ec0d72d8ef7b5a68c03309cf119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Mar 2022 08:01:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3651
etag: W/"1ad5-5db1a7bede1c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keZKzJMjnlj2rdICY%2BXgMNZaALMITfW25j%2B1g%2FFs88fwpEkT4D8X1ACVImwi6SSn9GnjNdjsoFIlbnd8iYWyyMKECv5WcP0DaO1yEjWL%2FATAmbH9tm1habH2KMqIpAk3"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
cf-ray: 82eaf340abed3a4a-FRA

GET
H2 200 app-qrcode.png
q3.qwintry.com/images/workspace/ 388 B
820 B 49ms
48ms Image
image/webp 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q3.qwintry.com/images/workspace/app-qrcode.png
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e9846ad12896d0ee2e5dcbdb6760c843d7cac24858736e73e37390f686ca53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1669708
cf-polished: origFmt=png, origSize=525
content-disposition: inline; filename="app-qrcode.webp"
content-length: 388
cf-bgj: imgq:85,h2pri
last-modified: Sat, 26 Mar 2022 08:01:18 GMT
server: cloudflare
etag: "623ec84e-20d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRWJdg08GLImaRxWKjGXqWuuk0%2Fq9xGVgLZa45uv8Fof3Qpf1wxyOHhfj0AVELsvzpIe2Ex8LFXukrRQLted5Byl5TCQFSQyrc%2BFeMuBa0Hwy3T%2FAFV26rZvQHZ09tlI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82eaf340abef3a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-applestore-ru.svg
q3.qwintry.com/images/ 13 KB
6 KB 53ms
52ms Image
image/svg+xml 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q3.qwintry.com/images/icon-applestore-ru.svg
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf32096778015e64c79f819756f39594acaeb39c6dd5fe70686da4f38eba9921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jul 2020 12:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3651
etag: W/"34ff-5ab2f49401002"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hN%2F%2BBXmeGLarTwPGGGoZQqT9DI%2B%2FWav%2F71ijZDYqBln4%2Fq3H11YZDaHhCgZc8QfqH85HBGNhcNm%2Fwk9pcjYk17gdrXL8sYwyhHU9%2BSZpY2lTciB1sqkyr4UcS3%2BZTo1S"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
cf-ray: 82eaf340abf43a4a-FRA

GET
H2 200 icon-googlestore-ru.svg
q3.qwintry.com/images/ 10 KB
4 KB 51ms
50ms Image
image/svg+xml 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q3.qwintry.com/images/icon-googlestore-ru.svg
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69a6ffe5aabb59c736188d2d3fc0c3ccb586adab62ab1dbfa4eee095d038601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jul 2020 12:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3651
etag: W/"2636-5ab2f49401002"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jU0XND%2F6MINrytKl3iepDtFtNCz20ivrR8Myd7PlgvUYHmsTpETS038YL3dExu%2BdbAl2zfs7K4aP8spkAI3QSH1uXTUbiwjwG%2FtpRQEGfdGDCLTiFEgfi4Oc%2BxQYu6j8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
cf-ray: 82eaf340abf63a4a-FRA

GET
H2 200 trust-pilot-badge.png
q3.qwintry.com/images/workspace/ 4 KB
4 KB 60ms
59ms Image
image/webp 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q3.qwintry.com/images/workspace/trust-pilot-badge.png
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af35281205fa0d9e2dc80256542cace668ac4ad8a037e88c0a8616e7426152e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 824408
cf-polished: origFmt=png, origSize=10608
content-disposition: inline; filename="trust-pilot-badge.webp"
content-length: 4018
cf-bgj: imgq:85,h2pri
last-modified: Thu, 31 Aug 2023 06:09:23 GMT
server: cloudflare
etag: "64f02e93-2970"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opAu4oYAi4UkbZOffyTemm54oZIA9%2FiAS3gSeW%2FtNfVh0MR0RszGXzaYonH%2FjN9bKiv3Kot0720MRS%2FTcNxFTh8H0cIfCBGqlg%2B%2FsYYCLZNZcNDQFJSRltFrpEIwTk5m"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82eaf340abf83a4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 auth Show response
q3-api.qwintry.com/ru/frontend/social-accounts/ 300 B
680 B 75ms
74ms XHR
application/json 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://q3-api.qwintry.com/ru/frontend/social-accounts/auth
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efeef096a87248c3b52fd241de7de887c994bdddcb003a4080d8d5f864a36175

Request headers

Accept: application/json
Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
X-Roistat-Visit: 22820087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssUx8pnM5wDsWy2hLKr31DED87dH%2FbSGPNZr8W05sEbV0YWiPzEYZTUxbkq3cXeMF%2B%2BqtHpoUJcBJsLfgD0wu8gLWnf9BYxFeoT5PWbdnS4MSY0IipRtRlluftxvEVHxOsmX3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://q3.qwintry.com
access-control-expose-headers: X-Pagination-Current-Page, X-Pagination-Page-Count, X-Pagination-Per-Page, X-Pagination-Total-Count, X-Roistat-Visit, X-Hub
access-control-allow-credentials: true
cf-ray: 82eaf341dd1d3a4a-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
47ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1001830712&t=event&ni=1&_s=1&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&ul=en-us&de=UTF-8&dt=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Helper&ea=First%20Visit&_u=YGDAAEABAAAAACAEK~&jid=890851571&gjid=1585409697&cid=1592980745.1701429724&tid=UA-33037087-1&_gid=2037293408.1701429724&_r=1&_slc=1&gtm=45He3bt0n81TW7QBK5v77678436&cd2=0&cd10=1701429724&cd11=0&cd12=0&cd13=0&cd14=0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=1592980745&cd4=1701429724&z=1153957689

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
43ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1001830712&t=pageview&_s=1&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&ul=en-us&de=UTF-8&dt=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAEK~&jid=&gjid=&cid=1592980745.1701429724&tid=UA-33037087-1&_gid=2037293408.1701429724&gtm=45He3bt0n81TW7QBK5v77678436&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=886628458

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 05:25:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21404
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
46ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1001830712&t=pageview&_s=1&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&dp=ru%2Flogin&ul=en-us&de=UTF-8&dt=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAEK~&jid=334345975&gjid=1268428798&cid=1592980745.1701429724&tid=UA-33037087-1&_gid=2037293408.1701429724&_r=1&z=544671694

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 144ms
47ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=890851571&gjid=1585409697&_gid=2037293408.1701429724&_u=YGDAAEAAAAAAACAEK~&z=1335626569

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11349495972/ 3 KB
2 KB 138ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11349495972/?random=1701429724319&cv=11&fst=1701429724319&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9166831514z877678436&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&hn=www.googleadservices.com&frm=0&tiba=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&auid=164316308.1701429724&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11349495972&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

017e889b6e5c3fc3c77b3a9235b8fcf074740d4a5911bbc0d6a02c239ac6883a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 125ms
48ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=334345975&gjid=1268428798&_gid=2037293408.1701429724&_u=aGDACEABBAAAACAEK~&z=1482359296

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK addVisit Show response
cloud-eu.roistat.com/api/site/1.0/0f0324f7f948850329016c615f934868/ 1 KB
1 KB 289ms
289ms Script
application/javascript 62.210.196.96
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-eu.roistat.com/api/site/1.0/0f0324f7f948850329016c615f934868/addVisit?v=322&marker=&visit=22820087&first_visit=22820087&guid=undefined&phone_prefix=&phone_prefix_bind=&phone_scripts_bind=&referrer=&page=https%3A%2F%2Fq3.qwintry.com%2Fru%2Fworkspace%2Fpayments%3Fmethod%3Dbitpay&ab=&ab_variants=&hash=OS%60%40c%40ECIG%13ZI%19xBNl%13ZI%1B%13_p%7D%7CAr%18RZI%19xFHF%13Sprl%1Bprd%1AIP%1A%5DeShSH%18FPNml%1Ar%18FPr%19dBNG%7CLpml%1As%7C%13ZHF%13%40H%18%13XK%7D%7F%13g~YMr%19dFI%19dZH%18%1E%13I%18l%18KP%7C%5DerxCH~o%19g~l%40HD%7F%1Eg%18BZg%18%7C%5CHbc%1DcmNFH%18R%5Cs%18l%1AK%7D%13_zy%7F%19%7BC%7FSgGd%5CN%7D%1F%1AIDAFg%40cFg%1AoFd%1AcFg%40%60ZI%18%12Fg%40cFg%1AoFg%40%60oxy%7FSgC%7FS%7BS%7FSgG%1FBH%7D%7FFg%40cFg%1AoFg%40cFxnkFe~gFxnkF%7B%40%7FFxnoFenkFxnkF%7BAgFxnkF%7B%40kFxnkF%7BA%7BFxnkF%7B%40MFxnoFeosFg%40cFd%1A%7BFd%1A%7B%1Dcl%13Ds%18RLsr%7F%13gy%1ERf%40o%18dngRd%40g%5Dei%1ERdPkRdnc%1FdPc%1AeSh%7DKrdZNn%1AReSh~p%7Dl_IP%1AReShSH%18FPNml%1Ar%19pZI%18F%1Az~cSenc%5DgnM%19eShSH%18FPNml%1Ar%18pZIDd%1Ar%19pZI%18F%1Az~cSenc%5DgnM%19eShSH%18FPNml%1Ar%19pZI%18F%1Ar%18d%5CH%18%5EZp%7C%13FObhZIG%7F%13dPI%19d%40k%5Dgi%60%13
Requested by: Host: cloud-eu.roistat.com
URL: https://cloud-eu.roistat.com/api/site/1.0/0f0324f7f948850329016c615f934868/init?referrer=https%3A%2F%2Fq3.qwintry.com%2Fru%2Fworkspace%2Fpayments%3Fmethod%3Dbitpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 62.210.196.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-196-96.rev.poneytelecom.eu
Software: nginx /
Resource Hash: c9b08fd3b1377edd911f0be35a6b3e9b775e0b02df53b7439ec6105d8aaa71fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 11:22:04 GMT
Content-Encoding: gzip
Xdomainrequestallowed: 1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 133ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZVZ3FW02ZW&gtm=45je3bt0v870014738z877678436&_p=1701429723827&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1592980745.1701429724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701429724&sct=1&seg=0&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&dt=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&en=page_view&_fv=1&_ss=2&tfd=1477
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVZ3FW02ZW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 97ms
49ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZVZ3FW02ZW&cid=1592980745.1701429724&gtm=45je3bt0v870014738z877678436&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVZ3FW02ZW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F37FBR2LYP&gtm=45je3bt0v870014738z877678436&_p=1701429723827&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1592980745.1701429724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701429724&sct=1&seg=0&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&dt=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&en=page_view&_fv=1&_ss=1&tfd=1488
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVZ3FW02ZW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 150ms
63ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZVZ3FW02ZW&cid=1592980745.1701429724&gtm=45je3bt0v870014738z877678436&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=798042818

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 49ms
49ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1001830712&t=pageview&_s=1&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&ul=en-us&de=UTF-8&dt=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAACAEK~&jid=1338378600&gjid=603442325&cid=1592980745.1701429724&tid=UA-33037087-1&_gid=2037293408.1701429724&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1525964443

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33037087-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 09:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5546
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 11:49:38 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-...

264 B
393 B

74ms
74ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A2%3Adp%3A0%3Als%3A492539198203%3Ahid%3A953251001%3Az%3A60%3Ai%3A20231201122204%3Aet%3A1701429724%3Ac%3A1%3Arn%3A191404531%3Arqn%3A1%3Au%3A1701429724981654103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C511%2C2%2C382%2C0%2C%2C435%2C0%2C%2C%2C%2C1330%3Aco%3A0%3Acpf%3A1%3Ans%3A1701429722880%3Agi%3AR0ExLjIuMTU5Mjk4MDc0NS4xNzAxNDI5NzI0%3Ast%3A1701429724&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6df6ad4c83e73a00bc84aa52e01e8a13cf3268b4159637eded67baaea054dc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 01-Dec-2023 11:22:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://q3.qwintry.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Fri, 01-Dec-2023 11:22:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01-Dec-2023 11:22:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A2%3Adp%3A0%3Als%3A492539198203%3Ahid%3A953251001%3Az%3A60%3Ai%3A20231201122204%3Aet%3A1701429724%3Ac%3A1%3Arn%3A191404531%3Arqn%3A1%3Au%3A1701429724981654103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C511%2C2%2C382%2C0%2C%2C435%2C0%2C%2C%2C%2C1330%3Aco%3A0%3Acpf%3A1%3Ans%3A1701429722880%3Agi%3AR0ExLjIuMTU5Mjk4MDc0NS4xNzAxNDI5NzI0%3Ast%3A1701429724&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://q3.qwintry.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 01-Dec-2023 11:22:04 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
565 B 276ms
120ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 30 Nov 2023 11:42:35 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6568752b-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 01 Dec 2023 12:22:04 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/21268135/
Redirect Chain

https://mc.yandex.ru/watch/21268135?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%...
https://mc.yandex.ru/watch/21268135/1?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A...

480 B
516 B

77ms
77ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/21268135/1?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A1540852423689%3Ahid%3A953251001%3Az%3A60%3Ai%3A20231201122204%3Aet%3A1701429724%3Ac%3A1%3Arn%3A478074043%3Arqn%3A1%3Au%3A1701429724981654103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C511%2C2%2C382%2C0%2C%2C435%2C0%2C%2C%2C%2C1330%3Aco%3A0%3Acpf%3A1%3Ans%3A1701429722880%3Agi%3AR0ExLjIuMTU5Mjk4MDc0NS4xNzAxNDI5NzI0%3Arqnl%3A1%3Ast%3A1701429724%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fae128c07cde61295a2b4f07a0e476ffeb909f60b0e0a0a00857238691679de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 01-Dec-2023 11:22:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://q3.qwintry.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 480
x-xss-protection: 1; mode=block
expires: Fri, 01-Dec-2023 11:22:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01-Dec-2023 11:22:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/21268135/1?wmode=7&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckruryr72ly1stmj07z%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A1540852423689%3Ahid%3A953251001%3Az%3A60%3Ai%3A20231201122204%3Aet%3A1701429724%3Ac%3A1%3Arn%3A478074043%3Arqn%3A1%3Au%3A1701429724981654103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C511%2C2%2C382%2C0%2C%2C435%2C0%2C%2C%2C%2C1330%3Aco%3A0%3Acpf%3A1%3Ans%3A1701429722880%3Agi%3AR0ExLjIuMTU5Mjk4MDc0NS4xNzAxNDI5NzI0%3Arqnl%3A1%3Ast%3A1701429724%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://q3.qwintry.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 01-Dec-2023 11:22:04 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/924519911/ 3 KB
1 KB 54ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924519911/?random=1701429724429&cv=9&fst=1701429724429&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&tiba=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3559dc12af4b72c2c2bf9606fb2f680e3ee023f3f20444f194f5759d7e19869f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 48ms
47ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=1338378600&gjid=603442325&_gid=2037293408.1701429724&_u=aGDACUABBAAAACAEK~&z=1631134233

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 78ms
78ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gbi6hp2r8i
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
etag: W/"0x8DBE772F014B026"
vary: Accept-Encoding
x-azure-ref: 20231201T112204Z-9nppr5c9797pxcbv36g5uwpr2000000008h00000000012mb
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 71b8cf6e-801e-0048-4d51-1f33ec000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 1561901737398152 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 553ms
553ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1561901737398152?v=2.9.138&r=stable&domain=q3.qwintry.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b690d30345697bdf0f164dd1cb4c336d3a2ce690bef69f2a99e5a7cbdf002184

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 11:22:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: sLTyeEe031/Mv05f2z+kiy11GrTc3A2mRJpfGFhrwEq+Zz9TZzaCg97p6ls0UmfrKkjI5ZEFBKG6n0W45kRfLw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 153ms
67ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=890851571&_u=YGDAAEAAAAAAACAEK~&z=657182317

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 106ms
67ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=890851571&_u=YGDAAEAAAAAAACAEK~&z=657182317

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 151ms
65ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=334345975&_u=aGDACEABBAAAACAEK~&z=584006754

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 94ms
65ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=334345975&_u=aGDACEABBAAAACAEK~&z=584006754

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11349495972/ 42 B
455 B 114ms
63ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11349495972/?random=1701429724319&cv=11&fst=1701428400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9166831514z877678436&u_w=1600&u_h=1200&url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&frm=0&tiba=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN0lOFPZaLZ6qw5tA-tNawkhj73LEPDQ&random=801824490&rmt_tld=0&ipr=y

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11349495972/ 42 B
455 B 53ms
52ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11349495972/?random=1701429724319&cv=11&fst=1701428400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9166831514z877678436&u_w=1600&u_h=1200&url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&frm=0&tiba=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN0lOFPZaLZ6qw5tA-tNawkhj73LEPDQ&random=801824490&rmt_tld=1&ipr=y

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 103ms
64ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=1338378600&_u=aGDACUABBAAAACAEK~&z=1249838865

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
65ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33037087-1&cid=1592980745.1701429724&jid=1338378600&_u=aGDACUABBAAAACAEK~&z=1249838865

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/924519911/ 42 B
108 B 53ms
52ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/924519911/?random=1701429724429&cv=9&fst=1701428400000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&tiba=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&fmt=3&is_vtc=1&cid=CAQSGwDICaaNe1EENAxHh53Knba_x34fxN4uTyB1zQ&random=186509636&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/924519911/ 42 B
108 B 51ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/924519911/?random=1701429724429&cv=9&fst=1701428400000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&tiba=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&fmt=3&is_vtc=1&cid=CAQSGwDICaaNe1EENAxHh53Knba_x34fxN4uTyB1zQ&random=186509636&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon-google-login.svg
q3.qwintry.com/images/workspace/ 1 KB
925 B 50ms
50ms Image
image/svg+xml 104.26.13.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q3.qwintry.com/images/workspace/icon-google-login.svg
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c5ace8ad80979283350a01f6e84dd9d46ad22c93ba3a0322a48ff3944132385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/ru/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Mar 2022 08:01:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 87
etag: W/"4c0-5db1a7bede1c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nON%2BuJCPVk2dM9UOgPpYQ1cOYOQ99CkEG9qa1fpEtOus6vgMuY%2F836Z0pLXGA%2BWOFXFe51JUF4JPyhm55ysFPuIeEcAcAF2uEq9NLOfCfRD2vUHEW5RFm9N9XRq0QUfh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
cf-ray: 82eaf3424db63a4a-FRA

GET
H2 200 rtrg
vk.com/ 49 B
398 B 84ms
84ms Image
image/gif 87.240.129.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-474298-vGKC&metatag_url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&metatag_title=%D0%92%D0%BE%D0%B9%D1%82%D0%B8

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv133-129-240-87.vk.com

Software

kittenx / KPHP/7.4.115163

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: eTEIyQs7RwnAwRRAHYVU02Xw3KAXyA
date: Fri, 01 Dec 2023 11:22:04 GMT
content-encoding: gzip
x-frontend: front623306
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115163
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
294 B 1362ms
1048ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://q3.qwintry.com
Date: Fri, 01 Dec 2023 11:22:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10204.7xMEhiHWPexwA8UQimKcLLiCRi1tg1vVofeo6SYfHluDJelKXCnVatRdSgzSC4D7.7uuHO6dhVcUXZlzRiya0Ipln1u4%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=10204.xdqYE-qV8l88qG3YtLicqaYE_byZZqJy0q6fivE9Yxfdz23vefN01o2N37Zyo_pzqdoTsYmxgfaC6k6zKtc-NXf3gMITPsa34vi-D2dQdWothQZjKECfj1P3YSv8nLfO1mH3Lc6B...

43 B
504 B

75ms
75ms

Image
image/gif

80.239.201.67
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=10204.xdqYE-qV8l88qG3YtLicqaYE_byZZqJy0q6fivE9Yxfdz23vefN01o2N37Zyo_pzqdoTsYmxgfaC6k6zKtc-NXf3gMITPsa34vi-D2dQdWothQZjKECfj1P3YSv8nLfO1mH3Lc6BZJjWuELmU-if3Bc1PGIBIvz7uhxvf4tiemzYaoaOoYqNaJgYR1bL_hUbzrVgPPc9VWCrdW4ekX8gxkY08gkqyvq5OFk3X1RES4s%2C.gZxNQ2rbBP-IqSwGMdZAzBcBKwo%2C

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Server

80.239.201.67 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:05 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=10204.xdqYE-qV8l88qG3YtLicqaYE_byZZqJy0q6fivE9Yxfdz23vefN01o2N37Zyo_pzqdoTsYmxgfaC6k6zKtc-NXf3gMITPsa34vi-D2dQdWothQZjKECfj1P3YSv8nLfO1mH3Lc6BZJjWuELmU-if3Bc1PGIBIvz7uhxvf4tiemzYaoaOoYqNaJgYR1bL_hUbzrVgPPc9VWCrdW4ekX8gxkY08gkqyvq5OFk3X1RES4s%2C.gZxNQ2rbBP-IqSwGMdZAzBcBKwo%2C
date: Fri, 01 Dec 2023 11:22:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10204.iZnTY3rcBBg8zxZ4DcgGZEotlz2G775CjsnnpXEINTcbt5_7iX0L8hg6qJIKPdah.YYYVURUIpMXqgBkilZbWGL6Ju0E%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10204.3atOpBF4AxHaBAKcYQjPtP2LuAtZ9ev-RqHXSWOnDWP5D4uH96qgMVJeIZaZcBK2u6ZM8iKf2r66hk1AhXM-4sdPG8VUM9xTOhNKBhUBwV7PcJsc3xg-PDz5LBRWzhoMMh-TJoaJ9D...

43 B
477 B

77ms
76ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10204.3atOpBF4AxHaBAKcYQjPtP2LuAtZ9ev-RqHXSWOnDWP5D4uH96qgMVJeIZaZcBK2u6ZM8iKf2r66hk1AhXM-4sdPG8VUM9xTOhNKBhUBwV7PcJsc3xg-PDz5LBRWzhoMMh-TJoaJ9DecCotLGwdS6lWbKq9iAs8TKZ_dHga1xj9awbDZfBKrWhU0UlYYbvCHhB98OyCPro1powAKHjal5d2RsGO3jvRiJ-WLntpl8os%2C.fJEa7wcP8YeD_Mkyt2Az3a1cfzw%2C

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10204.3atOpBF4AxHaBAKcYQjPtP2LuAtZ9ev-RqHXSWOnDWP5D4uH96qgMVJeIZaZcBK2u6ZM8iKf2r66hk1AhXM-4sdPG8VUM9xTOhNKBhUBwV7PcJsc3xg-PDz5LBRWzhoMMh-TJoaJ9DecCotLGwdS6lWbKq9iAs8TKZ_dHga1xj9awbDZfBKrWhU0UlYYbvCHhB98OyCPro1powAKHjal5d2RsGO3jvRiJ-WLntpl8os%2C.fJEa7wcP8YeD_Mkyt2Az3a1cfzw%2C
date: Fri, 01 Dec 2023 11:22:04 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 121ms
41ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1561901737398152&ev=PageView&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&rl=&if=false&ts=1701429725016&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701429725016.948444380&ler=empty&it=1701429724440&coo=false&rqm=GET

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 11:22:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 121ms
41ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1561901737398152&ev=PixelInitialized&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&rl=&if=false&ts=1701429725020&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701429725016.948444380&ler=empty&it=1701429724440&coo=false&rqm=GET

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/ru/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 11:22:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D061CBCDC272483C8013B8EF876D0A97&RedC=c.clarity.ms&MXFR=0A31E7152E0B6FD3329BF4CF2A0B6140
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D061CBCDC272483C8013B8EF876D0A97&MUID=14CF2AFFC9DB659925393925C87764E9

42 B
443 B

56ms
56ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D061CBCDC272483C8013B8EF876D0A97&MUID=14CF2AFFC9DB659925393925C87764E9
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:04 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 71D3AE2062DB4053B0EA9A281523A609 Ref B: FRA31EDGE0818 Ref C: 2023-12-01T11:22:05Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D061CBCDC272483C8013B8EF876D0A97&MUID=14CF2AFFC9DB659925393925C87764E9
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK counter.js Show response
cllctr.roistat.com/ 6 KB
3 KB 161ms
48ms Script
application/javascript 163.172.207.27
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cllctr.roistat.com/counter.js
Requested by: Host: cloud-eu.roistat.com
URL: https://cloud-eu.roistat.com/api/site/1.0/0f0324f7f948850329016c615f934868/init?referrer=https%3A%2F%2Fq3.qwintry.com%2Fru%2Fworkspace%2Fpayments%3Fmethod%3Dbitpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.172.207.27 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-207-27.rev.poneytelecom.eu
Software: nginx/1.18.0 /
Resource Hash: 68e59da384f914747033036f594802426eefd14718786bf64f8692799695507a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 11:22:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Apr 2021 00:43:36 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive

GET
H/1.1 200
OK Y291bnRlcl9pZD0wZjAzMjRmN2Y5NDg4NTAzMjkwMTZjNjE1ZjkzNDg2OCZwYWdlPWh0dHBzJTNBJTJGJTJGcTMucXdpbnRyeS5jb20lMkZydSUyRmxvZ2luJmNvb2tpZT1yb2lzdGF0X2lzX25lZWRfbGlzdGVuX3JlcXVlc3RzJTNEMCUzQiUyMHJvaXN0YXRfa... Show response
cllctr.roistat.com/stream/view/-/ 58 B
329 B 47ms
47ms Script
text/plain 163.172.207.27
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cllctr.roistat.com/stream/view/-/Y291bnRlcl9pZD0wZjAzMjRmN2Y5NDg4NTAzMjkwMTZjNjE1ZjkzNDg2OCZwYWdlPWh0dHBzJTNBJTJGJTJGcTMucXdpbnRyeS5jb20lMkZydSUyRmxvZ2luJmNvb2tpZT1yb2lzdGF0X2lzX25lZWRfbGlzdGVuX3JlcXVlc3RzJTNEMCUzQiUyMHJvaXN0YXRfaXNfc2F2ZV9kYXRhX2luX2Nvb2tpZSUzRDElM0IlMjBfc2Vzc2lvbiUzRHNhdms1cDl0Ym0xNzExY251ODNoaTNlb2xyJTNCJTIwZ2VvbG9jYXRpb24lM0QlMjU3QiUyNTIyY291bnRyeSUyNTIyJTI1M0ElMjU3QiUyNTIyaXNvJTI1MjIlMjUzQSUyNTIyREUlMjUyMiUyNTJDJTI1MjJuYW1lJTI1MjIlMjUzQSUyNTIyJTI1RDAlMjU5MyUyNUQwJTI1QjUlMjVEMSUyNTgwJTI1RDAlMjVCQyUyNUQwJTI1QjAlMjVEMCUyNUJEJTI1RDAlMjVCOCUyNUQxJTI1OEYlMjUyMiUyNTdEJTI1N0QlM0IlMjBfZ2NsX2F1JTNEMS4xLjE2NDMxNjMwOC4xNzAxNDI5NzI0JTNCJTIwVmlzaXQlM0QxJTNCJTIwU2VhbnMlM0QxJTNCJTIwcm9pc3RhdF92aXNpdCUzRDIyODIwMDg3JTNCJTIwcm9pc3RhdF9maXJzdF92aXNpdCUzRDIyODIwMDg3JTNCJTIwcm9pc3RhdF92aXNpdF9jb29raWVfZXhwaXJlJTNENzc3NjAwMCUzQiUyMF9naWQlM0RHQTEuMi4yMDM3MjkzNDA4LjE3MDE0Mjk3MjQlM0IlMjBfZ2F0X1VBLTMzMDM3MDg3LTElM0QxJTNCJTIwX2dhdCUzRDElM0IlMjBfZ2FfRjM3RkJSMkxZUCUzREdTMS4xLjE3MDE0Mjk3MjQuMS4wLjE3MDE0Mjk3MjQuMC4wLjAlM0IlMjBfZ2ElM0RHQTEuMi4xNTkyOTgwNzQ1LjE3MDE0Mjk3MjQlM0IlMjBfZ2F0X2d0YWdfVUFfMzMwMzcwODdfMSUzRDElM0IlMjBfZ2FfWlZaM0ZXMDJaVyUzREdTMS4xLjE3MDE0Mjk3MjQuMS4wLjE3MDE0Mjk3MjQuNjAuMC4wJTNCJTIwX3ltX3VpZCUzRDE3MDE0Mjk3MjQ5ODE2NTQxMDMlM0IlMjBfeW1fZCUzRDE3MDE0Mjk3MjQlM0IlMjBfY2xjayUzRDFmdjhsZnklMjU3QzIlMjU3Q2ZoNiUyNTdDMCUyNTdDMTQzMCUzQiUyMFZpc2l0RGF0ZSUzRDE3MDE0Mjk3MjUlM0IlMjByb2lzdGF0X2Nvb2tpZXNfdG9fcmVzYXZlJTNEcm9pc3RhdF9hYiUyNTJDcm9pc3RhdF9hYl9zdWJtaXQlMjUyQ3JvaXN0YXRfdmlzaXQlM0IlMjBfeW1faXNhZCUzRDIlM0IlMjBfeW1fdmlzb3JjJTNEdyUzQiUyMF9mYnAlM0RmYi4xLjE3MDE0Mjk3MjUwMTYuOTQ4NDQ0MzgwJmhvc3Q9cTMucXdpbnRyeS5jb20mdmlzaXRfaWQ9MjI4MjAwODcmcGhvbmU9
Requested by: Host: cllctr.roistat.com
URL: https://cllctr.roistat.com/counter.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.172.207.27 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-207-27.rev.poneytelecom.eu
Software: nginx/1.18.0 /
Resource Hash: fc3f93950a338d585ff87a8009897636306438ee4036be02c08c633ff9b6f0cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 11:22:05 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 58
Content-Type: text/plain; charset=utf-8

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
294 B 225ms
225ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://q3.qwintry.com
Date: Fri, 01 Dec 2023 11:22:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 200 21268135
mc.yandex.ru/webvisor/ 43 B
0 370ms
150ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/21268135?wv-part=1&wv-type=7&wmode=0&wv-hit=953251001&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&rn=182925027&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1701429727%3Aw%3A1600x1200%3Av%3A1170%3Az%3A60%3Ai%3A20231201122207%3Au%3A1701429724981654103%3Avf%3A3akmpckruryr72ly1stmj07z%3Ast%3A1701429727&t=gdpr(14)ti(1)

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:07 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01-Dec-2023 11:22:07 GMT
content-type: image/gif
access-control-allow-origin: https://q3.qwintry.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 01-Dec-2023 11:22:07 GMT

POST
H2 200 21268135
mc.yandex.ru/webvisor/ 43 B
0 81ms
81ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/21268135?wv-part=1&wv-type=7&wmode=0&wv-hit=953251001&page-url=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&rn=743081914&browser-info=we%3A1%3Aet%3A1701429728%3Aw%3A1600x1200%3Av%3A1170%3Az%3A60%3Ai%3A20231201122207%3Au%3A1701429724981654103%3Avf%3A3akmpckruryr72ly1stmj07z%3Ast%3A1701429728&t=gdpr(14)ti(1)

Requested by

Host: q3.qwintry.com
URL: https://q3.qwintry.com/js/workspace/workspace.js?v=1701416410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://q3.qwintry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:07 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01-Dec-2023 11:22:07 GMT
content-type: image/gif
access-control-allow-origin: https://q3.qwintry.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 01-Dec-2023 11:22:07 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 53ms
52ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZVZ3FW02ZW&gtm=45je3bt0v870014738&_p=1701429723827&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1592980745.1701429724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701429724&sct=1&seg=0&dl=https%3A%2F%2Fq3.qwintry.com%2Fru%2Flogin&dt=%D0%92%D0%BE%D0%B9%D1%82%D0%B8&en=scroll&epn.percent_scrolled=90&_et=23&tfd=6501
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVZ3FW02ZW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://q3.qwintry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 11:22:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://q3.qwintry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
q3.qwintry.com/ru/workspace	1969-12-31 23:59:59	Name: roistat_is_need_listen_requests Value: 0
q3.qwintry.com/ru/workspace	1969-12-31 23:59:59	Name: roistat_is_save_data_in_cookie Value: 1
.qwintry.com/	1969-12-31 23:59:59	Name: _session Value: savk5p9tbm1711cnu83hi3eolr
q3.qwintry.com/	1970-01-20 16:37:13	Name: geolocation Value: %7B%22country%22%3A%7B%22iso%22%3A%22DE%22%2C%22name%22%3A%22%D0%93%D0%B5%D1%80%D0%BC%D0%B0%D0%BD%D0%B8%D1%8F%22%7D%7D
.qwintry.com/	1970-01-21 01:22:45	Name: _language Value: 8025f18fc2478d8820bb29854405b89e1444fa3ef8a07f3f9e45c078bdac39bda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_language%22%3Bi%3A1%3Bs%3A2%3A%22ru%22%3B%7D
q3.qwintry.com/	1970-01-21 01:24:12	Name: firstvisit Value: adc3f492617de09ea9ea6e1f20217020982a4dfd4ccafed0889580e5648a49a0a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22firstvisit%22%3Bi%3A1%3Ba%3A3%3A%7Bs%3A9%3A%22timestamp%22%3Bi%3A1701429723%3Bs%3A2%3A%22ip%22%3Bs%3A12%3A%2280.255.7.106%22%3Bs%3A8%3A%22referrer%22%3BN%3B%7D%7D
q3.qwintry.com/	1969-12-31 23:59:59	Name: _csrf Value: 8c3daf6fd299e4c8e88f4d627eacfaefb56eeeb5cb3e5cb44ad76b0f7bc1768da%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%223R4ekBSwt7cT0ttv7J8ngj8fSglF6ebM%22%3B%7D
.qwintry.com/	1970-01-20 18:46:45	Name: _gcl_au Value: 1.1.164316308.1701429724
q3.qwintry.com/	1969-12-31 23:59:59	Name: Visit Value: 1
q3.qwintry.com/	1969-12-31 23:59:59	Name: Seans Value: 1
.qwintry.com/	1970-01-20 18:46:45	Name: roistat_visit Value: 22820087
.qwintry.com/	1970-01-21 02:13:09	Name: roistat_first_visit Value: 22820087
.qwintry.com/	1970-01-20 18:46:45	Name: roistat_visit_cookie_expire Value: 7776000
.qwintry.com/	1970-01-20 16:38:36	Name: _gid Value: GA1.2.2037293408.1701429724
.qwintry.com/	1970-01-20 16:37:09	Name: _gat_UA-33037087-1 Value: 1
.qwintry.com/	1970-01-20 16:37:09	Name: _gat Value: 1
.qwintry.com/	1970-01-21 02:13:09	Name: _ga_F37FBR2LYP Value: GS1.1.1701429724.1.0.1701429724.0.0.0
.qwintry.com/	1970-01-21 02:13:09	Name: _ga Value: GA1.2.1592980745.1701429724
.qwintry.com/	1970-01-20 16:37:09	Name: _gat_gtag_UA_33037087_1 Value: 1
.qwintry.com/	1970-01-21 02:13:09	Name: _ga_ZVZ3FW02ZW Value: GS1.1.1701429724.1.0.1701429724.60.0.0
.qwintry.com/	1970-01-21 01:22:45	Name: _ym_uid Value: 1701429724981654103
.qwintry.com/	1970-01-21 01:22:45	Name: _ym_d Value: 1701429724
www.clarity.ms/	1970-01-21 01:22:45	Name: CLID Value: 2f793dbe09944b23bf7d65fe3c29b4a2.20231201.20241130
.vk.com/	1970-01-21 01:32:10	Name: remixlang Value: 6
.vk.com/	1970-01-21 01:22:45	Name: remixstlid Value: 9062808541164749456_pKW9krkzODhBQeScyTkoJLu7yHkZ5Doel8qmdN8Zzh8
.doubleclick.net/	1970-01-20 16:37:10	Name: test_cookie Value: CheckForPermission
.qwintry.com/	1970-01-21 01:22:45	Name: _clck Value: 1fv8lfy%7C2%7Cfh6%7C0%7C1430
q3.qwintry.com/	1969-12-31 23:59:59	Name: VisitDate Value: 1701429725
q3.qwintry.com/	1969-12-31 23:59:59	Name: roistat_cookies_to_resave Value: roistat_ab%2Croistat_ab_submit%2Croistat_visit
.yandex.ru/	1970-01-21 01:22:45	Name: ymex Value: 1732965724.yrts.1701429724#1732965724.yrtsi.1701429724
.yandex.ru/	1970-01-21 01:22:45	Name: bh Value: KgI/MA==
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2354963171701429724
.yandex.ru/	1970-01-21 01:22:45	Name: yuidss Value: 979896361701429724
.yandex.ru/	1970-01-21 02:13:09	Name: i Value: 7w4yCzFx/7wxGy3rJIlCSyLxfgV9ka2vFBoDKoGfB8H9SKrFcQEn6Von/caNEeB+zm2u81SP9E1lfWb337J0gizxIjI=
.yandex.ru/	1970-01-21 02:13:09	Name: yandexuid Value: 4260876031701429724
.qwintry.com/	1970-01-20 16:38:21	Name: _ym_isad Value: 2
.qwintry.com/	1970-01-20 16:37:11	Name: _ym_visorc Value: w
.mc.yandex.com/	1970-01-20 16:37:10	Name: sync_cookie_csrf Value: 3919380654fake
.yandex.com/	1970-01-21 02:13:09	Name: yandexuid Value: 4260876031701429724
.yandex.com/	1970-01-21 02:13:09	Name: yuidss Value: 4260876031701429724
.yandex.com/	1970-01-21 02:13:09	Name: i Value: 7w4yCzFx/7wxGy3rJIlCSyLxfgV9ka2vFBoDKoGfB8H9SKrFcQEn6Von/caNEeB+zm2u81SP9E1lfWb337J0gizxIjI=
.mc.yandex.com/	1970-01-20 16:38:36	Name: sync_cookie_ok Value: synced
.qwintry.com/	1970-01-20 18:46:45	Name: _fbp Value: fb.1.1701429725016.948444380
.mc.webvisor.org/	1970-01-20 16:37:10	Name: sync_cookie_csrf Value: 1591712617fake
.mc.yandex.ru/	1970-01-20 16:37:10	Name: sync_cookie_csrf Value: 956152676fake
.webvisor.org/	1970-01-21 02:13:09	Name: yandexuid Value: 4260876031701429724
.webvisor.org/	1970-01-21 02:13:09	Name: yuidss Value: 4260876031701429724
.webvisor.org/	1970-01-21 02:13:09	Name: i Value: 7w4yCzFx/7wxGy3rJIlCSyLxfgV9ka2vFBoDKoGfB8H9SKrFcQEn6Von/caNEeB+zm2u81SP9E1lfWb337J0gizxIjI=
.mc.webvisor.org/	1970-01-20 16:38:36	Name: sync_cookie_ok Value: synced
.bing.com/	1970-01-21 01:58:45	Name: MUID Value: 14CF2AFFC9DB659925393925C87764E9
.c.bing.com/	1970-01-20 16:47:14	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:58:45	Name: SRM_B Value: 14CF2AFFC9DB659925393925C87764E9
q3.qwintry.com/	1970-01-21 02:13:09	Name: ___dc Value: 1e305a98-b1ed-4526-9cbe-1b1fbf6e5c9f
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:58:45	Name: MUID Value: 14CF2AFFC9DB659925393925C87764E9
.c.clarity.ms/	1970-01-20 16:47:14	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:37:10	Name: ANONCHK Value: 0
.qwintry.com/	1970-01-20 16:38:36	Name: _clsk Value: 1tnk2vy%7C1701429725991%7C1%7C1%7Cv.clarity.ms%2Fcollect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js?1(Line 29) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cllctr.roistat.com
cloud-eu.roistat.com
connect.facebook.net
googleads.g.doubleclick.net
mc.webvisor.org
mc.yandex.com
mc.yandex.ru
o74079.ingest.sentry.io
q3-api.qwintry.com
q3.qwintry.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
v.clarity.ms
vk.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.26.12.187
104.26.13.187
142.250.186.66
163.172.207.27
172.67.68.102
20.114.189.135
2001:4860:4802:32::36
2001:4860:4802:34::36
2606:4700::6810:5914
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:400c:c00::9a
2a02:6b8::1:119
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.120.195.249
62.210.196.96
68.219.88.97
80.239.201.67
87.240.129.133
017e889b6e5c3fc3c77b3a9235b8fcf074740d4a5911bbc0d6a02c239ac6883a
104ce6b6833b2151bb7fb0372c65b60951a89ca1dfb78d7d476e7fa7fa8d011e
158fba606023bda57fd24ea364dc129b37297ec0d72d8ef7b5a68c03309cf119
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3559dc12af4b72c2c2bf9606fb2f680e3ee023f3f20444f194f5759d7e19869f
3a94f6615b15836e3236451a4fc8be4c9a0c00b753e963fef1da5d76c2943a92
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
41e9846ad12896d0ee2e5dcbdb6760c843d7cac24858736e73e37390f686ca53
433dafdd82ca1b56a4b76a366c5583b4e9de0bfe959d882da79ecc734ef13e0e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
485e6c7c104016e453fe5bf552dbf46f881f70050ce0b865f8a60578bb009d93
4ec3850b4935fdb402e3026eb66f70a6c296353f877cb2e69228f906ca6dd8a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5dceeea5ddbf6a9d568202d81bb9e32723a7a1c9573724a0128229c351861fbe
66c8d62a1719e1b50f20d2fbcfa1d55a4db3411b243ce221b1af00b402f5355d
68e59da384f914747033036f594802426eefd14718786bf64f8692799695507a
6df6ad4c83e73a00bc84aa52e01e8a13cf3268b4159637eded67baaea054dc2c
801d01cd213dc18ed6471da89d01fb71ddb35d7c8d96d97636eecfcf72226963
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8af35281205fa0d9e2dc80256542cace668ac4ad8a037e88c0a8616e7426152e
8c5ace8ad80979283350a01f6e84dd9d46ad22c93ba3a0322a48ff3944132385
8f0818c6444aa463ffa8a33b7ceec446d0a3e333001349a8c2d0178738bc9cfa
8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b5cb80436ebcd6f789533402983bc86f8e06b291fe6559c5cf56c4f45d896b9
a20536f19d44a1c0595c57899dbdd4efd239e422f6a9848c5955380561b7d07f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4abab1e5c446b09c0fa59f427d572432f36cd73d66ab426c5870701b0dd8427
b690d30345697bdf0f164dd1cb4c336d3a2ce690bef69f2a99e5a7cbdf002184
bf32096778015e64c79f819756f39594acaeb39c6dd5fe70686da4f38eba9921
c69a6ffe5aabb59c736188d2d3fc0c3ccb586adab62ab1dbfa4eee095d038601
c9b08fd3b1377edd911f0be35a6b3e9b775e0b02df53b7439ec6105d8aaa71fc
d6da40d72351a7ae8385f56c56c35f0178976f28bae295d177ca2522bf1ecbbe
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a24e9d78d5973c8ed3fffd8a6efd23c9ac3a40d2a6092689b0285f92c727a
ef7b2694e0bdd75ace1485daf9e6a6e810cad96e672dda47fbacadcfcac91d62
efeef096a87248c3b52fd241de7de887c994bdddcb003a4080d8d5f864a36175
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f559d8fc829471f745a5e815a9f8b6fece41fe120620819633126b37355b8917
f6b627515bab40101390996384d0da1d77ad683c0d825c0f9062ff7583a7cffc
fae128c07cde61295a2b4f07a0e476ffeb909f60b0e0a0a00857238691679de8
fc3f93950a338d585ff87a8009897636306438ee4036be02c08c633ff9b6f0cc

q3.qwintry.com Open in urlscan Pro 104.26.13.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

92 %HTTPS

56 %IPv6

18 Domains

25 Subdomains

23 IPs

8 Countries

1648 kBTransfer

4739 kBSize

58 Cookies

13 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

q3.qwintry.com Open in urlscan Pro
104.26.13.187 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

92 %
HTTPS

56 %
IPv6

18
Domains

25
Subdomains

23
IPs

8
Countries

1648 kB
Transfer

4739 kB
Size

58
Cookies

78 HTTP transactions
0 data transactions