qpsttool.com Open in urlscan Pro
2606:4700:3037::6815:172e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qpsttool.com/
Submission Tags: falconsandbox
Submission: On January 25 via api (January 25th 2024, 2:34:31 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 14 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3037::6815:172e, located in United States and belongs to CLOUDFLARENET, US. The main domain is qpsttool.com.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.

This is the only time qpsttool.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3037::6815:172e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:7e00:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:b200:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	52.48.9.219 52.48.9.219	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
64	21

3 2606:4700:3037::6815:172e (United States)

ASN13335 (CLOUDFLARENET, US)

qpsttool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7e00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:b200:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8e8891a009513f7293e5c29dc763f80e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.9.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-9-219.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	73 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	192 KB
12	demand.supply live.demand.supply — Cisco Umbrella Rank: 54612	37 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 8e8891a009513f7293e5c29dc763f80e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	259 KB
3	qpsttool.com qpsttool.com	122 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	29 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	1 KB
1	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4267	9 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1299	6 KB
64	14

	Domain	Requested by
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
12	live.demand.supply	qpsttool.com live.demand.supply
9	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	qpsttool.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	qpsttool.com	qpsttool.com
1	www.google.com	tpc.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	8e8891a009513f7293e5c29dc763f80e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
64	20

This site contains links to these domains. Also see Links.

Domain
qcomdriver.com
qfiltool.com
qdloader9008.com

Subject Issuer	Validity	Valid
qpsttool.com GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2024-01-20` - `2024-12-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-01-09` - `2024-07-04`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://qpsttool.com/
Frame ID: BE7B154C2E73343F836D0B96CACD562F
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: C2BABC23EB20FF6842E0869FF052A218
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&adk=1812271804&adf=3025194257&lmt=1706147948&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fqpsttool.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706150066225&bpp=3&bdt=145&idt=170&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3225898257856&frm=20&pv=2&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95320376%2C95320868%2C95321626%2C95322166%2C95323008%2C21065724&oid=2&pvsid=409598389040112&tmod=1944617876&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=185
Frame ID: 6EA0F4D39CB2E40ABFF11A42C4F37988
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=2117717796&adk=435427420&adf=2018940856&pi=t.ma~as.2117717796&w=970&fwrn=4&fwrnh=100&lmt=1706147948&rafmt=1&format=970x280&url=https%3A%2F%2Fqpsttool.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706150066228&bpp=1&bdt=148&idt=185&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225898257856&frm=20&pv=1&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95320376%2C95320868%2C95321626%2C95322166%2C95323008%2C21065724&oid=2&pvsid=409598389040112&tmod=1944617876&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=188
Frame ID: 6B621A943DFB8B050BEAC624EACD57F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=2117717796&adk=435427420&adf=4110130069&pi=t.ma~as.2117717796&w=970&fwrn=4&fwrnh=100&lmt=1706147948&rafmt=1&format=970x280&url=https%3A%2F%2Fqpsttool.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706150066229&bpp=1&bdt=149&idt=191&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=3225898257856&frm=20&pv=1&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95320376%2C95320868%2C95321626%2C95322166%2C95323008%2C21065724&oid=2&pvsid=409598389040112&tmod=1944617876&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=192
Frame ID: 31CC710EE650BF3DEA8EABAF6F4CEA10
Requests: 1 HTTP requests in this frame

Frame: https://8e8891a009513f7293e5c29dc763f80e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D0E3BC2B33FF31A7452FF597F3B51E87
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F4C9605D1FB41986982897918F4840B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DC87311B640CA31FB859C2AAADC255B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QPST Tool - Qualcomm Product Support Tools (QPST)

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

64
Requests

100 %
HTTPS

70 %
IPv6

14
Domains

20
Subdomains

21
IPs

5
Countries

766 kB
Transfer

2192 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://qcomdriver.com/latest
Title: Download

Search URL Search Domain Scan URL

URL: https://qcomdriver.com/
Title: Qualcomm USB Driver

Search URL Search Domain Scan URL

URL: https://qfiltool.com/
Title: QFIL Tool

Search URL Search Domain Scan URL

URL: https://qdloader9008.com/
Title: QDloader 9008

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
qpsttool.com/ 206 KB
117 KB 235ms
195ms Document
text/html 2606:4700:3037::6815:172e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qpsttool.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7a49f9028a043e1e9535b2e143aa45a64b2caff0fb0c60bc23949af507c7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ad1df7cc423a85-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 02:34:26 GMT
last-modified: Thu, 25 Jan 2024 01:59:08 GMT
link: <https://qpsttool.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgSaNxwr3ks4Aopola1Mh5vjoku8n7td1rp5%2BpQqhRmhePM4bhvp%2FAFRJIjtmUVXiO5c8Ldr66XsHb%2FnRCjIqqw7wvkGLURptB28ucUad3qZbdXoLOLJZbxStNbAEavk8Q5Kv%2F2T5cLFTA0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-runcache-type: native
x-runcloud-cache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 74ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2840258101411863

Requested by

Host: qpsttool.com
URL: https://qpsttool.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789d85db52c70c1951fef6c01ad22484a89218c296be4165ec3c6e7b695c4368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
Origin: https://qpsttool.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51333
x-xss-protection: 0
server: cafe
etag: 5491070084908542537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 25 Jan 2024 02:34:26 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 188ms
155ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: qpsttool.com
URL: https://qpsttool.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f41a418bbee31ff8cfd5a54f2ac45b1eff85a7505ea6e7b4560fe036382d0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HMA2YPSAPS379QY3EYWAJVE4
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 560
cf-polished: origSize=4807
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2a22e799c82821bf03c33b2dada37781-ssl-df"
cache-status: "Netlify Edge"; fwd=stale
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 84ad1df93ed39229-FRA
link: <https://live.demand.supply/impl.v17.27.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/cXBzdHRvb2wuY29tLw==>; rel=preload; as=script
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ceae856f5d73d2d932caf2fc147f1b2ce5ebb54904fcd2c25277c7ea6564af3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6efaa4f18d61477ea20139c5dfb9c4c1c22f62064e73dcd3f3341d27157e1eed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 latest.png
qpsttool.com/wp-content/uploads/ 2 KB
3 KB 138ms
137ms Image
image/png 2606:4700:3037::6815:172e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpsttool.com/wp-content/uploads/latest.png

Requested by

Host: qpsttool.com
URL: https://qpsttool.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cee2fb4b82f2020a1494bb897b190cc98b1024015703d7f3f198b5fc2a73458

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2299
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Aug 2023 08:54:02 GMT
x-runcache-type: native
server: cloudflare
etag: "64dde02a-8fb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5QQPneIi5NiGeXjU3NvqaCqWDKfD64FlblpFViX2X5nKv6RpwTJRT2mxPBrECgSGtQerTtYNxcF%2BzfyeHPHCPmZxMV6Acc6yUHyaf0LbP3h1O%2BKUj6D4bsEXtrlGxFs5hMvs4TCn%2B7b4eI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84ad1df99ddd3a85-FRA
expires: Sat, 24 Feb 2024 01:59:09 GMT

GET
H2 200 qpst-fi.png
qpsttool.com/wp-content/uploads/ 2 KB
2 KB 129ms
129ms Image
image/png 2606:4700:3037::6815:172e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qpsttool.com/wp-content/uploads/qpst-fi.png

Requested by

Host: qpsttool.com
URL: https://qpsttool.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a38468a3268cd388df8e30858a3ceb7e27f5c4eda8842489af8ad42a5913dac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1789
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Aug 2023 08:55:56 GMT
x-runcache-type: native
server: cloudflare
etag: "64dde09c-6fd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79WGomSUbH2bNN%2BWwp71W4cdmGS49hRqxIURyRrwpzjnifiDJP6xWPgjS%2BWYtDXGyRvJ5AYQ08y9fXeNXTLXJ38AAwXqBSk6hP4np5mQuQ%2F3p0mcSUMBfTDsk1xd8EOTEuTA0HlL4vfamvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84ad1df99de13a85-FRA
expires: Sat, 24 Feb 2024 01:59:09 GMT

GET
DATA 200
OK truncated
/ 803 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb49b9787462d8de95d5aa8826c27fb4a6c344bff1916a95b69906d480dcefcb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f541fabdf9f39c5c12b19d921fee8d0994dacca4fd0c3ac12cbd01e87e404843

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 930315ff7368cd1caf81aca64f7360541e1c9c42cb52640a51df9021ada8859e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 82ms
68ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=qpsttool.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2840258101411863

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ca95600fd9b3a128870aafa094c86ca2254e332e9ed46911fd96f5507b00c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139869
x-xss-protection: 0
server: cafe
etag: 2367382647664164110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 02:34:26 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame C2BA 9 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2840258101411863

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 23:40:37 GMT
etag: 3890843268177463596
expires: Wed, 07 Feb 2024 23:40:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.v17.27.0.js Show response
live.demand.supply/ 88 KB
29 KB 17ms
16ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.27.0.js

Requested by

Host: qpsttool.com
URL: https://qpsttool.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4602c89de5176e8761a82157e6077bef8382dbbe928b3add803e7c9882302b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HMA2YBWERRTT1SW39E4V6VFM
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 709412
cf-polished: origSize=90464
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"841679f10e9ff32571242748433fc77c-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 84ad1dfa4f129229-FRA

GET
H2 200 cXBzdHRvb2wuY29tLw== Show response
live.demand.supply/p4/v17-24-0/ 965 B
614 B 178ms
178ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/cXBzdHRvb2wuY29tLw==
Requested by: Host: qpsttool.com
URL: https://qpsttool.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e4115c0ed710853dce309201ae3ded103895d4f1e40e28f24ae01c9a5b9750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 84ad1dfa4f139229-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
544 B 98ms
87ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=189&cs=c&dsReferer=cXBzdHRvb2wuY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HJR2G539EWFJZRGRT8PESXW9
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 205571
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "6e595705039c465f05daea10b894cefb-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 84ad1dfa5885bb32-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 130ms
83ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aced0e0192b9b9999cd3723aec3a19f57408f443f23b9d5c8f9bdde4b0c07df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29729
x-xss-protection: 0
server: cafe
etag: 796 / 19747 / m202401180101 / config-hash: 6260326267526195180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 02:34:26 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
607 B 196ms
186ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HMGTMPH1KYEK0YEC4587FAEM
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 84ad1dfa5884bb32-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 23 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab7d0c5dbd6de526bb52406acb611a41b65b4ecfced1bf324b1147921e0c0f81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8488f7da598d882af71a52169ca5fe5c02f1ab14138aaeb491aafd7bc45d955c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92a24ee0228fd13e12a27c8ab135adfbd10455cfb7266b0c9fc7dd927f95256a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f0b86b9f440dc1b10bc8e95f02d2ebc04da5b70e1d2a3a1daffdcb513d3e95c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b5bea0111f2e20bfe02fdb6486928e62988412f728d83779da9d46c431ed093

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d740a237d1442edd847ab1775b9352ba43f9c2d9786c6c1de5532e374e5e70cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6514e4599e15a994cc1bf1fa725794e2f3dd6483997c4d951e196c253065eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce0bea2795e249fb272b7c71835671259080b5d992c10f247748d4f92aac3f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 463 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83ed95482d7f3126b555efe2a06c4812af9f6df7d7ac26a809e8b4aecffa78d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
510 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=fs&dsReferer=cXBzdHRvb2wuY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.27.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HJT8QX2D3P9QYN38RFEZX4N0
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 64155
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "6e595705039c465f05daea10b894cefb-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 84ad1dfae8cebb32-FRA

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EA0 18 KB
5 KB 62ms
61ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&adk=1812271804&adf=3025194257&lmt=1706147948&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fqpsttool.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706150066225&bpp=3&bdt=145&idt=170&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3225898257856&frm=20&pv=2&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95320376%2C95320868%2C95321626%2C95322166%2C95323008%2C21065724&oid=2&pvsid=409598389040112&tmod=1944617876&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=qpsttool.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dab1ca6a68305280b71ca27cc66e20ece96840b0198ec20dfabbb1fdd2f29ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 02:34:26 GMT
expires: Thu, 25 Jan 2024 02:34:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B62 720 B
531 B 78ms
78ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=2117717796&adk=435427420&adf=2018940856&pi=t.ma~as.2117717796&w=970&fwrn=4&fwrnh=100&lmt=1706147948&rafmt=1&format=970x280&url=https%3A%2F%2Fqpsttool.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706150066228&bpp=1&bdt=148&idt=185&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225898257856&frm=20&pv=1&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95320376%2C95320868%2C95321626%2C95322166%2C95323008%2C21065724&oid=2&pvsid=409598389040112&tmod=1944617876&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=188

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d814392db9f4891df78c71444f026db3b98d106a9ae6a9f291272cf249bc555d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 02:34:26 GMT
expires: Thu, 25 Jan 2024 02:34:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 31CC 720 B
530 B 71ms
71ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=2117717796&adk=435427420&adf=4110130069&pi=t.ma~as.2117717796&w=970&fwrn=4&fwrnh=100&lmt=1706147948&rafmt=1&format=970x280&url=https%3A%2F%2Fqpsttool.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706150066229&bpp=1&bdt=149&idt=191&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=3225898257856&frm=20&pv=1&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95320376%2C95320868%2C95321626%2C95322166%2C95323008%2C21065724&oid=2&pvsid=409598389040112&tmod=1944617876&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=192

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1552ef755c312307d258a9eafc53580007cfa29f12008dae969c97691b108244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 02:34:26 GMT
expires: Thu, 25 Jan 2024 02:34:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ 430 KB
135 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41389
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138095
x-xss-protection: 0
server: cafe
etag: 16105826302836755247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 23 Jan 2025 15:04:37 GMT

GET
H2 200 ca-pub-2840258101411863 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 60ms
38ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2840258101411863?ers=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ab4d1aa388891240d0f91575acc88c473acffcde98b4aa364ce154d266e3571

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rcyQM28BnbWNAKD7xpKczw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-rcyQM28BnbWNAKD7xpKczw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIBbi4dg08fhaNoEfV6Y2MgEAxFFYHw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
507 B 85ms
85ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=qpsttool.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=cXBzdHRvb2wuY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.27.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HJR2G539EWFJZRGRT8PESXW9
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 205571
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "6e595705039c465f05daea10b894cefb-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 84ad1dfba989bb32-FRA

GET
H2 200 AGSKWxUIyTNXPifyf4-hIuj7NaB77G52I2o0kefaRt_XLUuEk-1N1shq2pCgJ34OiSxlPdDRyOyj7DW55_VRKyVXPQRn5VnCoZopJEb13mt_dlGCKizYUbnuRJMELjapzuQ7phWzjb4vCw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIyTNXPifyf4-hIuj7NaB77G52I2o0kefaRt_XLUuEk-1N1shq2pCgJ34OiSxlPdDRyOyj7DW55_VRKyVXPQRn5VnCoZopJEb13mt_dlGCKizYUbnuRJMELjapzuQ7phWzjb4vCw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MTUwMDY2LDU4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9xcHN0dG9vbC5jb20vIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

515fe66edf6fd94c597528691ba4d7e837f01fb05d15532735227bf53b4693d6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Kh3K-_1e0kWExh5Enk45tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Kh3K-_1e0kWExh5Enk45tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KIhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIBbi4dg08fhaNoEPR5csZgIAvFJYLw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 37ms
13ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86036cbe1dd82dc84489e713501e2fb7e5e18d2f41b3668006f5657e3deb512a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2024 20:10:49 GMT
server: cloudflare
age: 28819
etag: W/"65b01d49-42c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 84ad1dfc6ff918d2-FRA
expires: Sun, 28 Jan 2024 02:34:26 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 28ms
7ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:33:15 GMT
content-encoding: gzip
age: 1069271
x-guploader-uploadid: ABPtcPpacjGVYdvmkZrr5Y-6TW8dDcnVYZkvbJ891nI3DNdtOYYrB6s9Edf7-0Ks_4Cc8-oyUL4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 11 Jan 2025 17:33:15 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 51ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 18 Jan 2024 07:12:05 GMT
server: nginx
etag: W/"65a8cf45-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Jan 2024 02:34:26 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 48ms
7ms Script
application/javascript 2600:9000:223c:7e00:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:7e00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:24:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: A6pAaiy0rzcghMfVGStjgfjyp1PjQYwGkHZTqidxvZcWPZFijWr_wg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 31ms
14ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39540
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230132-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp264BWQsLTXYrpIjcJzP0hDhWUSJWFUQb9E4ZmrXRFUWh26uvJq6U%2Bhv25%2FGTB7TcKgQYtUjXBOMm00neDlJX50MRa6OHFOcdQgR6%2BAKD2av%2F0i3y73oodb0qnVnwwu3QIHcD9OGLXkfsgR%2BdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84ad1dfc5fe79b8e-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 114 KB
29 KB 38ms
21ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: P0SZRWJEMT596H4H
age: 533
etag: W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84ad1dfc5f0e9b5b-FRA
x-amz-id-2: RORF20IXLdr6MKVZ6gGDqsw7FtjxeaKZU61L3w5T8KA1Ev4Ua4nrbPMzr1zVoIDwrbGXWcZF7AwcDD8FsCrr7A==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 49ms
20ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 511bb23edaf330bcb90b823bfc72feec
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 34ms
7ms Script
text/javascript 2600:9000:2250:b200:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b200:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Wed, 24 Jan 2024 06:52:39 GMT
Via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 70908
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 4x36yeo9e_Q_keSFttU0LqIoVg2P5vMbHaPMA8AkXrnYyEWlYfF30A==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 34ms
8ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:37:13 GMT
content-encoding: gzip
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 80858
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: zfNFyLqHA_SA989yT_JTTVj_fjtJ0tE9dgB2hunRlRSBB7OLIW0pTA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 911 B
507 B 41ms
40ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=409598389040112&correlator=633761507564646&eid=44809527%2C31079527%2C21065724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2C6060eabc-45a5-471b-b9e1-8b29900640f6&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Da7c8798637fdf158%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MYYAAal12j9Zj3nVAWbw2cfc0aLPw&gpic=UID%3D00000d496342213b%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MZwqHamjDcMiwMgpQGE4qYBGSnn-g&abxe=1&dt=1706150066592&lmt=1706147948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fqpsttool.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRie89_z0zFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBie89_z0zFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJ7z3_PTMUgAUgIIZBIZCgpwdWJjaWQub3JnGJ7z3_PTMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRie89_z0zFIAFICCGQSFwoIcnRiaG91c2UYnvPf89MxSABSAghkEhQKBW9wZW54GJ7z3_PTMUgAUgIIZBIZCgp1aWRhcGkuY29tGJ7z3_PTMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnvPf89MxSABSAghk&dlt=1706150066080&idt=416&prev_scp=ti%3Dc5ed1198-ab69-4d9f-9c7c-5a3be40a2797%26interstitials-bid%3D12%26bid-p%3Dgoogle%26bsc%3D95&adks=3557039684&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da4a4076c4fbfda464ddcc0ee411f9a0eb4c25f420d446157d726bc470da7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://qpsttool.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 507 B
281 B 39ms
38ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=409598389040112&correlator=3865737156244082&eid=44809527%2C31079527%2C21065724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2C1d58b248-125e-450d-b767-f8607f284087&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3Da7c8798637fdf158%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MYYAAal12j9Zj3nVAWbw2cfc0aLPw&gpic=UID%3D00000d496342213b%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MZwqHamjDcMiwMgpQGE4qYBGSnn-g&abxe=1&dt=1706150066596&lmt=1706147948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fqpsttool.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRie89_z0zFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBie89_z0zFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJ7z3_PTMUgAUgIIZBIZCgpwdWJjaWQub3JnGJ7z3_PTMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRie89_z0zFIAFICCGQSFwoIcnRiaG91c2UYnvPf89MxSABSAghkEhQKBW9wZW54GJ7z3_PTMUgAUgIIZBIZCgp1aWRhcGkuY29tGJ7z3_PTMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnvPf89MxSABSAghk&dlt=1706150066080&idt=416&prev_scp=ti%3Dc5ed1198-ab69-4d9f-9c7c-5a3be40a2797%26interstitials-bid%3D0.4%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D95&adks=3310516038&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6532c0a511ee92307dee58f127907db84165b3c5a9c13f5b9c1b318219e8b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://qpsttool.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8e8891a009513f7293e5c29dc763f80e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D0E3 6 KB
3 KB 65ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8e8891a009513f7293e5c29dc763f80e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 02:34:26 GMT
expires: Fri, 24 Jan 2025 02:34:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5292e19f60a4ef4b168fc470b7d5c6e0e6d7380d5bde9c0459c65a8efb1cba1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29640
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13944
x-xss-protection: 0
server: cafe
etag: 17367371506333809698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 23 Jan 2025 18:20:26 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 103ms
29ms XHR
application/json 52.48.9.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.9.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-9-219.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6e1b1fe6b495d3dd34c897c552a465958cc49ba3775b9a2ee25d2fbd48431548

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 02:34:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://qpsttool.com
cache-control: no-cache
x-server: 10.45.15.225
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 507 B
279 B 39ms
39ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=409598389040112&correlator=3779255084258634&eid=44809527%2C31079527%2C21065724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2Ca8a85a04-dbb3-4ac8-bb7d-aa8b9da0fd12&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3Da7c8798637fdf158%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MYYAAal12j9Zj3nVAWbw2cfc0aLPw&gpic=UID%3D00000d496342213b%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MZwqHamjDcMiwMgpQGE4qYBGSnn-g&abxe=1&dt=1706150066646&lmt=1706147948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fqpsttool.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRie89_z0zFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBie89_z0zFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJ7z3_PTMUgAUgIIZBIZCgpwdWJjaWQub3JnGMjz3_PTMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRie89_z0zFIAFICCGQSFwoIcnRiaG91c2UYnvPf89MxSABSAghkEhQKBW9wZW54GMbz3_PTMUgAUgIIbxIZCgp1aWRhcGkuY29tGJ7z3_PTMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnvPf89MxSABSAghk&dlt=1706150066080&idt=416&prev_scp=ti%3Dc5ed1198-ab69-4d9f-9c7c-5a3be40a2797%26interstitials-bid%3D0.1%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D95&adks=2340113382&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d2b0eca0630bb98f5ff7854aaaad4265e24980493fb4fd422921aba35b1d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://qpsttool.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
508 B 105ms
105ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=qpsttool.com_auto_interstitial_desktop&e=nai&dsReferer=cXBzdHRvb2wuY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.27.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HJR2G539EWFJZRGRT8PESXW9
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 205571
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "6e595705039c465f05daea10b894cefb-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 84ad1dfc9a19bb32-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
510 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=qpsttool.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=cXBzdHRvb2wuY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.27.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HJR2G539EWFJZRGRT8PESXW9
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 205571
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "6e595705039c465f05daea10b894cefb-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 84ad1dfc9a1cbb32-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 911 B
507 B 39ms
38ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=409598389040112&correlator=1431389726472258&eid=44809527%2C31079527%2C21065724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2C8a4e2c34-3eb1-412f-9c18-dd551d49e488&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Da7c8798637fdf158%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MYYAAal12j9Zj3nVAWbw2cfc0aLPw&gpic=UID%3D00000d496342213b%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MZwqHamjDcMiwMgpQGE4qYBGSnn-g&abxe=1&dt=1706150066653&lmt=1706147948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fqpsttool.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRie89_z0zFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBie89_z0zFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJ7z3_PTMUgAUgIIZBIZCgpwdWJjaWQub3JnGMjz3_PTMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRie89_z0zFIAFICCGQSFwoIcnRiaG91c2UYnvPf89MxSABSAghkEhQKBW9wZW54GMbz3_PTMUgAUgIIbxIZCgp1aWRhcGkuY29tGJ7z3_PTMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnvPf89MxSABSAghk&dlt=1706150066080&idt=416&prev_scp=ti%3Dc5ed1198-ab69-4d9f-9c7c-5a3be40a2797%26interstitials-bid%3D4%26bid-p%3Dgoogle%26bsc%3D95&adks=2633664200&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4b94a4622e856a7dea15083f64f97217885c2132139b4e0d6d818908b696e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 478
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://qpsttool.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 38ms
9ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://qpsttool.com
date: Thu, 25 Jan 2024 02:34:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 52ms
51ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b606f25e445025d00eba99e1ec87eefd08b71dded91cbd79dac16561def3ea0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12055
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 507 B
279 B 36ms
36ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=409598389040112&correlator=3243158588992166&eid=44809527%2C31079527%2C21065724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2C63ac2674-ab24-4ae5-92d3-a4b04918872d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3Da7c8798637fdf158%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MYYAAal12j9Zj3nVAWbw2cfc0aLPw&gpic=UID%3D00000d496342213b%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MZwqHamjDcMiwMgpQGE4qYBGSnn-g&abxe=1&dt=1706150066692&lmt=1706147948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fqpsttool.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjj89_z0zFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBie89_z0zFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJ7z3_PTMUgAUgIIZBIZCgpwdWJjaWQub3JnGMjz3_PTMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRie89_z0zFIAFICCGQSFwoIcnRiaG91c2UY4_Pf89MxSABSAghqEhQKBW9wZW54GMbz3_PTMUgAUgIIbxIZCgp1aWRhcGkuY29tGJ7z3_PTMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnvPf89MxSABSAghk&dlt=1706150066080&idt=416&prev_scp=ti%3Dc5ed1198-ab69-4d9f-9c7c-5a3be40a2797%26interstitials-bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D95&adks=3119054367&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9383fcbd23d34ebd6dd255f5172e989ae435b3c774733869cde4cd388238dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://qpsttool.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
508 B 88ms
88ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=qpsttool.com_auto_interstitial_desktop&e=nai&dsReferer=cXBzdHRvb2wuY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.27.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HJR2G539EWFJZRGRT8PESXW9
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 205571
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "6e595705039c465f05daea10b894cefb-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 84ad1dfcda3ebb32-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 85ms
85ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=qpsttool.com_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=cXBzdHRvb2wuY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.27.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HJR2G539EWFJZRGRT8PESXW9
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 205571
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "6e595705039c465f05daea10b894cefb-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 84ad1dfcda41bb32-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 911 B
509 B 40ms
39ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=409598389040112&correlator=2212453873066794&eid=44809527%2C31079527%2C21065724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2C439f7c30-87e0-4759-96e3-4fdf9cc8f0c6&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=12&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Da7c8798637fdf158%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MYYAAal12j9Zj3nVAWbw2cfc0aLPw&gpic=UID%3D00000d496342213b%3AT%3D1706150066%3ART%3D1706150066%3AS%3DALNI_MZwqHamjDcMiwMgpQGE4qYBGSnn-g&abxe=1&dt=1706150066696&lmt=1706147948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fqpsttool.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=137431109.1706150066&ga_sid=1706150066&ga_hid=383874668&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjj89_z0zFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBie89_z0zFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJ7z3_PTMUgAUgIIZBIZCgpwdWJjaWQub3JnGMjz3_PTMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRie89_z0zFIAFICCGQSFwoIcnRiaG91c2UY4_Pf89MxSABSAghqEhQKBW9wZW54GMbz3_PTMUgAUgIIbxIZCgp1aWRhcGkuY29tGJ7z3_PTMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YnvPf89MxSABSAghk&dlt=1706150066080&idt=416&prev_scp=ti%3Dc5ed1198-ab69-4d9f-9c7c-5a3be40a2797%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D95&adks=3956060351&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77934d0327c44b2e8a6d4cee6032bc1fbcbe7a5b13bfa2a9e3e7444b7c3a183f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 480
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://qpsttool.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2265ms
2244ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 02:34:28 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
507 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=qpsttool.com_auto_interstitial_desktop&e=nai&dsReferer=cXBzdHRvb2wuY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.27.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HJR2G539EWFJZRGRT8PESXW9
date: Thu, 25 Jan 2024 02:34:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 205571
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "6e595705039c465f05daea10b894cefb-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 84ad1dfd1a62bb32-FRA

GET
H3 200 AdServlet Show response
fundingchoicesmessages.google.com/f/AGSKWxU4WSO-K06hqpKzbxMJtPH8f_S41_E5tx9I7IED4GKF__XTxegs8hMX5DzevSaHJDiAf9ePy0tGJq-BFF1wlcHaCrnHtj6CpDG_C_eeRZDisW6-MAkfKe-vr_70lif2_TEPe9j7JfjJIfJIFh7k7rojmGJQ4... 54 B
110 B 22ms
22ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU4WSO-K06hqpKzbxMJtPH8f_S41_E5tx9I7IED4GKF__XTxegs8hMX5DzevSaHJDiAf9ePy0tGJq-BFF1wlcHaCrnHtj6CpDG_C_eeRZDisW6-MAkfKe-vr_70lif2_TEPe9j7JfjJIfJIFh7k7rojmGJQ4bDJYK1esnyPRrbcAuqEiQRViqXEOUve/_/totemcash1./AdServlet?/ads/preroll_/adcde.js_ads?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwYguaqMDE6-xBWX4yxN0KelhKGPw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e2c704f305186506b01e39ca3f364e0629266bef838fa495ef64a0ff58386ed

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_J2hfuraLu5LoWv99E3HCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_J2hfuraLu5LoWv99E3HCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIBbi5tg88fhaNoENq3cVAgBoaFe-"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 86 KB
30 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31172
x-xss-protection: 0
server: cafe
etag: 8274047967244442607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 02:49:37 GMT

POST
H3 204 AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 35ms
18ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lMjqSDfdnKgr2tpBxVnxlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-lMjqSDfdnKgr2tpBxVnxlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQBiIW6OzROPr2UT6NjQUwEAycUbcw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qpsttool.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 57ms
55ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xaPtvTCqmBjQbUcLslz3Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xaPtvTCqmBjQbUcLslz3Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmII0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQBiIR6OzROPr2UT2LDmaCcjAOcRG-Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qpsttool.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 45ms
45ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eC05rYfTZkDUivwBHxCcpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eC05rYfTZkDUivwBHxCcpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQBiIR6OzROPr2UT-LHyYAcjAOTRHBc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://qpsttool.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 53ms
53ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XRvVoJkNFlc8tU1K_Gb3Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XRvVoJkNFlc8tU1K_Gb3Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQBiIR6OzROPr2UT2LBsXw8jAOH-G8g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://qpsttool.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXDYTrkchzHsfhcg7JkJXibLqU2B5EiXtrI6cKMLBZDSZFTMj0Ja4UVd1v5ol9H7YJKA9D6uVm_dHMe2Lc8wq_ug2UbmAIa4QWO7IdHPbpEb-gCKuWig3ASP_4qBwB0EKigYXf9nA== Show response
fundingchoicesmessages.google.com/f/ 5 KB
2 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXDYTrkchzHsfhcg7JkJXibLqU2B5EiXtrI6cKMLBZDSZFTMj0Ja4UVd1v5ol9H7YJKA9D6uVm_dHMe2Lc8wq_ug2UbmAIa4QWO7IdHPbpEb-gCKuWig3ASP_4qBwB0EKigYXf9nA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MTUwMDY3LDI1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcXBzdHRvb2wuY29tLyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

191857c1177cde25497da29dd1a2ed5fd23b4e98951c9ee854b68d33df1d5380

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0qsdKNllQ_CwixPUuAL-gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0qsdKNllQ_CwixPUuAL-gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIBbi4dg88fhaNoEN8791MAIAuahX_g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 43ms
43ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C6pIeGtZ0xFYBMyks154tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-C6pIeGtZ0xFYBMyks154tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDi8tvnWOuBWIiHY_PE42vZBGasbpvPCADpEx_y"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://qpsttool.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWY1jMzLu0ZjDLQ6JYEkTHVcVw8qDWCF-3JvmBbSRMGML-A7XX9NJU5X4XCtl1vCfN3QQQ0bzpdgvqts9jynUyZ8fSOJ7WHEu9T0czERUk1XtUYyxIvEpbpYRkhfwI3WGevEC6XiA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWY1jMzLu0ZjDLQ6JYEkTHVcVw8qDWCF-3JvmBbSRMGML-A7XX9NJU5X4XCtl1vCfN3QQQ0bzpdgvqts9jynUyZ8fSOJ7WHEu9T0czERUk1XtUYyxIvEpbpYRkhfwI3WGevEC6XiA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MTUwMDY3LDI5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcXBzdHRvb2wuY29tLyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e945915ce63d151ac3c29e1203f9958d8645c54852f65958462cdce7d8061f9b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_XLSPgJPAa5zi7aTaw_ENQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_XLSPgJPAa5zi7aTaw_ENQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KEhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJp6vL5kkgFgDiN9JvmL6BsQ7fDxY3oRPZ-WKmM56umA662UgZquYzsoHxHF101nzgJhv3XRW3fXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglGsgGYqf0GaxBQPw5cwbrbyAW4uHYPPH4WjaBDdPnzGQEAOFwXME"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUZO07sQSSP6vwLeKIRt2jAkBUC8vXoWEMqTEB33M8vLKir5yqJOQ6PTzUP2pPXmQuPD2owRHwFSHBvC0HUuZIkhhpgwrCUiKCcZpGaufcRZRkks3LnVz6b0xxNdQWBxD6-vu4pEA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUZO07sQSSP6vwLeKIRt2jAkBUC8vXoWEMqTEB33M8vLKir5yqJOQ6PTzUP2pPXmQuPD2owRHwFSHBvC0HUuZIkhhpgwrCUiKCcZpGaufcRZRkks3LnVz6b0xxNdQWBxD6-vu4pEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MTUwMDY3LDMzMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9xcHN0dG9vbC5jb20vIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2875fc6311a4bfe5baf2e21f29412020f42877807114f9c2e3be1a9230ce94e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BLTJVY2aCWQUXMLhfarnYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-BLTJVY2aCWQUXMLhfarnYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIBbi4dg88fhaNoGGvVtXMQIAwllX2Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVEFcbRlX9xzVaqMAUMhWZxHTaPXvhq85EdNvXHkIZGD0NAItYfNnso4jnC7LwxQzcHlbR5-3aa5sqO40u3UaANZMNun0C9Wx7LTbiE3N11-ffMcRxkRqpOrWnbLuBr-uqPkj5aNw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 19ms
19ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVEFcbRlX9xzVaqMAUMhWZxHTaPXvhq85EdNvXHkIZGD0NAItYfNnso4jnC7LwxQzcHlbR5-3aa5sqO40u3UaANZMNun0C9Wx7LTbiE3N11-ffMcRxkRqpOrWnbLuBr-uqPkj5aNw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IIxOWok7823Yn9RU408mIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IIxOWok7823Yn9RU408mIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQBiIR6OzROPr2UT2HH7xRZGAOTgHFs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://qpsttool.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
54ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIs1MHfY-pZQGQgM-MCHoBKg6UJfEKb254n4GTFKhWdTAEbqdbQYC78TgNFmZbxlPXmBwhb2Bd_WzFCL8-1-eZGqbjCJkWRIpuhMhJyES4Gx6zkjzw0YQvaxvMwG6cmATNfpY3Ew==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-e_b_ty97ErPX2kxSqM_Ziw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 02:34:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-e_b_ty97ErPX2kxSqM_Ziw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWIiHY_PE42vZBD58vH-UEQDtEiEN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://qpsttool.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F4C 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qpsttool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28601
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 18:37:48 GMT
expires: Thu, 23 Jan 2025 18:37:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3DC8 829 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4752c75441a6df9ce30ecd0b60d31b13e0300081194ef133bf1ff64bd80e836e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E6H_Is-Ujml1ewlofBSYxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qpsttool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-E6H_Is-Ujml1ewlofBSYxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 02:34:29 GMT
expires: Thu, 25 Jan 2024 02:34:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F4C 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:30:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3DC8 0
0 37ms
37ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=409598389040112&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4F4C 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xBpHVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:34:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=409598389040112&bg=!29il2JfNAAa8BdJLnAU7ADQBe5WfOGUV-V9MPGUd5GdLMHGGn5aolh9F790uQIOzqUAVgFe3GZYujZDbzowy_W60v0wPAgAAAClSAAAAAWgBB5kCvjeM5n7IuaWeEvXRwMVpLLB0iOsQwincLrD3_JjSF1h6rvHnM_Ly8mel-joX7_K8oq02KcEIp5GbQjUEqy5uDiEtpsTWANTK5caVjpf4bEgG6RB1VB_YZjYuBc7OsSwv9XruUQOZ7ZcXDIGwqCz5gZmQhinfyKVJB_vmAcG9qZnqAdxU9xawzLehry-Ju9Y_iHiwVSTd3W72a729dgC0gM0rKS5HqUUzHON5ZxuWUQgqgCKa1yjtvE0nEcUtIiNCQFq72N_hpAGeGNMToRfcOOs1-QlvMCUTOBD5K9v11oJbqj-3msE8b_ScvmvzEXqjb6ae0BJ4RPxQHfZV-gPw4QWIoEsCvGudWlAo4LLqv0BZLvJNg35weF-1ywRUrhyG3G9kPB53GBjBIjlCfzNFgQOocPpxK9phMVTikZ_0NP6-PcuTyOrIO3hsKae_0W-JwPhcwR1vvS5Djy30UIlAT2P_-EtAqpOOXjzm-KFVM-QVEc7Iyz9svIQaG30TTw-N-wOiuXoebollHF1vXEAi-dfXuTGaRq_JJxc9LF6voSmCdeMb0qGaRREMbXLLGcbCVk0NVEkzgHoL8dyWtWWooM7ZhPGRFOnA8tqa4wb03Mcmjxg4oIM38-Uqtda26PUy6yfYU_I02OZLJ_NrPx34LenwZFNTsBCjDcVsKnbFFb0aQgIoxj8MaPSUmKF4wObfQVtGUl-adOpz--Eb_0bUc3tV2XWbjvmED5MSvNSIMp7Iq05UlbInuA0t0l_BvZoEioVjl2BTpyGIrRcawYEz8m3gB85oMLCurNpSFoU5R4HPqCg0lTsYmGJwnXstXDbNDXeGExuSuujWbq64nxPdDuz7_NCUdETdEcP1Dg8s9OCzDvhL1xu0UUd-VCU1ow3RyTjjaUXPGqqxvrXIOvl_w1AOu7f6WHA2zfi8im5fLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qpsttool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demand.supply/	1970-01-20 17:55:51	Name: __cf_bm Value: YMH7.nVIcuob.rMxOfDqxhctFcvshqqniE6thTr3yjA-1706150066-1-AW+k1br1JGqY97axEX8c+4bVCOtKjw2ARl26YqUifGAVyrQwNQstO+f0Oxq97hyexeoL9VwkiZUU/bulMpF4GcM=
.qpsttool.com/	1970-01-21 03:17:26	Name: __gads Value: ID=a7c8798637fdf158:T=1706150066:RT=1706150066:S=ALNI_MYYAAal12j9Zj3nVAWbw2cfc0aLPw
.qpsttool.com/	1970-01-21 03:17:26	Name: __gpi Value: UID=00000d496342213b:T=1706150066:RT=1706150066:S=ALNI_MZwqHamjDcMiwMgpQGE4qYBGSnn-g
.doubleclick.net/	1970-01-21 03:31:50	Name: IDE Value: AHWqTUltwe-60fkdIwo7mUo_gd0W--lSf_mWZ_EA11Ce6P2C-dTa65fhkCKxSOuD-Gs
.qpsttool.com/	1970-01-21 02:41:26	Name: FCNEC Value: %5B%5B%22AKsRol9qjal3IdggEFph_IHjIgSkO_WzfiU8vgec8tv1S7DnsjePuk1xfSL8TrjwlOAQVdXrPBrzgk1o_xfLduBB9AD-Vx9E62jGPFQ3SYuh19LlbrdNm_58jPGxYIiBx1Y7fOzmta2p8kpPKh1foi9-bTMoWjJQng%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8e8891a009513f7293e5c29dc763f80e.safeframe.googlesyndication.com
bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
connectid.analytics.yahoo.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
id5-sync.com
invstatic101.creativecdn.com
live.demand.supply
oa.openxcdn.net
pagead2.googlesyndication.com
qpsttool.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
104.18.35.167
162.19.138.120
2600:9000:223c:7e00:10:dd8:5e40:93a1
2600:9000:2250:b200:a:e047:753:eb41
2606:4700:10::ac43:266a
2606:4700:3037::6815:172e
2606:4700::6810:5814
2606:4700::6810:8516
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:2638:3::3
34.102.146.192
34.96.70.87
52.48.9.219
65.9.66.97
0ca95600fd9b3a128870aafa094c86ca2254e332e9ed46911fd96f5507b00c33
0cee2fb4b82f2020a1494bb897b190cc98b1024015703d7f3f198b5fc2a73458
1552ef755c312307d258a9eafc53580007cfa29f12008dae969c97691b108244
191857c1177cde25497da29dd1a2ed5fd23b4e98951c9ee854b68d33df1d5380
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2875fc6311a4bfe5baf2e21f29412020f42877807114f9c2e3be1a9230ce94e7
2dab1ca6a68305280b71ca27cc66e20ece96840b0198ec20dfabbb1fdd2f29ff
4602c89de5176e8761a82157e6077bef8382dbbe928b3add803e7c9882302b48
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4752c75441a6df9ce30ecd0b60d31b13e0300081194ef133bf1ff64bd80e836e
4b5bea0111f2e20bfe02fdb6486928e62988412f728d83779da9d46c431ed093
4e2c704f305186506b01e39ca3f364e0629266bef838fa495ef64a0ff58386ed
515fe66edf6fd94c597528691ba4d7e837f01fb05d15532735227bf53b4693d6
5292e19f60a4ef4b168fc470b7d5c6e0e6d7380d5bde9c0459c65a8efb1cba1f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ce0bea2795e249fb272b7c71835671259080b5d992c10f247748d4f92aac3f2
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ab4d1aa388891240d0f91575acc88c473acffcde98b4aa364ce154d266e3571
6e1b1fe6b495d3dd34c897c552a465958cc49ba3775b9a2ee25d2fbd48431548
6efaa4f18d61477ea20139c5dfb9c4c1c22f62064e73dcd3f3341d27157e1eed
6f0b86b9f440dc1b10bc8e95f02d2ebc04da5b70e1d2a3a1daffdcb513d3e95c
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
77934d0327c44b2e8a6d4cee6032bc1fbcbe7a5b13bfa2a9e3e7444b7c3a183f
789d85db52c70c1951fef6c01ad22484a89218c296be4165ec3c6e7b695c4368
7f41a418bbee31ff8cfd5a54f2ac45b1eff85a7505ea6e7b4560fe036382d0f2
83ed95482d7f3126b555efe2a06c4812af9f6df7d7ac26a809e8b4aecffa78d1
8488f7da598d882af71a52169ca5fe5c02f1ab14138aaeb491aafd7bc45d955c
86036cbe1dd82dc84489e713501e2fb7e5e18d2f41b3668006f5657e3deb512a
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
92a24ee0228fd13e12a27c8ab135adfbd10455cfb7266b0c9fc7dd927f95256a
930315ff7368cd1caf81aca64f7360541e1c9c42cb52640a51df9021ada8859e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ceae856f5d73d2d932caf2fc147f1b2ce5ebb54904fcd2c25277c7ea6564af3
a38468a3268cd388df8e30858a3ceb7e27f5c4eda8842489af8ad42a5913dac8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
ab7d0c5dbd6de526bb52406acb611a41b65b4ecfced1bf324b1147921e0c0f81
aced0e0192b9b9999cd3723aec3a19f57408f443f23b9d5c8f9bdde4b0c07df2
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b606f25e445025d00eba99e1ec87eefd08b71dded91cbd79dac16561def3ea0a
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b9383fcbd23d34ebd6dd255f5172e989ae435b3c774733869cde4cd388238dac
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c6532c0a511ee92307dee58f127907db84165b3c5a9c13f5b9c1b318219e8b26
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a
ca7a49f9028a043e1e9535b2e143aa45a64b2caff0fb0c60bc23949af507c7a0
d1d2b0eca0630bb98f5ff7854aaaad4265e24980493fb4fd422921aba35b1d6b
d6514e4599e15a994cc1bf1fa725794e2f3dd6483997c4d951e196c253065eb8
d740a237d1442edd847ab1775b9352ba43f9c2d9786c6c1de5532e374e5e70cd
d814392db9f4891df78c71444f026db3b98d106a9ae6a9f291272cf249bc555d
da4a4076c4fbfda464ddcc0ee411f9a0eb4c25f420d446157d726bc470da7f79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e4115c0ed710853dce309201ae3ded103895d4f1e40e28f24ae01c9a5b9750
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e945915ce63d151ac3c29e1203f9958d8645c54852f65958462cdce7d8061f9b
f4b94a4622e856a7dea15083f64f97217885c2132139b4e0d6d818908b696e65
f541fabdf9f39c5c12b19d921fee8d0994dacca4fd0c3ac12cbd01e87e404843
fb49b9787462d8de95d5aa8826c27fb4a6c344bff1916a95b69906d480dcefcb

qpsttool.com Open in urlscan Pro 2606:4700:3037::6815:172e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

70 %IPv6

14 Domains

20 Subdomains

21 IPs

5 Countries

766 kBTransfer

2192 kBSize

5 Cookies

4 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qpsttool.com Open in urlscan Pro
2606:4700:3037::6815:172e Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

70 %
IPv6

14
Domains

20
Subdomains

21
IPs

5
Countries

766 kB
Transfer

2192 kB
Size

5
Cookies

64 HTTP transactions
14 data transactions