urlscan.io logo urlscan.io
SecurityTrails logo

wpf.qal3a.online Open in urlscan Pro
2a00:1450:4001:811::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Submission: On January 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 36 HTTP transactions. The main IP is 2a00:1450:4001:811::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is wpf.qal3a.online.
TLS certificate: Issued by WR3 on December 8th 2024. Valid for: 3 months.
This is the only time wpf.qal3a.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
11 216.58.206.66 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 172.66.44.220 13335 (CLOUDFLAR...)
2 9 199.232.196.193 54113 (FASTLY)
3 157.240.0.35 32934 (FACEBOOK)
2 172.217.16.195 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
36 10
2    2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
wpf.qal3a.online
11    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
pagead2.googlesyndication.com
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
3    172.66.44.220 (United States)

ASN13335 (CLOUDFLARENET, US)
od-jsc.pages.dev
9    199.232.196.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
3    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
2    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
fonts.gstatic.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
ep1.adtrafficquality.google
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
256 KB
9 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8961
4 MB
4 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10221
207 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
3 KB
3 pages.dev
od-jsc.pages.dev
37 KB
2 gstatic.com
fonts.gstatic.com
48 KB
2 qal3a.online
wpf.qal3a.online
16 KB
36 8
Domain Requested by
11 pagead2.googlesyndication.com wpf.qal3a.online
pagead2.googlesyndication.com
9 i.imgur.com 2 redirects wpf.qal3a.online
4 blogger.googleusercontent.com wpf.qal3a.online
3 www.facebook.com wpf.qal3a.online
3 od-jsc.pages.dev client
wpf.qal3a.online
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 fonts.gstatic.com od-jsc.pages.dev
2 wpf.qal3a.online wpf.qal3a.online
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
36 9

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
Subject Issuer Validity Valid
wpf.qal3a.online
WR3		 2024-12-08 -
2025-03-08		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
od-jsc.pages.dev
WE1		 2024-12-04 -
2025-03-04		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-19 -
2025-01-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
adtrafficquality.google
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Frame ID: F880EB03BE3D09769C8696F0DB499339
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20250108/r20190131/zrt_lookup_fy2021.html
Frame ID: FE9048EA9388E25DAEB237B8166ED861
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-2457458440571846&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1736489668&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwpf.qal3a.online%2F2024%2F09%2Fblog-post.html%3Fm%3D1wpf.qal3a.online&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736503529788&bpp=2&bdt=182&idt=168&shv=r20250108&mjsv=m202501080101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=293750966905&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331832%2C95332587%2C95349405%2C95350243%2C31089666&oid=2&pvsid=2261070291360666&tmod=1424179068&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=180
Frame ID: 71D411C43F6466DBA5C5E5F247833340
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-2457458440571846&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.3911002853~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1736489668&rafmt=1&to=qs&pwprc=5555275673&format=1200x280&url=https%3A%2F%2Fwpf.qal3a.online%2F2024%2F09%2Fblog-post.html%3Fm%3D1wpf.qal3a.online&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736503531112&bpp=1&bdt=1506&idt=-M&shv=r20250108&mjsv=m202501080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=293750966905&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331832%2C95332587%2C95349405%2C95350243%2C31089666&oid=2&pvsid=2261070291360666&tmod=1424179068&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Frame ID: 3C50A4CCF899A150D39CB16BEA6C7EFE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-2457458440571846&output=html&h=280&adk=3088186576&adf=2973209031&pi=t.aa~a.3299938725~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1736489668&rafmt=1&to=qs&pwprc=5555275673&format=1200x280&url=https%3A%2F%2Fwpf.qal3a.online%2F2024%2F09%2Fblog-post.html%3Fm%3D1wpf.qal3a.online&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736503531112&bpp=1&bdt=1505&idt=0&shv=r20250108&mjsv=m202501080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=293750966905&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331832%2C95332587%2C95349405%2C95350243%2C31089666&oid=2&pvsid=2261070291360666&tmod=1424179068&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Frame ID: 61DCC3465A8CAFED4037E222D849A1DF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-2457458440571846&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1736489668&rafmt=1&to=qs&pwprc=5555275673&format=1200x280&url=https%3A%2F%2Fwpf.qal3a.online%2F2024%2F09%2Fblog-post.html%3Fm%3D1wpf.qal3a.online&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736503531112&bpp=1&bdt=1505&idt=0&shv=r20250108&mjsv=m202501080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=293750966905&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3003&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331832%2C95332587%2C95349405%2C95350243%2C31089666&oid=2&pvsid=2261070291360666&tmod=1424179068&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=7
Frame ID: 0C0050D3A26F04568BF4C45EDCC725FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20250108/r20190131/zrt_lookup_fy2021.html
Frame ID: A6A33823B536FD7EBE26341ED85D9861
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: B04439E902211C66DD3BD22EC1F2CE83
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

برنامج الأغذية العالمي (WPF)

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

92 %
HTTPS

33 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

4432 kB
Transfer

5230 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://i.imgur.com/dik62Au.jpg HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 11
  • https://i.imgur.com/hDBSzIL.jpg HTTP 302
  • https://i.imgur.com/removed.png

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request blog-post.html
wpf.qal3a.online/2024/09/ 		53 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e68b53b682a87864a7f8f59bc2b778c0b71e28768528f24c854ac27f0c5e1334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
13741
content-type
text/html; charset=UTF-8
date
Fri, 10 Jan 2025 10:05:29 GMT
etag
W/"fd7b5b6d56714ecca79e39edb546edda43c9242a6b619ef81d67612326795f34"
expires
Fri, 10 Jan 2025 10:05:29 GMT
last-modified
Fri, 10 Jan 2025 06:14:28 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2457458440571846
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
df031b46047af8dcaf5736eed49cbf83d04899e1994156a7e649299ceb36802c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://wpf.qal3a.online
Referer
https://wpf.qal3a.online/

Response headers

content-encoding
br
etag
15397820050097469735
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 10:05:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53762
x-xss-protection
0
server
cafe
img_1716506430580.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvU_VtsfMmR6a5_dNihGM9dhyphenhyphen_TAU99odQNzGSHopfDLpqZ7XMWDfKO_1cpTYU_Q3RSRAx_5n3rs2KhYywsFFX91d5scpWfD8lwlqZHllgh_7_GSL6cZeAX_FWfdX6MuWeHT_qWy... 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvU_VtsfMmR6a5_dNihGM9dhyphenhyphen_TAU99odQNzGSHopfDLpqZ7XMWDfKO_1cpTYU_Q3RSRAx_5n3rs2KhYywsFFX91d5scpWfD8lwlqZHllgh_7_GSL6cZeAX_FWfdX6MuWeHT_qWy-jJ4_uUGzUKaoS6AhQJgg3T9AmbEY3yEBAfmS7y5ZMnJ-4pdI74kQG/s1080/img_1716506430580.png
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8163c139f394d10a920245789492fd2cc36aeac9e1c1b0690ff10fa3ea0ee148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vb0"
x-content-type-options
nosniff
expires
Sat, 11 Jan 2025 10:05:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174549
date
Fri, 10 Jan 2025 10:05:29 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="img_1716506430580.png"
css2.css
od-jsc.pages.dev/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://od-jsc.pages.dev/css2.css?family=Poppins:wght@500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

content-encoding
br
etag
W/"ea2f2b6f152177bb4346aa8b89e3c5d9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jehlbq1H%2BYE9FAXweZGTl9N%2BLFtQM%2BgPKmF0KfUFdOSiXd%2FlaOQkpSRaneaVcNUDRZeis9FaFR03n6UJSCBugHC9SAyRAjXGolHBFco3q6Vk0wU3%2B%2F3kf%2Fp%2FpxLA6c4fATVT"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6001&min_rtt=5930&rtt_var=1302&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4700&delivery_rate=96505&cwnd=12000&unsent_bytes=0&cid=645295d9bd98368f&ts=28&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ffbd95448afd26d-FRA
access-control-allow-origin
*
server
cloudflare
droidarabicnaskh.css
od-jsc.pages.dev/ 		1 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://od-jsc.pages.dev/droidarabicnaskh.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

content-encoding
br
etag
W/"4c47ee2aa08d75c53fbb400d0a2bd286"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0KTHNEBqguXCPsqbEPY07ybPlpM7eOBbGRmhHzcIN0W9NjeF03rPjgXWSFsQVooBB4Tja5WFkz0Jdc%2F2kW6ZctaNEX12b9S%2BEppLeP72HkElE9WpBSnlc2OsThWvWDYhBi9"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6001&min_rtt=5930&rtt_var=1302&sent=14&recv=10&lost=0&retrans=0&sent_bytes=5389&recv_bytes=4700&delivery_rate=96505&cwnd=12000&unsent_bytes=0&cid=645295d9bd98368f&ts=29&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ffbd95448b0d26d-FRA
access-control-allow-origin
*
server
cloudflare
umdRtdF.gif
i.imgur.com/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/umdRtdF.gif
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
983163f971593bcd09b71971f8cee6905a2bb8bfc104c68e1c8dacf69b308b08
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

etag
"7a05593d9b060d27822658a98327b755"
age
2626296
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
5oEywluwBaXSbcqQ-EGK9vyP9kOcu-hI63UoPamDqRqg4rcjokbUmg==
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
image/gif
last-modified
Tue, 18 Jul 2023 19:34:49 GMT
x-cache-hits
12, 1
x-served-by
cache-iad-kjyo7100054-IAD, cache-fra-eddf8230169-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1736503530.668203,VS0,VE8
accept-ranges
bytes
access-control-allow-origin
*
content-length
3697349
x-amz-cf-pop
IAD89-C1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
/
www.facebook.com/reaction/image/1635855486666999/ 		815 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/1635855486666999/?size=20&scale=1
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
39d8ba5c57b637434d21319acfa9fe2029cc88839cab8a4767b8854c60339921
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Mon, 13 Jan 2025 00:54:52 +0000
date
Mon, 30 Dec 2024 00:54:53 GMT
content-type
image/png
x-fb-debug
N8Op41cNPotVzEA2DQGBAVhX+kFiGCaPlATjguH8fv357u5biGunun4/z9TsNDcXfvqJ89Q6eVmy6BwWhlYzIQ==
priority
u=2,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
815
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/reaction/image/1678524932434102/ 		816 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/1678524932434102/?size=20&scale=1
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
81d62c74016d8779cb91019934882095ad606798f3f32327fa4dadf9d023a4d5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 07:05:11 +0000
date
Sun, 29 Dec 2024 07:05:11 GMT
content-type
image/png
x-fb-debug
bZhCzAj2UjZHtjBmTFiY8CT9eifbq4Vt63KGiH72NlkOiKzNXMfhR+4AltJ75Lwma2kZm50UA3ToV5tbEgwOOw==
priority
u=2,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
816
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/reaction/image/613557422527858/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/613557422527858/?size=20&scale=1
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
7b7cc49ed4945a43ca361ca9e327cd907f5520cec87858b820e02a6db6d55779
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Tue, 14 Jan 2025 03:08:28 +0000
date
Tue, 31 Dec 2024 03:08:29 GMT
content-type
image/png
x-fb-debug
WkbidB++0HGSwckIKKNaSwv7bt0aDkea2r92/kSAeUbivNpCsqneb+RCNrryyYXhzYS7Ii2v2Ya8fih8Tcazfw==
priority
u=2,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
1179
x-xss-protection
0
origin-agent-cluster
?1
g4G5Sz2.jpeg
i.imgur.com/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/g4G5Sz2.jpeg
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e262f9cf00a1e067dde773a8983ca37650a3d608fd429cddc620b18ecd06e321
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

etag
"2265c45c5849a701de7f63246a0d7060"
age
2089785
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
jJUlFoIOg-3vXVjtLTWcXWqijfNK0LN_VhaYN9QvXjTgOIY5gmgvBg==
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
image/jpeg
last-modified
Fri, 23 Feb 2024 00:37:47 GMT
x-cache-hits
7, 1
x-served-by
cache-iad-kjyo7100172-IAD, cache-fra-eddf8230169-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1736503530.668140,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
content-length
29466
x-amz-cf-pop
PHL51-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
2Z343cB.jpeg
i.imgur.com/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/2Z343cB.jpeg
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
6ae105772fd284edf68de7fa2853104045f08850327d5e0c0637ff4a4151b356
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

etag
"621c38f3d1f9722327cc83114740c824"
age
847522
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
vfThfXW_SDia5OKtMapZ7DZZtjfkULI34emPgaazSAG2L037SrEyjg==
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
image/jpeg
last-modified
Fri, 23 Feb 2024 00:39:25 GMT
x-cache-hits
7, 1
x-served-by
cache-iad-kiad7000110-IAD, cache-fra-eddf8230169-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1736503530.667658,VS0,VE4
accept-ranges
bytes
access-control-allow-origin
*
content-length
63098
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/dik62Au.jpg
  • https://i.imgur.com/removed.png
503 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

etag
"d835884373f4d6c8f24742ceabe74946"
age
3789979
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Fri, 10 Jan 2025 10:05:29 GMT
last-modified
Wed, 14 May 2014 05:44:36 GMT
content-type
image/png
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230169-FRA
x-cache-hits
23848, 219821
cache-control
public, max-age=31536000
x-timer
S1736503530.693235,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
503
server
cat factory 1.0

Redirect headers

strict-transport-security
max-age=300
retry-after
0
location
https://i.imgur.com/removed.png
x-timer
S1736503530.668092,VS0,VE2
age
128
access-control-allow-methods
GET, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
0
date
Fri, 10 Jan 2025 10:05:29 GMT
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-eddf8230169-FRA
x-cache-hits
0, 1
server
cat factory 1.0
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/hDBSzIL.jpg
  • https://i.imgur.com/removed.png
503 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

etag
"d835884373f4d6c8f24742ceabe74946"
age
3789979
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Fri, 10 Jan 2025 10:05:29 GMT
last-modified
Wed, 14 May 2014 05:44:36 GMT
content-type
image/png
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230169-FRA
x-cache-hits
23848, 219821
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1736503530.693235,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
503
server
cat factory 1.0

Redirect headers

strict-transport-security
max-age=300
retry-after
0
location
https://i.imgur.com/removed.png
x-timer
S1736503530.667552,VS0,VE3
age
128
access-control-allow-methods
GET, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
0
date
Fri, 10 Jan 2025 10:05:29 GMT
x-served-by
cache-iad-kiad7000128-IAD, cache-fra-eddf8230169-FRA
x-cache-hits
0, 1
server
cat factory 1.0
Gk1iXHp.jpeg
i.imgur.com/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Gk1iXHp.jpeg
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
37be356d7131cbadfb089eb648cb3c1bd828b7a304e7d2563065e054b26a565a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

etag
"f03522658088c24758933bbd48a2bbe4"
age
2068693
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
yklN0zWaurLJw1w2s0-_pv-C71rIKpMaMtqi_fZEhuP3HMHoaOzxZw==
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
image/jpeg
last-modified
Fri, 23 Feb 2024 00:38:33 GMT
x-cache-hits
2081, 1
x-served-by
cache-iad-kjyo7100064-IAD, cache-fra-eddf8230169-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1736503530.667533,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
28734
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
WX71CLj.jpeg
i.imgur.com/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/WX71CLj.jpeg
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8190eebd2e6b09698957abd28747eb1debddf8afcd2f40e69c31d25f07a02a7d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

etag
"971e373299f5be7559d78446d30faca2"
age
1473689
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
Z2ubc7lzxwHzBcYQrDfgjSZq3EzSVM62sqfjYYy7amFB4pGgq0yIEA==
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
image/jpeg
last-modified
Fri, 23 Feb 2024 00:40:14 GMT
x-cache-hits
7, 1
x-served-by
cache-iad-kiad7000053-IAD, cache-fra-eddf8230169-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1736503530.667533,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
content-length
115356
x-amz-cf-pop
MIA3-C5
server
cat factory 1.0
x-amz-server-side-encryption
AES256
3.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiF7e5qCDQ2MhWyKaPPGw_zplGhx6hwkrVdA39B7XvJxDI9BLlghoTnwy7RmNlxI4qTHXPnKc611Hrw02csi5bpENKHxy3fg6DyX8VW0Z2sp9MEM0UGHvSrS3us-ywNjgZ67RgIDIs42UaSD-Dm... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiF7e5qCDQ2MhWyKaPPGw_zplGhx6hwkrVdA39B7XvJxDI9BLlghoTnwy7RmNlxI4qTHXPnKc611Hrw02csi5bpENKHxy3fg6DyX8VW0Z2sp9MEM0UGHvSrS3us-ywNjgZ67RgIDIs42UaSD-DmEo58xytYF9hBU3iQ5vbK_sN0nHv7eeqeG36NMFQz11c/s1600/3.jpg
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ec73cf4d42170b4a8d173b35f0f1b9e2c73a5959fd4c905d0836a6a0612dcd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v51"
x-content-type-options
nosniff
expires
Sat, 11 Jan 2025 10:05:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10315
date
Fri, 10 Jan 2025 10:05:29 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="3.jpg"
AVvXsEjT4eUm-2rj5zOJp4t0qinB8klLc9O3IS3esNRuAwjiDn0d6WYvAiXm_uupgYOx__4zXv-Eb-_naXSEGQOL2cFWX2spboihLYvschTuM4yjp39XahK3OM4cQpooFPVt=s0-d
blogger.googleusercontent.com/img/proxy/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/proxy/AVvXsEjT4eUm-2rj5zOJp4t0qinB8klLc9O3IS3esNRuAwjiDn0d6WYvAiXm_uupgYOx__4zXv-Eb-_naXSEGQOL2cFWX2spboihLYvschTuM4yjp39XahK3OM4cQpooFPVt=s0-d
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
50ff52e0b7c92330ec9b5cb0b1431540aadbbb22f02829d0411a28faa4d5db61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
x-content-type-options
nosniff
expires
Sat, 11 Jan 2025 10:05:29 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26293
date
Fri, 10 Jan 2025 10:05:29 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
attachment;filename="unnamed.jpg"
jquery-latest.min.js
od-jsc.pages.dev/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://od-jsc.pages.dev/jquery-latest.min.js
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

content-encoding
br
etag
W/"5e50651694cfe452faefafe2bf2e7b3a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDP5p6L7vv3T%2Bw%2B9ZQJyJ7s6nONyPD3Lv71TwxOgFdiJelFpEQ%2FryH7Stx%2F6ipjpQ%2B0WbJDsaxpFERLYJR5KquPQoq3203nZZ62kYW%2BiGdIILgbyZHTEvnkN1gKEk4TzSVG4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6222&min_rtt=5930&rtt_var=927&sent=17&recv=13&lost=0&retrans=0&sent_bytes=6447&recv_bytes=5088&delivery_rate=142596&cwnd=12000&unsent_bytes=0&cid=645295d9bd98368f&ts=56&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ffbd95468ffd26d-FRA
access-control-allow-origin
*
server
cloudflare
cookienotice.js
wpf.qal3a.online/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpf.qal3a.online/js/cookienotice.js
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online

Response headers

cache-control
public, max-age=604800
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Fri, 17 Jan 2025 10:05:29 GMT
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
2026
date
Fri, 10 Jan 2025 10:05:29 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
last-modified
Fri, 10 Jan 2025 08:55:38 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: od-jsc.pages.dev
URL: https://od-jsc.pages.dev/css2.css?family=Poppins:wght@500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://wpf.qal3a.online
Referer
https://od-jsc.pages.dev/

Response headers

age
263579
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 08:52:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 08:52:30 GMT
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
DroidNaskh-Bold.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2
Requested by
Host: od-jsc.pages.dev
URL: https://od-jsc.pages.dev/droidarabicnaskh.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://wpf.qal3a.online
Referer
https://od-jsc.pages.dev/

Response headers

content-encoding
gzip
age
80118
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 11:50:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 11:50:11 GMT
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
41271
x-xss-protection
0
server
sffe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/ 		433 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2457458440571846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
48ebb4c107f14853d6b50020ea58ae20c9505218579815315fc7a75c32022f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

content-encoding
br
etag
13370837242474728526
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 10:05:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 10 Jan 2025 10:05:29 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147651
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20250108/r20190131/ Frame FE90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20250108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wpf.qal3a.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
5972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4144
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 08:25:58 GMT
etag
7793694970870604198
expires
Fri, 24 Jan 2025 08:25:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: wpf.qal3a.online
URL: https://wpf.qal3a.online/2024/09/blog-post.html?m=1wpf.qal3a.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 10 Jan 2025 10:05:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
pagead2.googlesyndication.com/pagead/ Frame 71D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-2457458440571846&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1736489668&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwpf.qal3a.online%2F2024%2F09%2Fblog-post.html%3Fm%3D1wpf.qal3a.online&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736503529788&bpp=2&bdt=182&idt=168&shv=r20250108&mjsv=m202501080101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=293750966905&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331832%2C95332587%2C95349405%2C95350243%2C31089666&oid=2&pvsid=2261070291360666&tmod=1424179068&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wpf.qal3a.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
17654
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 10:05:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/ 		178 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/reactive_library_fy2021.js?bust=31089666
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1e86042e2e65122b87e6ec354f6d5d007b213b7600a91ea745b4fdba0638f74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

content-encoding
br
etag
13862788700413644240
age
27
x-content-type-options
nosniff
expires
Fri, 24 Jan 2025 10:05:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 10 Jan 2025 10:05:04 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60811
x-xss-protection
0
server
cafe
ads
pagead2.googlesyndication.com/pagead/ Frame 3C50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-2457458440571846&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.3911002853~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1736489668&rafmt=1&to=qs&pwprc=5555275673&format=1200x280&url=https%3A%2F%2Fwpf.qal3a.online%2F2024%2F09%2Fblog-post.html%3Fm%3D1wpf.qal3a.online&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736503531112&bpp=1&bdt=1506&idt=-M&shv=r20250108&mjsv=m202501080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=293750966905&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331832%2C95332587%2C95349405%2C95350243%2C31089666&oid=2&pvsid=2261070291360666&tmod=1424179068&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wpf.qal3a.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 10:05:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 61DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-2457458440571846&output=html&h=280&adk=3088186576&adf=2973209031&pi=t.aa~a.3299938725~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1736489668&rafmt=1&to=qs&pwprc=5555275673&format=1200x280&url=https%3A%2F%2Fwpf.qal3a.online%2F2024%2F09%2Fblog-post.html%3Fm%3D1wpf.qal3a.online&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736503531112&bpp=1&bdt=1505&idt=0&shv=r20250108&mjsv=m202501080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=293750966905&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331832%2C95332587%2C95349405%2C95350243%2C31089666&oid=2&pvsid=2261070291360666&tmod=1424179068&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wpf.qal3a.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
305
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 10:05:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 0C00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-2457458440571846&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1736489668&rafmt=1&to=qs&pwprc=5555275673&format=1200x280&url=https%3A%2F%2Fwpf.qal3a.online%2F2024%2F09%2Fblog-post.html%3Fm%3D1wpf.qal3a.online&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736503531112&bpp=1&bdt=1505&idt=0&shv=r20250108&mjsv=m202501080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=293750966905&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3003&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331832%2C95332587%2C95349405%2C95350243%2C31089666&oid=2&pvsid=2261070291360666&tmod=1424179068&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wpf.qal3a.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
302
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 10:05:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20250108/r20190131/ Frame A6A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20250108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wpf.qal3a.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
5972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4144
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 08:25:58 GMT
etag
7793694970870604198
expires
Fri, 24 Jan 2025 08:25:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://wpf.qal3a.online/

Response headers
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2814d39c785588328fe4e8425751a74d111f6214d5ca1f6d63720cf9c15f8e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13193
date
Fri, 10 Jan 2025 10:05:31 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
img_1716506430580.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvU_VtsfMmR6a5_dNihGM9dhyphenhyphen_TAU99odQNzGSHopfDLpqZ7XMWDfKO_1cpTYU_Q3RSRAx_5n3rs2KhYywsFFX91d5scpWfD8lwlqZHllgh_7_GSL6cZeAX_FWfdX6MuWeHT_qWy... 		170 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvU_VtsfMmR6a5_dNihGM9dhyphenhyphen_TAU99odQNzGSHopfDLpqZ7XMWDfKO_1cpTYU_Q3RSRAx_5n3rs2KhYywsFFX91d5scpWfD8lwlqZHllgh_7_GSL6cZeAX_FWfdX6MuWeHT_qWy-jJ4_uUGzUKaoS6AhQJgg3T9AmbEY3yEBAfmS7y5ZMnJ-4pdI74kQG/s1080/img_1716506430580.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8163c139f394d10a920245789492fd2cc36aeac9e1c1b0690ff10fa3ea0ee148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vb0"
x-content-type-options
nosniff
expires
Sat, 11 Jan 2025 10:05:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174549
date
Fri, 10 Jan 2025 10:05:29 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="img_1716506430580.png"
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2457458440571846&plah=wpf.qal3a.online&bust=31089666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wpf.qal3a.online/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 10:05:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 10:05:31 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame B044 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wpf.qal3a.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 09:36:40 GMT
expires
Fri, 10 Jan 2025 10:26:40 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250108&jk=2261070291360666&bg=!1Nel15jNAAYsEuUeDBI7ADQBe5WfOIIsZxhW76RE4-AeoawzTdq60rNHhKo7sIxYSXKJ_t4P4B9xEi8FWWdpeJvISMXTAgAAADNSAAAAAmgBB34ANntxLtKZp9LAK4rWwzo8sWjhdVn86Twg5WqxBRl4tMSE9JuVk3RCa6Ye0TqqsauLmisrzNYdZ5kCrBMj3qRQx6-8ImtCrJNOCSviiceOT8Mdr7ygSEcOoGS5EORHDZxMmrZSyujZeT5sZRNVbLjCz3Q44U2I82c4R8RMyN2N6SWpu5GtdQFQaFPd-aNfrcfWePxkNZOVMLCLybFBDBX8leXdqf48zKZUw4xHqmecHJ4tt1s0LugpDtSZmjONM6kXI1Pi1q5X3nJqtaA9G5UmsgqUXKIaKg04EJ3shI-YfQLPfw9dyLo-BJtv_fA5mu90s7ndpLWCI2pNnBbQS1JejLTRg7uAk0AHJh307l-miBtcg9MmMl2QgyCmS9zuvAZTqAW1ThMR2INv1V29mHiiRsujKgFYZC3IgpnblX1r0WgFHW7Bpkqt_j496x6VF45PkQEQ6Ovkh0l2pPku7J87gH-M4UpMFPpizcwRDAgELBoBfSc_7LCNV0-n7QWHB5ejdbbI2U2519bhWvxYn8ByJo-ds1FFtkUEzqO0h_ejBdLn7TwvO4vfIhaTuctm_R4DYywLB0B2UzPc_d2NSj6UaqYDQRZRJVCz_BKBKj2b4SCqKVWY0T2MvjQ9wALbMMS2owSE-a1jf1KEbPTsQMJl8UZaOxx1uUaFBgTnlP6yHEoY1mcSMqwUK47-BZr6AoEz-Qz_CEusqXdsWRxgLFQvLPPIELKFVrfi_BjJlp476VR2p4MQ9eQBhVBWDIETgZFGotr6ZTeVGlekcd41VzPpTLvuLf7dB_KDsY8CWx70bqN1XEbmsEtCzW67s-gwzQPfJr2mFF6Bng6S_1_4S3Vs0XE37FHdDignT-z_FrOGCZ2E5bD1sqeFCGJWOfohj_uXfwCR2BbRgoCVoakmNxGCB_2Ok_5sbsMJMmAgIx0YC1xAXtxYbF3oCFGQ14gFufPYtm6LJFYGWtv4AvygMftPv7n-V9wQEg

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| adsbygoogle function| $ function| jQuery string| errorname string| errornumber string| text string| link string| error string| cpa string| share object| cookieChoices object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| googFloatingToolbarManagerAsyncPositionUpdate object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms

2 Cookies

Domain/Path Name / Value
.qal3a.online/ Name: __eoi
Value: ID=b271905182aeeaea:T=1736503530:RT=1736503530:S=AA-Afjbegz1d91F23zqUzLn9fJ92
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%226F1F5F9C-EC29-4183-9AED-42D04CC20D32%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.gstatic.com
i.imgur.com
od-jsc.pages.dev
pagead2.googlesyndication.com
wpf.qal3a.online
www.facebook.com
ep1.adtrafficquality.google
157.240.0.35
172.217.16.194
172.217.16.195
172.66.44.220
199.232.196.193
216.58.206.66
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:811::2013
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
1e86042e2e65122b87e6ec354f6d5d007b213b7600a91ea745b4fdba0638f74d
2814d39c785588328fe4e8425751a74d111f6214d5ca1f6d63720cf9c15f8e89
37be356d7131cbadfb089eb648cb3c1bd828b7a304e7d2563065e054b26a565a
39d8ba5c57b637434d21319acfa9fe2029cc88839cab8a4767b8854c60339921
48ebb4c107f14853d6b50020ea58ae20c9505218579815315fc7a75c32022f97
50ff52e0b7c92330ec9b5cb0b1431540aadbbb22f02829d0411a28faa4d5db61
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5ec73cf4d42170b4a8d173b35f0f1b9e2c73a5959fd4c905d0836a6a0612dcd8
6ae105772fd284edf68de7fa2853104045f08850327d5e0c0637ff4a4151b356
7b7cc49ed4945a43ca361ca9e327cd907f5520cec87858b820e02a6db6d55779
8163c139f394d10a920245789492fd2cc36aeac9e1c1b0690ff10fa3ea0ee148
8190eebd2e6b09698957abd28747eb1debddf8afcd2f40e69c31d25f07a02a7d
81d62c74016d8779cb91019934882095ad606798f3f32327fa4dadf9d023a4d5
842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
983163f971593bcd09b71971f8cee6905a2bb8bfc104c68e1c8dacf69b308b08
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
df031b46047af8dcaf5736eed49cbf83d04899e1994156a7e649299ceb36802c
e262f9cf00a1e067dde773a8983ca37650a3d608fd429cddc620b18ecd06e321
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68b53b682a87864a7f8f59bc2b778c0b71e28768528f24c854ac27f0c5e1334
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99