urlscan.io logo urlscan.io
SecurityTrails logo

qiwi.gg Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Submission Tags: falconsandbox
Submission: On August 04 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 28 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is qiwi.gg. The Cisco Umbrella rank of the primary domain is 452763.
TLS certificate: Issued by WE1 on June 28th 2024. Valid for: 3 months.
This is the only time qiwi.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 188.114.97.3 13335 (CLOUDFLAR...)
2 104.16.225.240 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 4 104.18.1.101 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
28 7
18    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
qiwi.gg
2    104.16.225.240 (None, )

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
in.getclicky.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
pkazd.xyz
4    104.18.1.101 (None, )

ASN13335 (CLOUDFLARENET, US)
clerk.qiwi.gg
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
22 qiwi.gg
qiwi.gg — Cisco Umbrella Rank: 452763
clerk.qiwi.gg — Cisco Umbrella Rank: 785093
305 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
2 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 18241
in.getclicky.com — Cisco Umbrella Rank: 15088
6 KB
1 pkazd.xyz
pkazd.xyz
985 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
102 KB
28 5
Domain Requested by
18 qiwi.gg qiwi.gg
4 clerk.qiwi.gg 1 redirects clerk.qiwi.gg
2 region1.google-analytics.com www.googletagmanager.com
1 in.getclicky.com static.getclicky.com
1 pkazd.xyz qiwi.gg
1 www.googletagmanager.com qiwi.gg
1 static.getclicky.com qiwi.gg
28 7

This site contains no links.

Subject Issuer Validity Valid
qiwi.gg
WE1		 2024-06-28 -
2024-09-26		 3 months crt.sh
*.getclicky.com
E6		 2024-07-26 -
2024-10-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
pkazd.xyz
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
clerk.qiwi.gg
E5		 2024-06-21 -
2024-09-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Frame ID: 0ACDF9702FD5DD1A2446242ADE682FCB
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

File | Qiwi

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

93 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

413 kB
Transfer

1187 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://clerk.qiwi.gg/npm/@clerk/clerk-js@4/dist/clerk.browser.js HTTP 307
  • https://clerk.qiwi.gg/npm/@clerk/clerk-js@4.73.4/dist/clerk.browser.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cxH38466-Sims4DLCGP02SpaDay
qiwi.gg/file/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
af4af16378c688df3907897504d538fe3b1a844548db6fc08af8c181a982c3bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
HIT
cf-ray
8adfbbf6fc312bc5-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Aug 2024 15:55:52 GMT
last-modified
Sun, 04 Aug 2024 12:35:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOubCV43mocEiqpjbFeO9PRTPBNpdec2%2BzLKDPGdQRwQlGUGZY4uvU8dYHMyF0Obki5PO5FGBy08Xkz5Jpr8U35LRSOFCO0Yf68CfxMDhAkvW%2B2i7U9xowDK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-matched-path
/file/[slug]
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-execution-region
iad1
x-vercel-id
cle1::iad1::tn89q-1722774948707-b2c98ab07747
c9a5bc6a7c948fb0-s.p.woff2
qiwi.gg/_next/static/media/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Origin
https://qiwi.gg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188800
content-disposition
inline; filename="c9a5bc6a7c948fb0-s.p.woff2"
alt-svc
h3=":443"; ma=86400
content-length
46552
x-vercel-id
cle1::zrpnk-1721598106923-299c2ac0a79b
server
cloudflare
x-matched-path
/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
etag
"74c3556b9dad12fb76f84af53ba69410"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKHFtVsrw%2B3nqI2K0hg96QsUrjMkf%2FvAr%2FggpiKI5Ha3FaTb9Fc647skOlT%2BQP9qeWv0BS9Fux7D0sQO2xIQ9pB3KNpkk7QtEWj%2BDmc6JQ6gT0TO5M%2FjZ5%2Bv"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8adfbbf89e072bc5-FRA
283cf4a3ce45970a.css
qiwi.gg/_next/static/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/css/283cf4a3ce45970a.css
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aabed0c5ce4d7c448fae3232386244159ba1bc460986cfa9ae72a54ac16e5d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1130086
cf-polished
origSize=10973
content-disposition
inline; filename="283cf4a3ce45970a.css"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::29675-1721656399747-ffecef14b241
server
cloudflare
x-matched-path
/_next/static/css/283cf4a3ce45970a.css
etag
W/"26d4595566fcaa8e70a1f958aee42a2a"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUnHyvBUpXhl0xf0I3rnLl82eP5mPJwpkvVvMioTQb7lk1Kv%2FB1lliH6fkVXNF1u09H8HT8t0cUvOsun8nwUuGR4wDdkquT60c1efDVGRpdY3zeurWboKeZR"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf89e0a2bc5-FRA
a643669a4891cb53.css
qiwi.gg/_next/static/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/css/a643669a4891cb53.css
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2dca9d5de577b6ca3edf5235d8b03d89a303bed58bd83492caa1ac8a774b6a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188619
cf-polished
origSize=10781
content-disposition
inline; filename="a643669a4891cb53.css"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::fgtpf-1721598106878-ea5b3eb83127
server
cloudflare
x-matched-path
/_next/static/css/a643669a4891cb53.css
etag
W/"b5f7b97e5a3c882903c92d79189c7d20"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PF3wwHqlbuHUqWRtaU5T6rOKSk6tE9XVG0SVnYsAf8EArHz2CSBwh31nD1KBixNnEqTEXZGjxtXqdPgem1BFfvU5dwCaAYDhajOBWQQTdeq%2BadRfpQLELsQA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf89e0e2bc5-FRA
webpack-5e846048175b7af9.js
qiwi.gg/_next/static/chunks/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/webpack-5e846048175b7af9.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0949362c63fdcad0573a5973767a4f2659dc6f6411df0a862e9ce4e6175117e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
850214
cf-polished
origSize=5307
content-disposition
inline; filename="webpack-5e846048175b7af9.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::g9fhb-1721934412607-9cf691729e78
server
cloudflare
x-matched-path
/_next/static/chunks/webpack-5e846048175b7af9.js
etag
W/"df590349914735189772a77c19be71a4"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AX26MAB%2BX20qB0k39VX46FmecYPy166Crnfm2%2F0WQDQzy88MpffnRv7Z31WTCasR7xGzv6SKwckYQUNKrly%2F1dbl4RDwuHcbc6OgWmv1ZzxvgCOaPgWUk%2Bxb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee682bc5-FRA
bf6a786c-edbbe94c91292daa.js
qiwi.gg/_next/static/chunks/ 		168 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/bf6a786c-edbbe94c91292daa.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba9b826367436a982b271882d108a3d07cfff29fdc68eac548ef154d83b86649
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188800
cf-polished
origSize=172462
content-disposition
inline; filename="bf6a786c-edbbe94c91292daa.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::9qv6z-1721598106066-177710e697c3
server
cloudflare
x-matched-path
/_next/static/chunks/bf6a786c-edbbe94c91292daa.js
etag
W/"4394104975c8dc09385ad65d4607b4e4"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3fhIrj%2Be7A1y71VhZlZWgLuogU1FCBohcopa59pWUuZcGrBzbRqKdc6T7FNiag0KxzTu7RiAco8e9HqswMsoiS14U6rwNWarM4f97eVUCWFfx3NEtmjcKQo6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee6d2bc5-FRA
290-1a08b6a8cb8009f8.js
qiwi.gg/_next/static/chunks/ 		109 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/290-1a08b6a8cb8009f8.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29df81734f407ab1819e6f26ad2d0c43e07c02b89977850c78fe398f7dbc125f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188799
cf-polished
origSize=112770
content-disposition
inline; filename="290-1a08b6a8cb8009f8.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::cgzd5-1721598106079-ab81e29c0b69
server
cloudflare
x-matched-path
/_next/static/chunks/290-1a08b6a8cb8009f8.js
etag
W/"8d7884e77ca5abf027cab7c46a85cc43"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VIihVt6vJ6JSTP6OGi5LuYYMjTEu0C8Q%2FPbSvTyEdB4sfYCEMBuYb2xINXcBDPAD7jaX%2BeeqWSYE55nV1fgJgV2FzNSiD0iPPABfSNsnPYuULEWwIEa%2B9Q3K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee6f2bc5-FRA
main-app-c14f460b286e1c4f.js
qiwi.gg/_next/static/chunks/ 		508 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/main-app-c14f460b286e1c4f.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b66c8a49a8d71e8cc1217abea0761e67beae4a4c7bb772568e7a1a484134c69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188799
content-disposition
inline; filename="main-app-c14f460b286e1c4f.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::s9j9l-1721598106379-8daed4f84fd4
server
cloudflare
x-matched-path
/_next/static/chunks/main-app-c14f460b286e1c4f.js
etag
W/"78581de7c6a05ed085aaa8c349f0c83d"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iNgxZgTFzzJl0kdehpV%2FQZP4joawlyjYyvrW9GyQgtpGyWnfnM8k7KWGfw5D1q72L9ViFlHN%2BnWFLDWbH0mrtU0RUytm%2FuD%2FhmILmYZiDK38XZDC%2FwjEHdFb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee722bc5-FRA
8dc5345f-bc6b8ab598345387.js
qiwi.gg/_next/static/chunks/ 		687 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/8dc5345f-bc6b8ab598345387.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d23a16cff6793bdfe154adfcdde72774001e61e646c6fe75187b0b64d9447f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188619
content-disposition
inline; filename="8dc5345f-bc6b8ab598345387.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::qqncj-1721598107344-6d7b21d5755d
server
cloudflare
x-matched-path
/_next/static/chunks/8dc5345f-bc6b8ab598345387.js
etag
W/"9cc370c3765c9750822b1fd33bcfc1bb"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmfAxCCmVKbI6qKUDBRJR1LtWcAP%2F7xGomkpxZwRz5cZfnM3%2BVMSwT4xH7AUjpGUzV2F5tQt8hNAfchjJRVoBMYz2KqkXjvHLhH3MfJKUteqRHox86opn5hL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee752bc5-FRA
989-328dd7c7a82626cd.js
qiwi.gg/_next/static/chunks/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/989-328dd7c7a82626cd.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176a80e10c9bbbf5ef4ced732804a81dc968ead3eb2a8714a3241ec4c5634fec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188800
cf-polished
origSize=66537
content-disposition
inline; filename="989-328dd7c7a82626cd.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::4jw5l-1721598107354-51570092d2b7
server
cloudflare
x-matched-path
/_next/static/chunks/989-328dd7c7a82626cd.js
etag
W/"cb06a08dda1908badadd6c48f547f889"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNwQBz6B%2FHJRCM9anMBEt1KLWNk0GJDnpfwzvX4zBh428L%2BRjj2sEI%2FDDMmTIeDwJZkOmv0ffesL6qRdfkfUaA8tSWpiTFEIkBCP%2BP57uIZjJMfRcaAObMjf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee762bc5-FRA
690-8738047cd33b6696.js
qiwi.gg/_next/static/chunks/ 		108 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/690-8738047cd33b6696.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb61b8129959ff1e26efa18345cf700c81368cbc43581265e6c4255589f6e35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188799
cf-polished
origSize=110355
content-disposition
inline; filename="690-8738047cd33b6696.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::jncxm-1721598107717-d86090625eaf
server
cloudflare
x-matched-path
/_next/static/chunks/690-8738047cd33b6696.js
etag
W/"cc3ab38a7bad708810638c72dc83c7e5"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfS79%2Bdc7E3jK1fjLkltPrmmpgvDnKPNXRGbt1w09DmxajXIXbmFXuXb3A7HijFxQ8woueLR10gdiYNro7qImQkA1o%2BngVDde0R62q0yPTA63BhxpI%2FipG4H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee782bc5-FRA
994-346771a849f0bb01.js
qiwi.gg/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/994-346771a849f0bb01.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cd0201f737aa126d0f5ddaf09aa212a00b1e11181c20cfd87e2cc5e9dfdd7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188799
content-disposition
inline; filename="994-346771a849f0bb01.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::xgwf4-1721598107672-17f5f2325945
server
cloudflare
x-matched-path
/_next/static/chunks/994-346771a849f0bb01.js
etag
W/"252660ddc87918b004585f2a4d09f290"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbz44Bq2IQMn6OwKilZ0Fj0im%2BL3OsJbRiQkahKpQa%2BMea5Ghtxc9UPK19Xix6%2BKxbYUgxl3sxIzEP3w5owwzA2IkAwCLzA3S1iT3KKAYdj2wuFJG6LSlTPb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee7b2bc5-FRA
414-bffbb973aab93215.js
qiwi.gg/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/414-bffbb973aab93215.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3512c3a3323edf40e39ddea9f8e081ccfa9a73c81e8a17ae395428cda1d03a31
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188799
cf-polished
origSize=13174
content-disposition
inline; filename="414-bffbb973aab93215.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::95hrj-1721598107371-386c932cd17b
server
cloudflare
x-matched-path
/_next/static/chunks/414-bffbb973aab93215.js
etag
W/"a96733386a607bfbe0324920476321ad"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtGd7cpi4IMlh2u00AryD47bfOsmky1g1TdnOuwRs5WD%2Fu7qH%2BWKIZOheIUfkXuFSptKdK7vHTFHIRFWCZ9MD8tX6%2Fovuj8%2Fry7CoCXDwjiVCpiBXLTreuUN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee7c2bc5-FRA
page-83302c047fab6814.js
qiwi.gg/_next/static/chunks/app/file/%5Bslug%5D/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/app/file/%5Bslug%5D/page-83302c047fab6814.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0447ed6b2694f29aebc28436ec5afe73bb43646a4cdc02a2dc7cf1fa0d8aa68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188619
content-disposition
inline; filename="page-83302c047fab6814.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::ncb2n-1721598107623-cc3a2a76e8a7
server
cloudflare
x-matched-path
/_next/static/chunks/app/file/%5Bslug%5D/page-83302c047fab6814.js
etag
W/"4237684984a1344a6a489f9f0f6af464"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=He%2B5N5JbKAnFv6vuNYDljXZf80%2FN0jQr3qD9mdXShjmmLZCrsvx%2FVed2leB%2FCLr5LdHS1LCav%2B%2BGmnJtpp%2FaAz9mOaGio0WkmCiI1bHGZdoLLEslZ18SHrCT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee7d2bc5-FRA
326-ba8e253f2ab1f907.js
qiwi.gg/_next/static/chunks/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/326-ba8e253f2ab1f907.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d2ceb4b1649acba63ca3059b40ea06c45394190025a76efaa9392ef2db813a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1188799
content-disposition
inline; filename="326-ba8e253f2ab1f907.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::8gmt4-1721598107880-84a1e6a1a5e2
server
cloudflare
x-matched-path
/_next/static/chunks/326-ba8e253f2ab1f907.js
etag
W/"34e7a95dcdfacbb2a7fa75d6612f8806"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FX1xOIK%2FoM%2BiDMhHxmgvFvg4uT9ijcXcjYbWVp7WV%2B7DXbT44FeMd%2Fp8XHr6OTb6RbdVE7xJRXVMM2%2BeWO0ZHvZ1dJE7OVye4bsr2JePHov%2FQpET1zKkGFsG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee7f2bc5-FRA
layout-cbae5da7212552f6.js
qiwi.gg/_next/static/chunks/app/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/_next/static/chunks/app/layout-cbae5da7212552f6.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c216039857ee1789b2e64a0c497b29b16410379e1586028b823c6c620c86485b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1130086
cf-polished
origSize=6253
content-disposition
inline; filename="layout-cbae5da7212552f6.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
x-vercel-id
cle1::5tx49-1721656399732-a83967190a96
server
cloudflare
x-matched-path
/_next/static/chunks/app/layout-cbae5da7212552f6.js
etag
W/"d1188c482f082221aa1a5a73b0b91497"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WrHD6OGY4RDVJPZCSklpPW5CkE%2BdsFalBqHuP6imaVFWBVpKVMhqatPiGu30%2BI6ccRY%2FqJPV%2FFBIT3rA2gKI1hXZHDlO%2BYwuG1OmajrccRWICzmIAGxWL3AV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8adfbbf8ee802bc5-FRA
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.225.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Aug 2024 16:45:34 GMT
server
cloudflare
age
169818
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
8adfbbf97a9a1970-FRA
alt-svc
h3=":443"; ma=86400
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BN5XKFCNM9
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96bf522b98e5e913c23a2fff6b1592f23099418ded2de43563b0aff66e3f3326
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103802
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 15:55:53 GMT
/
pkazd.xyz/ 		2 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pkazd.xyz/?aD00MmFlMzgxYmY1MzBmNGE5MjZjOTE1MGU1YmVlMDZkNSZ1c2VyPTIwNyZzaWQ9MTA5JnR5cGU9YyZhZGNvZGU9MyZ0bXA9NQ==&file=Sims4_DLC_GP02_Spa_Day.zip
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
015d86ba304b6f03639aaf3fdcf1c90ce59a7fe72272819c5475c2c582410774

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7IYZMdYYYTlkyWAjj2lYIVxTzbeW8QI%2FMv1QzHZJfTyUKKigyLtks4Ur7v%2FaO35RmUFkuRv2YZrgomeesVwz40kHzi1Shc9PQO1xQLpBAfHq0T5r1BZTMAaezuXKfp1Pe5wwkf%2BLIns%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cf-ray
8adfbbfb69a52c79-FRA
alt-svc
h3=":443"; ma=86400
email-decode.min.js
qiwi.gg/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: qiwi.gg
URL: https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2024 21:56:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a9617e-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCKKK3Xt0JLX6lh1ghLZGR2sEjrngUcMZLKLRw1%2F2rc6gTjsaK4S8Ilm412qAhmW4NM%2FDhXkvClcTynrUMtv1OiCvxzMfzhQq23l7lQia3F%2FX1BdIXTzEv0K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8adfbbf89e0f2bc5-FRA
expires
Tue, 06 Aug 2024 15:55:53 GMT
clerk.browser.js
clerk.qiwi.gg/npm/@clerk/clerk-js@4.73.4/dist/
Redirect Chain
  • https://clerk.qiwi.gg/npm/@clerk/clerk-js@4/dist/clerk.browser.js
  • https://clerk.qiwi.gg/npm/@clerk/clerk-js@4.73.4/dist/clerk.browser.js
232 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clerk.qiwi.gg/npm/@clerk/clerk-js@4.73.4/dist/clerk.browser.js
Protocol
H3
Server
104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08be37a2211109269e17fed35a55e166deb30239833c578beb7048907fdfdf47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
921107
x-jsd-version
4.73.4
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
69291
x-served-by
cache-fra-etou8220053-FRA, cache-lga21973-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"3a149-FZ9LcYIwmSHW+wE90ghr/pCECDM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLlBeWuprHEbNraorAcPxiybKcxRhKTZHo9UB%2BIxOPdLCF85rIBt1c%2F%2FIuo5AhPZfudBY9NfIZPkrcoH%2F9TQ1pNGOS6Nnw1LYSiz8uvDMww7wgIon8VivgMMt%2Fz3UFfvNXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8adfbbff1a7a193f-FRA
timing-allow-origin
*
expires
Mon, 04 Aug 2025 15:55:54 GMT

Redirect headers

date
Sun, 04 Aug 2024 15:55:54 GMT
server
cloudflare
vary
Accept-Encoding
location
https://clerk.qiwi.gg/npm/@clerk/clerk-js@4.73.4/dist/clerk.browser.js
access-control-allow-origin
*
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8adfbbfeca20193f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
qiwi.gg/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qiwi.gg/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec0158ad3bc82a429ae8f7e636b231e74d9f7f9453cb44d7b2361a54e6b2bc4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://qiwi.gg/file/cxH38466-Sims4DLCGP02SpaDay
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:54 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline
alt-svc
h3=":443"; ma=86400
x-vercel-id
iad1::jccdj-1722151158891-ca0d966a945e
server
cloudflare
x-matched-path
/favicon.ico
etag
W/"eea2df256a61ef1b611b0b65d4631c51"
x-vercel-cache
HIT
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvFi0v0jl76D0ja11Mm8oQXfw004AvWqRImakncG1DnaAvA0%2BTUc4gAvDFbNhofY0lC9diKKNVQQvD6PorE6Ge5M3caw8%2B%2F3VdJxmwWmgKa9hp%2F0yuVEKej9"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8adfbbfe4c962bc5-FRA
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BN5XKFCNM9&gtm=45je47v0v9133716975za200&_p=1722786953956&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1602385207.1722786954&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722786953&sct=1&seg=0&dl=https%3A%2F%2Fqiwi.gg%2Ffile%2FcxH38466-Sims4DLCGP02SpaDay&dt=File%20%7C%20Qiwi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=1330
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BN5XKFCNM9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 15:55:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qiwi.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
in.php
in.getclicky.com/ 		131 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101425698&href=%2Ffile%2FcxH38466-Sims4DLCGP02SpaDay&title=File%20%7C%20Qiwi&res=1600x1200&lang=nl-NL&tz=Europe%2FAmsterdam&tc=&ck=1&x=aqezh3
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.225.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 15:55:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-ray
8adfbbffbb6e1970-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 26 Jul 1997 05:00:00 GMT
environment
clerk.qiwi.gg/v1/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://clerk.qiwi.gg/v1/environment?__clerk_framework_hint=nextjs&__clerk_framework_version=13.5.6&_clerk_js_version=4.73.4
Requested by
Host: clerk.qiwi.gg
URL: https://clerk.qiwi.gg/npm/@clerk/clerk-js@4/dist/clerk.browser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee9b521a9310645c493edcc9324171820d6bb2e7b43e1e2b3bfd276ca4375ad

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

clerk-api-version
2021-02-05
date
Sun, 04 Aug 2024 15:55:54 GMT
content-encoding
br
cf-cache-status
HIT
age
2152
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Aug 2024 15:20:02 GMT
server
cloudflare
x-clerk-trace-id
76f036198635aa1cf40cd03c99070ee3
x-cfworker
1
vary
Origin, Accept-Encoding
content-type
application/json
x-country
DE
access-control-allow-origin
https://qiwi.gg
access-control-expose-headers
Authorization, X-Country
cache-control
no-store
access-control-allow-credentials
true
cf-ray
8adfbc01987c9bbf-FRA
x-robots-tag
noindex, nofollow
expires
Sun, 04 Aug 2024 19:55:54 GMT
client
clerk.qiwi.gg/v1/ 		31 B
760 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://clerk.qiwi.gg/v1/client?_clerk_js_version=4.73.4
Requested by
Host: clerk.qiwi.gg
URL: https://clerk.qiwi.gg/npm/@clerk/clerk-js@4/dist/clerk.browser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9d2f5462aefa4901181b92e71c95006c1ec2342de6fa1f4b6d44147fa214736

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

clerk-api-version
2021-02-05
date
Sun, 04 Aug 2024 15:55:54 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
content-length
31
server
cloudflare
x-clerk-trace-id
8752718ddfa5a6728be489abe43ad691
x-cfworker
1
vary
Origin, Accept-Encoding
content-type
application/json
x-country
DE
access-control-allow-origin
https://qiwi.gg
x-cloud-trace-context
8752718ddfa5a6728be489abe43ad691
cache-control
no-store
access-control-allow-credentials
true
access-control-expose-headers
Authorization, X-Country
cf-ray
8adfbc0198839bbf-FRA
x-robots-tag
noindex, nofollow
expires
Sun, 04 Aug 2024 15:55:54 GMT
4f33cec7-419a-479f-92af-1164998f586a
https://qiwi.gg/ 		527 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://qiwi.gg/4f33cec7-419a-479f-92af-1164998f586a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b99cfa967e2b8519539505694f76bffd212ab664ed3404643e9cf2a0d3380662

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
527
Content-Type
application/javascript; charset=utf-8
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BN5XKFCNM9&gtm=45je47v0v9133716975za200&_p=1722786953956&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1602385207.1722786954&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722786953&sct=1&seg=0&dl=https%3A%2F%2Fqiwi.gg%2Ffile%2FcxH38466-Sims4DLCGP02SpaDay&dt=File%20%7C%20Qiwi&en=scroll&ep.anonymize_ip=true&epn.percent_scrolled=90&_et=4&tfd=6335
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BN5XKFCNM9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://qiwi.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 15:55:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qiwi.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E object| __next_s object| __next_f object| next object| global object| bodyExists string| sitetitle string| encodedTitle object| form object| input string| __clerk_publishable_key function| __unstable__onBeforeSetActive function| __unstable__onAfterSetActive function| gtag object| dataLayer function| __clerk_nav_ref object| __clerk_nav_resolves_ref object| clicky_obj object| clicky object| clicky_custom object| clicky_site_ids string| cs object| _cgen object| _cgen_custom object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunk_clerk_clerk_js object| regeneratorRuntime object| Clerk

5 Cookies

Domain/Path Name / Value
.qiwi.gg/ Name: _ga
Value: GA1.1.1602385207.1722786954
.qiwi.gg/ Name: _ga_BN5XKFCNM9
Value: GS1.1.1722786953.1.0.1722786954.0.0.0
.qiwi.gg/ Name: __client_uat
Value: 0
.clerk.qiwi.gg/ Name: __cf_bm
Value: B0aSRr1ER_nDKetVeGzQyUVK8xYXZIFRXC3.H1m2MYY-1722786954-1.0.1.1-7eG3i99QKiQVZBMNQf6..A_UPET2XD1bu7ZRiNby8A5WkF87IBfFZA8eXIFoRqerrIO.x9d62qgV1atn5E29JA
.clerk.qiwi.gg/ Name: _cfuvid
Value: p8HMTNJsi_grVT2BAafTktYLZ2.S2zLsNioA8qGyXIw-1722786954747-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clerk.qiwi.gg
in.getclicky.com
pkazd.xyz
qiwi.gg
region1.google-analytics.com
static.getclicky.com
www.googletagmanager.com
104.16.225.240
104.18.1.101
188.114.97.3
2001:4860:4802:34::36
2a00:1450:4001:828::2008
2a06:98c1:3120::3
015d86ba304b6f03639aaf3fdcf1c90ce59a7fe72272819c5475c2c582410774
08be37a2211109269e17fed35a55e166deb30239833c578beb7048907fdfdf47
0949362c63fdcad0573a5973767a4f2659dc6f6411df0a862e9ce4e6175117e5
0d23a16cff6793bdfe154adfcdde72774001e61e646c6fe75187b0b64d9447f2
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
176a80e10c9bbbf5ef4ced732804a81dc968ead3eb2a8714a3241ec4c5634fec
1aabed0c5ce4d7c448fae3232386244159ba1bc460986cfa9ae72a54ac16e5d1
1b66c8a49a8d71e8cc1217abea0761e67beae4a4c7bb772568e7a1a484134c69
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29df81734f407ab1819e6f26ad2d0c43e07c02b89977850c78fe398f7dbc125f
3512c3a3323edf40e39ddea9f8e081ccfa9a73c81e8a17ae395428cda1d03a31
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3ee9b521a9310645c493edcc9324171820d6bb2e7b43e1e2b3bfd276ca4375ad
85cd0201f737aa126d0f5ddaf09aa212a00b1e11181c20cfd87e2cc5e9dfdd7b
96bf522b98e5e913c23a2fff6b1592f23099418ded2de43563b0aff66e3f3326
a8d2ceb4b1649acba63ca3059b40ea06c45394190025a76efaa9392ef2db813a
aec0158ad3bc82a429ae8f7e636b231e74d9f7f9453cb44d7b2361a54e6b2bc4
af4af16378c688df3907897504d538fe3b1a844548db6fc08af8c181a982c3bf
b0447ed6b2694f29aebc28436ec5afe73bb43646a4cdc02a2dc7cf1fa0d8aa68
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4
b99cfa967e2b8519539505694f76bffd212ab664ed3404643e9cf2a0d3380662
ba9b826367436a982b271882d108a3d07cfff29fdc68eac548ef154d83b86649
bdb61b8129959ff1e26efa18345cf700c81368cbc43581265e6c4255589f6e35
c216039857ee1789b2e64a0c497b29b16410379e1586028b823c6c620c86485b
d2dca9d5de577b6ca3edf5235d8b03d89a303bed58bd83492caa1ac8a774b6a6
d9d2f5462aefa4901181b92e71c95006c1ec2342de6fa1f4b6d44147fa214736