info.qgamefi.com Open in urlscan Pro
47.236.120.59 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://info.qgamefi.com/
Submission: On October 24 via manual (October 24th 2024, 12:45:54 pm UTC) from CZ — Scanned from SG

Summary HTTP 48 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 48 HTTP transactions. The main IP is 47.236.120.59, located in Singapore and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is info.qgamefi.com.
TLS certificate: Issued by R10 on October 23rd 2024. Valid for: 3 months.

This is the only time info.qgamefi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	47.236.120.59 47.236.120.59	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
4	163.181.81.119 163.181.81.119	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1 7	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1a::61	15169 (GOOGLE) (GOOGLE)
9	2600:9000:23d... 2600:9000:23d2:de00:4:cb6e:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.238.99 13.35.238.99	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c0f::8a	15169 (GOOGLE) (GOOGLE)
1	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE)
2	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4003:c02::84	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c11::84	15169 (GOOGLE) (GOOGLE)
1	142.251.175.105 142.251.175.105	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c01::5f	15169 (GOOGLE) (GOOGLE)
1	172.253.118.157 172.253.118.157	15169 (GOOGLE) (GOOGLE)
2	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
48	16

3 47.236.120.59 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

info.qgamefi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 163.181.81.119 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

files.zddnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.12.154 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:23d2:de00:4:cb6e:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

files.dreame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.238.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-238-99.sin2.r.cloudfront.net

files.wehearfm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::8a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c02::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c11::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	38 KB
9	dreame.com files.dreame.com — Cisco Umbrella Rank: 189738	2 MB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	247 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 517	104 KB
4	zddnews.com files.zddnews.com	12 KB
3	qgamefi.com info.qgamefi.com	15 KB
2	gstatic.com fonts.gstatic.com	36 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	20 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	wehearfm.com files.wehearfm.com	264 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	107 KB
48	13

	Domain	Requested by
9	files.dreame.com
8	securepubads.g.doubleclick.net	1 redirects info.qgamefi.com securepubads.g.doubleclick.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com info.qgamefi.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	files.zddnews.com	info.qgamefi.com
3	e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	info.qgamefi.com	info.qgamefi.com
2	fonts.gstatic.com	fonts.googleapis.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googleadservices.com	info.qgamefi.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	files.wehearfm.com
1	www.googletagmanager.com	info.qgamefi.com
48	15

This site contains links to these domains. Also see Links.

Domain
files.zddnews.com

Subject Issuer	Validity	Valid
qgamefi.com R10	`2024-10-23` - `2025-01-21`	3 months	crt.sh
files.zddnews.com Encryption Everywhere DV TLS CA - G2	`2024-09-28` - `2025-09-27`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
files.dreame.com Amazon RSA 2048 M03	`2024-02-23` - `2025-03-24`	a year	crt.sh
files.wehearfm.com Amazon RSA 2048 M02	`2023-12-04` - `2025-01-01`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://info.qgamefi.com/
Frame ID: AB27CEE35481453E7BAE38170BDE17F6
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 60BA4B94471D3591968D167CFC85F539
Requests: 1 HTTP requests in this frame

Frame: https://e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9289B297C60073963C1E91BB091CACB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: D4CA9FEAC546BD2544E2DE74FCF77A40
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A189C8EB67EC6CECAFE96358BC63D704
Requests: 1 HTTP requests in this frame

Frame: https://e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5DD32C9365722C21E0045CD99B4AA76D
Requests: 1 HTTP requests in this frame

Frame: https://e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A26B8A638BB2D23B28A361D2252D9578
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Frame ID: A8B113D659864DF5DA7831FAE3F4F235
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

INFORMATION-LIST

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

48
Requests

96 %
HTTPS

40 %
IPv6

13
Domains

15
Subdomains

16
IPs

2
Countries

2707 kB
Transfer

3849 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://files.zddnews.com/static/About-US.html
Title: About US

Search URL Search Domain Scan URL

URL: https://files.zddnews.com/static/Privacy-Policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://files.zddnews.com/static/User-Terms.html
Title: User Terms

Search URL Search Domain Scan URL

URL: https://files.zddnews.com/static/Contact-US.html
Title: Contact US

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://securepubads.g.doubleclick.net/pagead/adview?ai=C3nWqfEEaZ77bMbqN9fwPxaDmqQTIhpKWc82pt_P4EtvZHhABIMmp4qIBYOmCgIDUDaABk93IoALIAQngAgCoAwHIAwqqBMsCT9Bt_TEHL0ax-nxRB1t2eDo2xRO3IZrZkZ7O66dRet1LVUn5bdKpq5cpohOQ5zIys-ooSCVdETwtVw_RN382-HOsM_dhSU4v47zZKXGVq6WY2HLO07Kq70G6oSoxdr7iGenZNwgn70ycgFhu-GUTfphbLFVixXY0jLHO4DjLv0qEUPHXcYN_2PrakrmWmqBqkDVq-2rPhgfJ5LEH0bDb37cHDTg_7MnzoMGf1Ybs3hbH3JC1YSSUl0d8ltCCZDQVPPZcjsubxX190l7C9ugCKoHDnxJq1JDjY9-357Ht9uWOeKv44gcZQ-YXNMuLQlQBIw0adLC1YlUN48aJYp2-OCOVsUbJo-eiUt2I9RmZT_32FvpGNzqMimDj4Zo-rlvVEKbUoyVksLyrBcIASpu4cyR-4qpD-THBX24-7VwfIecUsltldPgEoNIHM8AE59O45bYE4AQBiAXV_v2_QpIFBAgEGAGSBQQIBRgEoAYugAfupePbAqgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ84YG0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpY8_zyjYaniQOaCY0BaHR0cHM6Ly93d3cudml2YWlhLmNvbS9wcm9tb3Rpb24vQ29tZnktV2Fsa2luZy1Cb290cy1SeWFuLVNsaXAtT24uaHRtbD91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249MTc4NTA5MjQ4ODUmZ2FkX3NvdXJjZT01gAoDyAsB2gwRCgsQ0L2q2OO87IvFARICAQPiDRMI-LHzjYaniQMVukadCR1FkDlF6g0TCIPw842Gp4kDFbpGnQkdRZA5RbgT5APYEwyIFALQFQGAFwGyFyEKHQgAEhRwdWItMTIwNDI5NTI4MTA2NzgzMhjJk6MBGAG6FwI4AbIYCRICwU8YLiIBANAYAQ&sigh=wTh6GcdNtUE&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwCa7L7dLbm4KDSwP9gzn7xpCHwbycsWGc9MBKIrswSe-DoDBwKiTlhlV71xKDCPvlshFQCmUNh2-aLsUFK9HIroS2yy8xYpn_jINEyjQrkYAQ&template_id=484 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfdc41ff2d01a49be0000000000000000%22,%222%22:%220xd7cd3a54a3fcf61c0000000000000000%22,%223%22:%220xdc03d67784820f160000000000000000%22,%224%22:%220x145445f9989540130000000000000000%22,%225%22:%220x6fc9015e3716b87c0000000000000000%22},%22debug_key%22:%2216047678454055860510%22,%22debug_reporting%22:true,%22destination%22:%22https://vivaia.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22605171347%22],%2222%22:[%22true%22],%224%22:[%2210-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226969541435950841201%22}&andc=true

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
info.qgamefi.com/ 20 KB
8 KB 147ms
17ms Document
text/html 47.236.120.59
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.qgamefi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.236.120.59 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

7023f4de1277fc804b445b9f2b5ef8f48e79961d59d0d12ec55ec52d8c03886b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 72285
ali-swift-global-savetime: 1729701663
content-encoding: gzip
content-length: 7318
content-md5: hkKDsUE5QRbp2Wp1QZSuGw==
content-type: text/html
date: Thu, 24 Oct 2024 12:45:48 GMT
eagleid: a3b5a09f17297739480663693e
last-modified: Wed, 23 Oct 2024 16:39:58 GMT
server: nginx
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
via: cache36.l2sg2[8,7,200-0,M], cache10.l2sg2[8,0], ens-cache12.sg17[0,0,200-0,H], ens-cache11.sg17[4,0]
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth: success
x-oss-hash-crc64ecma: 8873604301135694233
x-oss-object-type: Normal
x-oss-request-id: 6719271F385D5B3633003331
x-oss-server-time: 5
x-oss-storage-class: Standard
x-swift-cachetime: 2592000
x-swift-savetime: Wed, 23 Oct 2024 16:41:03 GMT

GET
H/1.1 200
OK qgamefi.com.png
files.zddnews.com/images/ 6 KB
7 KB 98ms
19ms Image
image/png 163.181.81.119
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.zddnews.com/images/qgamefi.com.png
Requested by: Host: info.qgamefi.com
URL: https://info.qgamefi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.81.119 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b0e71014a0100ffdf6080c97bbcdf3acf21769416b5467d14b53945a33f33038

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-oss-cdn-auth: success
Content-MD5: VUMCQOfFNI4jt2IMPQ1Qvw==
x-oss-storage-class: Standard
ETag: "55430240E7C5348E23B7620C3D0D50BF"
Age: 75416
x-oss-object-type: Normal
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
Date: Wed, 23 Oct 2024 15:48:52 GMT
x-oss-server-time: 5
Content-Type: image/png
Last-Modified: Wed, 23 Oct 2024 15:48:50 GMT
X-Swift-CacheTime: 2588945
Timing-Allow-Origin: *
x-oss-hash-crc64ecma: 10438409193968869234
Connection: keep-alive
Via: cache17.l2sg2[0,0,200-0,H], cache10.l2sg2[0,0], cache25.sg12[0,0,200-0,H], cache17.sg12[8,0]
Ali-Swift-Global-Savetime: 1729698532
X-Swift-SaveTime: Wed, 23 Oct 2024 16:39:47 GMT
Accept-Ranges: bytes
EagleId: a3b551a517297739481706260e
Content-Length: 6388
x-oss-request-id: 67191AE4AFBCCE343343DF76
Server: Tengine

GET
H/1.1 200
OK icon_menu.png
files.zddnews.com/static/ 368 B
1 KB 89ms
10ms Image
image/png 163.181.81.119
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.zddnews.com/static/icon_menu.png
Requested by: Host: info.qgamefi.com
URL: https://info.qgamefi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.81.119 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 554b4ae973cd487bdb7f42d4acea9658e89e43dc2323840ebf9aedfa1c3f3129

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-oss-cdn-auth: success
Content-MD5: Iz3Zce4g7hwVhD2igYmDLQ==
x-oss-storage-class: Standard
ETag: "233DD971EE20EE1C15843DA28189832D"
Age: 596369
x-oss-object-type: Normal
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
Date: Thu, 17 Oct 2024 15:06:19 GMT
x-oss-server-time: 18
Content-Type: image/png
Last-Modified: Sun, 13 Oct 2024 09:36:36 GMT
X-Swift-CacheTime: 2578386
Timing-Allow-Origin: *
x-oss-hash-crc64ecma: 3158593020573004515
Connection: keep-alive
Via: cache15.l2sg2[0,0,200-0,H], cache38.l2sg2[0,0], cache24.sg12[0,0,200-0,H], cache11.sg12[6,0]
Ali-Swift-Global-Savetime: 1729177579
X-Swift-SaveTime: Thu, 17 Oct 2024 18:53:13 GMT
Accept-Ranges: bytes
EagleId: a3b5519f17297739481666310e
Content-Length: 368
x-oss-request-id: 671127EB1858C338302953AE
Server: Tengine

GET
H/1.1 200
OK base64.js Show response
files.zddnews.com/static/ 5 KB
3 KB 102ms
24ms Script
application/javascript 163.181.81.119
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.zddnews.com/static/base64.js
Requested by: Host: info.qgamefi.com
URL: https://info.qgamefi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.81.119 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 3d52dd7c0e687b77ba3901803ccdfca345b1bf1b2fd0e6f0c69a5373edf2531d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-oss-cdn-auth: success
Content-MD5: iv0DHMIRV16LuOKRI0W+bQ==
x-oss-storage-class: Standard
Content-Encoding: gzip
Age: 596369
x-oss-object-type: Normal
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
Date: Thu, 17 Oct 2024 15:06:19 GMT
x-oss-server-time: 35
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Sat, 12 Oct 2024 17:39:08 GMT
X-Swift-CacheTime: 2562458
Timing-Allow-Origin: *
x-oss-hash-crc64ecma: 7898187921767084094
Connection: keep-alive
Via: cache20.l2sg2[0,0,200-0,H], cache9.l2sg2[1,0], cache12.sg12[0,0,200-0,H], cache12.sg12[14,0]
Ali-Swift-Global-Savetime: 1729177579
X-Swift-SaveTime: Thu, 17 Oct 2024 23:18:41 GMT
EagleId: a3b551a017297739481391238e
Content-Length: 2068
x-oss-request-id: 671127EBAFBCCE37319BE3CF
Server: Tengine

GET
H2 200 e7003731b11e36c51f3e908b36980cde.js Show response
info.qgamefi.com/static/ 2 KB
1 KB 17ms
16ms Script
application/javascript 47.236.120.59
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.qgamefi.com/static/e7003731b11e36c51f3e908b36980cde.js

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.236.120.59 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

49358b60202c65f202a2707db7d22225d0aff07ebdf3cf7982c93c128aea7ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-oss-cdn-auth: success
content-md5: XcAdJ+SX3o4fOxqNpy9QLw==
x-oss-storage-class: Standard
content-encoding: gzip
age: 72593
x-oss-object-type: Normal
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Thu, 24 Oct 2024 12:45:48 GMT
x-oss-server-time: 5
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 16:08:01 GMT
strict-transport-security: max-age=31536000
x-swift-cachetime: 2592000
timing-allow-origin: *
x-oss-hash-crc64ecma: 15009825812764231920
via: cache5.l2sg2[9,9,200-0,M], cache10.l2sg2[11,0], ens-cache7.sg17[0,0,200-0,H], ens-cache6.sg17[4,0]
ali-swift-global-savetime: 1729701355
x-swift-savetime: Wed, 23 Oct 2024 16:35:55 GMT
eagleid: a3b5a09a17297739480818104e
content-length: 728
x-oss-request-id: 671925EB5F471E373154EB8D
server: nginx

GET
H2 200 a7f17d8d4e62a96f86fef8d84df3c38c.js Show response
info.qgamefi.com/static/ 18 KB
6 KB 13ms
13ms Script
application/javascript 47.236.120.59
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.qgamefi.com/static/a7f17d8d4e62a96f86fef8d84df3c38c.js

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.236.120.59 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

7dc008768c5b0ff8cec8a315ebf6e665a0301c0099ff67c4fc600f21ce3a3836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-oss-cdn-auth: success
content-md5: JrL2sXAdSOZ537qH5Cma6Q==
x-oss-storage-class: Standard
content-encoding: gzip
age: 73859
x-oss-object-type: Normal
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Thu, 24 Oct 2024 12:45:48 GMT
x-oss-server-time: 5
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 16:08:01 GMT
strict-transport-security: max-age=31536000
x-swift-cachetime: 2592000
timing-allow-origin: *
x-oss-hash-crc64ecma: 14782796182415636860
via: cache20.l2sg2[11,11,200-0,M], cache19.l2sg2[11,0], ens-cache1.sg17[0,0,200-0,H], ens-cache2.sg17[2,0]
ali-swift-global-savetime: 1729700089
x-swift-savetime: Wed, 23 Oct 2024 16:14:49 GMT
eagleid: a3b5a09617297739481006504e
content-length: 5026
x-oss-request-id: 671920F9316E253631D73E64
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 49ms
26ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/static/a7f17d8d4e62a96f86fef8d84df3c38c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

bf2f8642b5f7a924e720bfb52acb77ccf794b89b4a654eeb1737d7c13d0d278b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
etag: 193 / 20020 / 31088435 / config-hash: 10574999420844928906
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 12:45:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 24 Oct 2024 12:45:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33390
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
107 KB 45ms
27ms Script
application/javascript 2404:6800:4003:c1a::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MY8D6NED43

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/static/a7f17d8d4e62a96f86fef8d84df3c38c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3d5a793144b33762a1d709914b5cbdad1178f1fe5883783fcff4b5d803b56ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 24 Oct 2024 12:45:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 12:45:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108563
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 1726722996238479.jpg
files.dreame.com/wehear/ 185 KB
186 KB 962ms
917ms Image
image/jpeg 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1726722996238479.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08b0a97e29f3d9d5f00162956b306140b49a7a1591174157c20dff74f6215cfc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

vary: Origin
x-amz-version-id: tIQ11IgNIM4S8AInYeJgFdDjqtvI386i
etag: "6bc86756cb75a986cc008ae869fc1127"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 189472
x-amz-cf-id: UJkFNeCgOyFPnYj45kMnptsQrxI8Ulo2khA0baeJBDR_SJYDHJGgng==
date: Thu, 24 Oct 2024 12:45:50 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 05:16:38 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 1726111895964675.jpg
files.dreame.com/wehear/ 117 KB
117 KB 964ms
920ms Image
image/jpeg 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1726111895964675.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65e56566ebd688d7655d42c1b16e4517ebe10c3f1e605a4cc098d6790f0dae2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

vary: Origin
x-amz-version-id: V_Cwub2Nq0d8r7yVP9FxxYTVtE.UfLFA
etag: "84e805819dea4530c67b2906f0402ce4"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 119531
x-amz-cf-id: w6LSJMvKxEH9V7vJs5QyleGjgEhAiArDrFB6uORRMwzjv0biUNh9nQ==
date: Thu, 24 Oct 2024 12:45:50 GMT
content-type: image/jpeg
last-modified: Thu, 12 Sep 2024 03:31:38 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 1726111403111218.jpg
files.dreame.com/wehear/ 44 KB
45 KB 946ms
902ms Image
image/jpeg 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1726111403111218.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 481b47b376167fdebc286482a82322edec0dbfe8188a5af3c9799c7e28da3da9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

vary: Origin
x-amz-version-id: G8m2rrT.h_tzU5YyXie45IvTMlpH1wtH
etag: "33545bedf8c1d3c3008bd60e4f41be57"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 45145
x-amz-cf-id: c5rbxbR7wlWXVHgxrh_OmOQtfrwFQ8pQmbGsHWWEg7l9iRgcKtDFZA==
date: Thu, 24 Oct 2024 12:45:49 GMT
content-type: image/jpeg
last-modified: Thu, 12 Sep 2024 03:23:25 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 1726293554281542.jpg
files.dreame.com/wehear/ 82 KB
82 KB 999ms
955ms Image
image/jpeg 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1726293554281542.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 448ea963c4e6f9820b550b6fd080eed929b8727e346c738ab154d411d29d5a98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

vary: Origin
x-amz-version-id: NZmWrAo0IwLmotCbl8GyVicxvdjmw5Lr
etag: "7a7d0fe3d73ed44d573dcaa5926d9f17"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 83786
x-amz-cf-id: AT9RmsgCc6V3L_6BwjbHRiZQNgzDsVHbJtQceG5lBd-j4f1jZNTkwQ==
date: Thu, 24 Oct 2024 12:45:49 GMT
content-type: image/jpeg
last-modified: Sat, 14 Sep 2024 05:59:17 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 1725863260752959..jpeg
files.dreame.com/wehear/ 116 KB
116 KB 974ms
931ms Image
binary/octet-stream 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1725863260752959..jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0524ac2e6cc33cfd3a0f90e250de7d848bc760da6f20d9cfb52bfd10e2bc8f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-amz-version-id: VZhRuzZUYZWn5d4Esu8Y9PNUEz65Tve6
etag: "4cc358e51a4aa99dcd9eecda4291464c"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 118607
x-amz-cf-id: 9gkNPCeYbKQfZ3t3-ZEizmdgJ_Xmi0EsKwJggaeYkwPoa1asDBznvg==
date: Thu, 24 Oct 2024 12:45:49 GMT
content-type: binary/octet-stream
last-modified: Mon, 09 Sep 2024 06:27:43 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 img_1725852938716.jpg
files.wehearfm.com/wehear/cms/ 263 KB
264 KB 991ms
913ms Image
image/jpg 13.35.238.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.wehearfm.com/wehear/cms/img_1725852938716.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-99.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c77de99ebf329a7ebdffadb74fcd93981b593fe03338de3961111956be0faa49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-amz-version-id: _EGm92xL1lNtZ0hVZD4EQjOlyBuJb9Gn
etag: "c43ab316052cdc01a1cd1d69924c3bb9"
via: 1.1 b9d59b6f1b72a2be0220225e2635f970.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 269286
x-amz-cf-id: n8UlSNTWxLl5vkyl9MKyxN0K4fazhodeEyGr7pkc5aLFp0myhxYfrA==
date: Thu, 24 Oct 2024 12:45:50 GMT
content-type: image/jpg
last-modified: Mon, 09 Sep 2024 03:35:39 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P8
x-amz-server-side-encryption: AES256

GET
H2 200 1726629037214454.jpg
files.dreame.com/wehear/ 64 KB
64 KB 932ms
891ms Image
image/jpeg 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1726629037214454.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 031bce2d19759d73fb774dc78c27318dd9127ac1854274f86ebf4170fd4c71db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

vary: Origin
x-amz-version-id: MPpeVkhsp05zuXjZoBGd4qC6ne9HE56g
etag: "8415dae532bbeb9e30a96db67bf331f7"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 65228
x-amz-cf-id: i6zVAn3Ixe6V9EgsGTKzE9HvbKqbNHxS9-JhKNmMvT_WB4Ldz2wpPQ==
date: Thu, 24 Oct 2024 12:45:49 GMT
content-type: image/jpeg
last-modified: Wed, 18 Sep 2024 03:10:39 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 1726627426458720.jpg
files.dreame.com/wehear/ 58 KB
59 KB 929ms
928ms Image
image/jpeg 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1726627426458720.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96997749bee268014a02c3f2c895c7515ce473cc2926b15b84a8bb1d79f3a3b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

vary: Origin
x-amz-version-id: KN1.h5tJSjWfxZbMPKuQeRnYekQsLlbi
etag: "d9c54e0ae048f2beecc6afd47ca778b3"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 59702
x-amz-cf-id: rEvBb7VSLZGIsxJOTdPNfcQHqySMJoYb69zhPMniJoHz9dKZKRI87g==
date: Thu, 24 Oct 2024 12:45:50 GMT
content-type: image/jpeg
last-modified: Wed, 18 Sep 2024 02:43:48 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 1726628625139007..jpeg
files.dreame.com/wehear/ 102 KB
102 KB 916ms
916ms Image
binary/octet-stream 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1726628625139007..jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48f3fe675e6e98945e44c28b19916a736399d868e5f7a8e7a55b712a38a6a18b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-amz-version-id: UQ62CcyGLD6AgivoOfb6ppOuGj1ONXc6
etag: "a278633b4478185ea1d00da7b33939d8"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 104233
x-amz-cf-id: Yvskz3x6B6PpC14VoX6tpyDjYjgIlbQtCn6In2JvxSVT5mBioha1tA==
date: Thu, 24 Oct 2024 12:45:50 GMT
content-type: binary/octet-stream
last-modified: Wed, 18 Sep 2024 03:03:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 1726113037156196.png
files.dreame.com/wehear/ 1 MB
1 MB 921ms
920ms Image
image/png 2600:9000:23d2:de00:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1726113037156196.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:de00:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e17464b3018c4890a393bc0b0bc47a70567f09034abf318177647ce17c8601fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

vary: Origin
x-amz-version-id: iRUCV76MLuHk3GcqTPvMGeyypiyqokHH
etag: "91b4d8b8686e0d467bc7f34ace68699f"
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1136545
x-amz-cf-id: 7brl2KdQctGbKqYcO6KhSgcLyAbeGCYhy_aX6trn6qQ4E45dqUSVvg==
date: Thu, 24 Oct 2024 12:45:50 GMT
content-type: image/png
last-modified: Thu, 12 Sep 2024 03:50:40 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK qgamefi.com.png
files.zddnews.com/images/ 6 KB
775 B 25ms
25ms Other
image/png 163.181.81.119
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.zddnews.com/images/qgamefi.com.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.81.119 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b0e71014a0100ffdf6080c97bbcdf3acf21769416b5467d14b53945a33f33038

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

x-oss-cdn-auth: success
Content-MD5: VUMCQOfFNI4jt2IMPQ1Qvw==
x-oss-storage-class: Standard
ETag: "55430240E7C5348E23B7620C3D0D50BF"
Age: 75416
x-oss-object-type: Normal
X-Cache: HIT TCP_IMS_HIT dirn:-2:-2
Date: Wed, 23 Oct 2024 15:48:52 GMT
x-oss-server-time: 5
Last-Modified: Wed, 23 Oct 2024 15:48:50 GMT
Content-Type: image/png
X-Swift-CacheTime: 2588945
Timing-Allow-Origin: *
x-oss-hash-crc64ecma: 10438409193968869234
Via: cache17.l2sg2[0,0,200-0,H], cache10.l2sg2[0,0], cache25.sg12[0,0,304-0,H], cache12.sg12[10,0]
Ali-Swift-Global-Savetime: 1729698532
X-Swift-SaveTime: Wed, 23 Oct 2024 16:39:47 GMT
Accept-Ranges: bytes
EagleId: a3b551a017297739481941634e
Content-Length: 6388
x-oss-request-id: 67191AE4AFBCCE343343DF76
Server: Tengine

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/ 484 KB
150 KB 12ms
11ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

9d8079bd87d18a999fd66ac9a8180a5e3dcc98f2026bb55c7b0bfadf320e9550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
etag: 8346487463128917563
age: 9832
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 10:01:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 24 Oct 2024 10:01:56 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153236
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 64 B
73 B 11ms
9ms XHR
application/json 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=info.qgamefi.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

b41d0b71c20c3f7fe2acd6420a11766b5a2ea21e04f5aff16de010875e3fbe3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 12:45:48 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 49
date: Thu, 24 Oct 2024 12:45:48 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 18ms
6ms Fetch
text/plain 2404:6800:4003:c0f::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MY8D6NED43&gtm=45je4al0v9198457857za200&_p=1729773948179&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794737~101823848&cid=1078109847.1729773948&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729773948&sct=1&seg=0&dl=https%3A%2F%2Finfo.qgamefi.com%2F&dt=INFORMATION-LIST&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=412
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MY8D6NED43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://info.qgamefi.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 12:45:48 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 60BA 0
0 11ms
5ms Document
text/html 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.qgamefi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29523
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 12:33:41 GMT
expires: Thu, 24 Oct 2024 13:23:41 GMT
last-modified: Mon, 21 Oct 2024 19:45:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 31ms
12ms XHR
application/json 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

e792e244522c20ff0a41748edefac93321dd44172b4908cfb210f0e830f1564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12851
date: Thu, 24 Oct 2024 12:45:48 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 190 KB
35 KB 447ms
446ms Fetch
text/plain 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=972311716698113&correlator=809481163014776&eid=31086815%2C31088368%2C31088435%2C95344207%2C31087830&output=ldjh&gdfp_req=1&vrg=202410230101&ptt=17&impl=fifs&iu_parts=23139093903%2Cqgamefi.com%2Cqgamefi.com-300x250-102203%2Cqgamefi.com-300x250-102205&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1729773948388&lmt=1729701598&adxs=585%2C585&adys=108%2C778&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Finfo.qgamefi.com%2F&vis=1&psz=430x283%7C430x283&msz=430x250%7C430x250&fws=0%2C0&ohw=0%2C0&td=1&tan=f0a3c584-7969-4458-ba42-bcea58b45215%2Cf0a3c584-7969-4458-ba42-bcea58b45216&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729773948062&idt=271&prev_scp=ad_label%3Dnative%26ad_index%3D0%7Cad_label%3Dnative%26ad_index%3D1&adks=1500239288%2C280693288&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

b90ef73240ba97da1dc47ecc66d9226d22e365af377f69dfa327a2402a751fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
google-lineitem-id: -1,-1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 24 Oct 2024 12:45:48 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1,-1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://info.qgamefi.com
content-length: 35595
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
15 KB 613ms
612ms Fetch
text/plain 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=972311716698113&correlator=809481163014776&eid=31086815%2C31088368%2C31088435%2C95344207%2C31087830&output=ldjh&gdfp_req=1&vrg=202410230101&ptt=17&impl=fifs&iu_parts=23139093903%2Cqgamefi.com%2Cqgamefi.com-anchor-102202&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&fas=1&sc=1&cookie_enabled=1&abxe=1&dt=1729773948406&lmt=1729701598&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Finfo.qgamefi.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&tan=f0a3c584-7969-4458-ba42-bcea58b45217&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729773948062&idt=271&prev_scp=ad_label%3Dbottom&adks=403053431&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

4b534cfc83f68aac9ab456b03a0d7c37cf50f0d545d44786613fe257f561dc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 24 Oct 2024 12:45:49 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://info.qgamefi.com
content-length: 14827
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D928 0
0 23ms
5ms Document
text/html 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.qgamefi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 12:45:48 GMT
expires: Thu, 24 Oct 2024 12:45:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/ 49 KB
15 KB 4ms
4ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl_page_level_ads.js?cb=31088435

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

318fcae8525038794101510cf9dbc546bbe0a28da7e4592615b1b9134cc6c9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
etag: 2261381894698995758
age: 9820
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 10:02:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 24 Oct 2024 10:02:08 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 15700
x-xss-protection: 0
server: cafe

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 23ms
6ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 12:45:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 12:45:48 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame D4CA 0
0 17ms
4ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.qgamefi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:56:02 GMT
expires: Thu, 24 Oct 2024 12:46:02 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame A189 0
0 23ms
12ms Document
text/html 142.251.175.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f105.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5QoXC4ZPt6nJQbxOWriOXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.qgamefi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5QoXC4ZPt6nJQbxOWriOXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 12:45:48 GMT
expires: Thu, 24 Oct 2024 12:45:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5DD3 0
0 0ms
0ms Document
text/html 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.qgamefi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 12:45:48 GMT
expires: Thu, 24 Oct 2024 12:45:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A26B 0
0 0ms
0ms Document
text/html 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.qgamefi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 12:45:48 GMT
expires: Thu, 24 Oct 2024 12:45:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012406241625000/ Frame A8B1 196 KB
56 KB 34ms
6ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
etag: "cc18f0752fb26ed7"
age: 65198
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 18:39:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:39:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 56144
x-xss-protection: 0
server: sffe

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame A8B1 15 KB
5 KB 49ms
21ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
etag: "a54ee7ef81300879"
age: 65037
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 18:41:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:41:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 5218
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame A8B1 95 KB
28 KB 41ms
14ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
etag: "ed67e306da4f50af"
age: 64889
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 18:44:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:44:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 29004
x-xss-protection: 0
server: sffe

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame A8B1 5 KB
2 KB 45ms
19ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
etag: "318c9ffc754fdb7f"
age: 64284
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 18:54:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:54:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 1913
x-xss-protection: 0
server: sffe

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame A8B1 40 KB
13 KB 46ms
19ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: br
etag: "6b189ee8e91db6e8"
age: 63660
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 19:04:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 19:04:49 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 12940
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ Frame A8B1 4 KB
1 KB 31ms
11ms Stylesheet
text/css 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32f95e06752eed31f536332c3d257e10241239d70e322c54bfa75faaba09ab53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 12:45:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 12:45:49 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 24 Oct 2024 11:17:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A8B1 3 KB
3 KB 16ms
12ms Image
image/png 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 15880770647744369592
age: 27829
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 05:02:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2982
x-xss-protection: 0
date: Thu, 24 Oct 2024 05:02:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A8B1 344 B
586 B 15ms
12ms Image
image/png 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 6766994032117382215
age: 4726
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 11:27:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 344
x-xss-protection: 0
date: Thu, 24 Oct 2024 11:27:03 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A8B1
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C3nWqfEEaZ77bMbqN9fwPxaDmqQTIhpKWc82pt_P4EtvZHhABIMmp4qIBYOmCgIDUDaABk93IoALIAQngAgCoAwHIAwqqBMsCT9Bt_TEHL0ax-nxRB1t2eDo2xRO3IZrZkZ7O66dRet1L...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfdc41ff2d01a49be0000000000000000%22,%222%22:%220xd7cd3a54a3fcf61c0000000000000000%22,%223%22:%220xdc03d6...

0
20 B

16ms
8ms

Image
text/css

172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfdc41ff2d01a49be0000000000000000%22,%222%22:%220xd7cd3a54a3fcf61c0000000000000000%22,%223%22:%220xdc03d67784820f160000000000000000%22,%224%22:%220x145445f9989540130000000000000000%22,%225%22:%220x6fc9015e3716b87c0000000000000000%22},%22debug_key%22:%2216047678454055860510%22,%22debug_reporting%22:true,%22destination%22:%22https://vivaia.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22605171347%22],%2222%22:[%22true%22],%224%22:[%2210-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226969541435950841201%22}&andc=true

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/

Protocol

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 12:45:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 24 Oct 2024 12:45:49 GMT
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xfdc41ff2d01a49be0000000000000000","2":"0xd7cd3a54a3fcf61c0000000000000000","3":"0xdc03d67784820f160000000000000000","4":"0x145445f9989540130000000000000000","5":"0x6fc9015e3716b87c0000000000000000"},"debug_key":"16047678454055860510","debug_reporting":true,"destination":"https://vivaia.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["605171347"],"22":["true"],"4":["10-24"],"6":["true"]},"priority":"500","source_event_id":"6969541435950841201"}
content-type: text/css; charset=UTF-8
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfdc41ff2d01a49be0000000000000000","2":"0xd7cd3a54a3fcf61c0000000000000000","3":"0xdc03d67784820f160000000000000000","4":"0x145445f9989540130000000000000000","5":"0x6fc9015e3716b87c0000000000000000"},"debug_key":"16047678454055860510","debug_reporting":true,"destination":"https://vivaia.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["605171347"],"22":["true"],"4":["10-24"],"6":["true"]},"priority":"500","source_event_id":"6969541435950841201"}&andc=true
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 24 Oct 2024 12:45:49 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3611754436602405230/ Frame A8B1 12 KB
12 KB 32ms
31ms Image
image/jpeg 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3611754436602405230/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b4d379ba20ec7d88ae12b22656a1c1c0edfbc6a9a808223dada87a8dad37838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 12:45:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Thu, 24 Oct 2024 12:45:49 GMT
content-type: image/jpeg
last-modified: Thu, 08 Aug 2024 06:48:42 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 12571
x-xss-protection: 0
server: sffe

GET
H2 200 6443033510180982439
tpc.googlesyndication.com/simgad/ Frame A8B1 3 KB
3 KB 16ms
15ms Image
image/png 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6443033510180982439?w=100&h=100&tw=1&q=75

Requested by

Host: info.qgamefi.com
URL: https://info.qgamefi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e2cf45b6d4631d91677aba3f58577e030cd2508b55ee3562e75ef87f5ece5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

age: 104726
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 07:40:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Wed, 23 Oct 2024 07:40:23 GMT
last-modified: Wed, 10 Aug 2022 08:17:18 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 2808
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame A8B1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd8932e19da53fa8b1d9103ef3e5ab5639a442dbb9875001bbc3ae89c035268

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame A8B1 18 KB
18 KB 13ms
6ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://info.qgamefi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 197398
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 05:55:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 05:55:51 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame A8B1 18 KB
18 KB 11ms
4ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://info.qgamefi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 93711
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 10:43:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 10:43:58 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A8B1 42 B
65 B 10ms
9ms Image
image/gif 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjBPAzTyEeiYjK3qzFc0wX5XstFiSWHgBleI3hqSVp1ITJTh8sM5fB4eQ4iM4Uffoj8-Nnv6Vg268Rj7PZbZOe9U7W5-XTlZFj7WKMQEVngaVG7-JDPFzloeOlltozMvVEe7Pua_YcdffFya8qBt9Kk2HqKsXtypCEMFIt1JLo-YdIzJo3e_NxVpMIDb43HtI&sai=AMfl-YTGR--wrRQRBdtp0O1lbZcxh0MHJ6tj9czwmGooXA3AOF1aHlrBz-6-fnSmIZr8Qp4DKU2BAgoZ05BsdjC51mbYRYxwj6VRyu1DbtA-f_5155DLOgpeeRD-gU5K_Di-J8wYSD7D-y53EIG-Tz0x0g&sig=Cg0ArKJSzKII8P0H6O3oEAE&cid=CAQSTwCa7L7dLbm4KDSwP9gzn7xpCHwbycsWGc9MBKIrswSe-DoDBwKiTlhlV71xKDCPvlshFQCmUNh2-aLsUFK9HIroS2yy8xYpn_jINEyjQrkYAQ&id=ampim&o=298,1211&d=1005,124&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=148&tls=1438&g=55.645161867141724&h=100&tt=1438&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://info.qgamefi.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 12:45:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410230101&jk=972311716698113&bg=!PD-lP3DNAAbl67hexes7ADQBe5WfOMisW9u0teCCcqBfkM13tv1VKmkpecDeVPoonU63b-nYaN5y_qFLWrAfuAWVWpSYAgAAAEBSAAAABGgBB34ANuvUDnmZtZZZKSVV8Ws4URwXMom65W1UGA1VM7gaEPHgQWJrg8T-BOK3phqbW1Z4ZSB0Bed9sgoALum6iYJx3vs6_a48jcyOkhSOXla9Ssi3PXJTUmKFn93Y-LQHkHTpb49wI15wLw2ZApIL4RZRhDB-NrzTGHDZKJkn84kwtQuU4g30XXbOoVih-5VT-EC3jZeDAWT5pqxvT1LlRjD_wkADUX6DJS4_Bk7F8XqsIDJEqj3MMoszBmrf0h8wzJretaluod2cKVYruVsF5ySifzAy7zuUu3NJ3LkkwzOiFrwBvBknDWxFp1MmbyIAlgU_Vc1xQg-nXoivOY0cL-CbxgA1UVYImKjOoMvTtUatpll_NkX3nXnms1vuSWAa4zzjxsbuTt7WoH1LkqCF3ww3I5bhIylbKeXaMNBP0mWgTxMWsJ6AKy8IDRM3tqNlZX-YhGC_XcDrtbYjcNudqyWyzC0hWILWNZB6GAh4uX3AXsPQ07rpH9FiBowEXD39d4JhFbAyizgXmh8TLh0ua3hDH-h2Js9x4HLh9jvuW2jSgMPE4n8S1vM9S1dFMf41Hy7TBHPVzsit6cCn76Yqn0OsjXYerQ43xxiGwms7oKAAfBXm1yaiEL2CkINx2GVWiZKzt4nE1u-3f7mx4qpaxXA586mCT9XW7JfXEGxPmuWwZG0pwoble_f3i2ZcPYL00isqPF7GH1DGYDKbjQ0ms0ojMj_wKqwoj8wi981mmOeo2A3gDRGeYPXNm46sShBJij31c_at3a2vig8x6l-R0LqGNsbXue4zPOAuhU_OQ_EjS_i4BrbEIMxB83ea0_IxDdJL9cpEfkdhOPkQz8trruTXSG7iqYqECGEF1xA3P_SL7jq7eELD9ffQhltQ37i4Q3RXj3jlI_yXH70aIhUWwIUIPFaBF77Di-EZ_slDpBuOTSw3-JW1Znu9ueYZvtUyUQ__0x_fuCQO6-aLqgdO-Nr5A25Qe-1liYDERzlNjHzwQr7-uSCWU7CuFwYI4ndR

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.qgamefi.com/	1970-01-21 10:05:33	Name: _ga_MY8D6NED43 Value: GS1.1.1729773948.1.0.1729773948.0.0.0
.qgamefi.com/	1970-01-21 10:05:33	Name: _ga Value: GA1.1.1078109847.1729773948
.doubleclick.net/	1970-01-21 10:05:33	Name: IDE Value: AHWqTUnXvYoH8nL8rdRNv4Eb8qFC8_H-jzYjxW2-2YCOFgG_xzfCNUkemhFLXs-tkNw
.googleadservices.com/	1970-01-21 02:39:09	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 00:29:34	Name: test_cookie Value: CheckForPermission
.qgamefi.com/	1970-01-21 09:51:09	Name: __gads Value: ID=a2dadbfb49ce1b32:T=1729773948:RT=1729773948:S=ALNI_MYckXFGEbZPdQEcbk4ZtqHSEjPU-g
.qgamefi.com/	1970-01-21 09:51:09	Name: __gpi Value: UID=00000f5251bc67f3:T=1729773948:RT=1729773948:S=ALNI_MaimdQf_ume1Qx4bhIGCCuOE7TszA
.qgamefi.com/	1970-01-21 04:48:45	Name: __eoi Value: ID=b14888b702953e14:T=1729773948:RT=1729773948:S=AA-AfjbwKIcg4NTPnV8lePrWvHQC

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
e6c5dc2e24dfcc9d2de608dd0cb9eeaa.safeframe.googlesyndication.com
files.dreame.com
files.wehearfm.com
files.zddnews.com
fonts.googleapis.com
fonts.gstatic.com
info.qgamefi.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
pagead2.googlesyndication.com
13.35.238.99
142.251.10.154
142.251.10.94
142.251.12.154
142.251.12.156
142.251.175.105
163.181.81.119
172.253.118.157
2404:6800:4003:c01::5f
2404:6800:4003:c02::84
2404:6800:4003:c0f::8a
2404:6800:4003:c11::84
2404:6800:4003:c1a::61
2600:9000:23d2:de00:4:cb6e:7440:93a1
47.236.120.59
031bce2d19759d73fb774dc78c27318dd9127ac1854274f86ebf4170fd4c71db
08b0a97e29f3d9d5f00162956b306140b49a7a1591174157c20dff74f6215cfc
1b4d379ba20ec7d88ae12b22656a1c1c0edfbc6a9a808223dada87a8dad37838
22e2cf45b6d4631d91677aba3f58577e030cd2508b55ee3562e75ef87f5ece5e
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
318fcae8525038794101510cf9dbc546bbe0a28da7e4592615b1b9134cc6c9a7
32f95e06752eed31f536332c3d257e10241239d70e322c54bfa75faaba09ab53
3d52dd7c0e687b77ba3901803ccdfca345b1bf1b2fd0e6f0c69a5373edf2531d
448ea963c4e6f9820b550b6fd080eed929b8727e346c738ab154d411d29d5a98
481b47b376167fdebc286482a82322edec0dbfe8188a5af3c9799c7e28da3da9
48f3fe675e6e98945e44c28b19916a736399d868e5f7a8e7a55b712a38a6a18b
49358b60202c65f202a2707db7d22225d0aff07ebdf3cf7982c93c128aea7ba7
4b534cfc83f68aac9ab456b03a0d7c37cf50f0d545d44786613fe257f561dc4d
4bd8932e19da53fa8b1d9103ef3e5ab5639a442dbb9875001bbc3ae89c035268
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
554b4ae973cd487bdb7f42d4acea9658e89e43dc2323840ebf9aedfa1c3f3129
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
65e56566ebd688d7655d42c1b16e4517ebe10c3f1e605a4cc098d6790f0dae2f
7023f4de1277fc804b445b9f2b5ef8f48e79961d59d0d12ec55ec52d8c03886b
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
7dc008768c5b0ff8cec8a315ebf6e665a0301c0099ff67c4fc600f21ce3a3836
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
96997749bee268014a02c3f2c895c7515ce473cc2926b15b84a8bb1d79f3a3b0
9d8079bd87d18a999fd66ac9a8180a5e3dcc98f2026bb55c7b0bfadf320e9550
a0524ac2e6cc33cfd3a0f90e250de7d848bc760da6f20d9cfb52bfd10e2bc8f3
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
b0e71014a0100ffdf6080c97bbcdf3acf21769416b5467d14b53945a33f33038
b3d5a793144b33762a1d709914b5cbdad1178f1fe5883783fcff4b5d803b56ff
b41d0b71c20c3f7fe2acd6420a11766b5a2ea21e04f5aff16de010875e3fbe3c
b90ef73240ba97da1dc47ecc66d9226d22e365af377f69dfa327a2402a751fde
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
bf2f8642b5f7a924e720bfb52acb77ccf794b89b4a654eeb1737d7c13d0d278b
c77de99ebf329a7ebdffadb74fcd93981b593fe03338de3961111956be0faa49
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e17464b3018c4890a393bc0b0bc47a70567f09034abf318177647ce17c8601fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e792e244522c20ff0a41748edefac93321dd44172b4908cfb210f0e830f1564b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

info.qgamefi.com Open in urlscan Pro 47.236.120.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

40 %IPv6

13 Domains

15 Subdomains

16 IPs

2 Countries

2707 kBTransfer

3849 kBSize

8 Cookies

4 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

info.qgamefi.com Open in urlscan Pro
47.236.120.59 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

40 %
IPv6

13
Domains

15
Subdomains

16
IPs

2
Countries

2707 kB
Transfer

3849 kB
Size

8
Cookies

48 HTTP transactions
1 data transactions