qa.elbwaba.com Open in urlscan Pro
50.87.253.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://scrubdress.com/
Effective URL:
https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
Submission: On October 17 via manual (October 17th 2022, 4:57:21 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 74 HTTP transactions. The main IP is 50.87.253.242, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is qa.elbwaba.com.
TLS certificate: Issued by R3 on October 10th 2022. Valid for: 3 months.

This is the only time qa.elbwaba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	184.154.13.122 184.154.13.122	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
12	50.87.253.242 50.87.253.242	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
74	15

1 184.154.13.122 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server1.perfecent.com

scrubdress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 50.87.253.242 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2225.bluehost.com

qa.elbwaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.business2community.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	423 KB
12	elbwaba.com qa.elbwaba.com	100 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	82 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	87 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	139 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	2 KB
1	gstatic.com www.gstatic.com	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8724	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	693 B
1	business2community.com www.business2community.com — Cisco Umbrella Rank: 194214	100 KB
1	ois.is ois.is — Cisco Umbrella Rank: 348968	709 B
1	scrubdress.com scrubdress.com	378 B
74	13

	Domain	Requested by
19	tpc.googlesyndication.com	googleads.g.doubleclick.net scrubdress.com tpc.googlesyndication.com pagead2.googlesyndication.com
12	pagead2.googlesyndication.com	qa.elbwaba.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
12	qa.elbwaba.com	www.google.com qa.elbwaba.com
10	s0.2mdn.net	scrubdress.com s0.2mdn.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	scrubdress.com
2	www.google.com	ois.is tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.business2community.com	qa.elbwaba.com
1	ois.is	scrubdress.com
1	scrubdress.com
74	16

This site contains links to these domains. Also see Links.

Domain
www.business2community.com
t.me
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.qa.elbwaba.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.business2community.com E1	`2022-09-12` - `2022-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
Frame ID: 6F04A0BE5DD44DF84F9094A5193E1373
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: 3391AC8EBE4CFD98D6AC30A39BCE3943
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&adk=1812271804&adf=3025194257&lmt=1666025837&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836959&bpp=2&bdt=462&idt=126&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8490763474587&frm=20&pv=2&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=145
Frame ID: 87677E69394A7EBAC95D35A145FF22DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836961&bpp=2&bdt=465&idt=148&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PKuCWSVCDs&p=https%3A//qa.elbwaba.com&dtd=157
Frame ID: FAF3B74E1070EB02BACC284AFE5B9A16
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=161&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XFpf9rOLbL&p=https%3A//qa.elbwaba.com&dtd=165
Frame ID: 27C2E305A03261EB6369F71D951D3187
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666025837&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=CSHUzoShm3&p=https%3A//qa.elbwaba.com&dtd=171
Frame ID: 82DBAE69685DBFD6168624815EDC680A
Requests: 9 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslGQzM45BABsdI_iTa0vkBfF0LY5NbHyWXk0o9VFMXI4fSj7z8T7MjsZc7QO9JJLzRCkqxPkbmwkdKhZz5w7QqFapHUXJ8sC1IhyB9yx4yPZJr2AuSWm8tC_PyEwTGFt9-r31fUfnyMmdP5IoekdskK03exX8-6DR1Vd9Vn_APOVmoyzgQUqErJOwDqi-WagIuVu-imLtsInnN8s9Tk-fWHjUQ-dMEOsi38hOgJ5mVbMrcgUjKQY5Ndxyadq7gcHZ3mdfjCAtOIXaSHpJyYMfTgbGBEQeI4SRpeIADGHWg4u49l_odGp0HwcsV7SH-lThVeDOvVn0IvDnFz7BSilpmxGHtBG5Camy6PTy1LQv-pyuHHkgg_hBrSOycxJpiUax8y5yqyrsUxwMSy4UX7OwJUb6-rGcTPYdKAdUyRQeq-qpdyWy5p-T7F5wtkPsDfpFDf0R948SHEGy7p0ncOCDg3ZfgSgpYnrKaTPoggK75jyBLhqh8fbqCkb3-X3Rbmqk-_mHw2MJg18gCtt1sPYBf7MYIKaf-NeV8pIZBC3s4WatKyw5tXYov3UHYVxmZ-21rhy6gBlUTf6HpdNE690mTNAqebeRcO8KcHiuPMDeaSfslz3VK3aKPDjkxsZt6AfgVAQY1SAJaeef2VvL6xaR0GnGj-wFigs_0eNT8iHoULjFxu9uca25IDsQ2rU1esj2J_fqlkXMnnLU8XdgRI-wslZYcUKwYnYhBSaeEzsaJldV9icVADa2UNn7SxMs72LRQW2ErpPpfHVO5WIBN3fr_wbJX6ln1Kq1SE68-iUTgKc6OocOVKK_EXxhd3lild8c-T5l8Ji0_5ugpM3NUg2Je6FNcUVB472m_diAoEoLvHPn_SX__3WhMY7dpkzRu9C7ypELpDxWeT5Zr4m5n-5X20VKjjVcq_U6nKxIcna-cFZ32hmmtiNYsPNi_gmbG1niAFwBvQOcowvUJj0HZPTOJ_0CQHdTgocF-8V1qKYkW4qzc7DNglT6Jbyhk5Qc9kRIil88Knp3W-cX4HNvR0erJSOaJm9aNwRifQDk8_zEKJ0G3pw&sai=AMfl-YQPjfokc5xlOB51C88ahNmxM0bsB-NFwWF2Q3kPfeFGDJVgBf9LYJSgqo11h93AN8_AJ_s6LGNtPgCCPJWJunA2L4WTYZKMgMsafYUg6Vd1uTBF2nyI_jDfuq1RgWBoxOcYwQ1GSFX4SpQwhBGmUBhHGOV5W1MTfoqQwT4HJIyzeampRsu7H4CpMuijUgoSe-ALTdcehirSQMHOwOSjUG-VSmYtMAl22xm8CShEdBuRfWstZXWK2g&sig=Cg0ArKJSzA7zLLghrb-4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 0EA89231D7EC2E667C860932A274065C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80C832F9DCB4AD11E8330C29B181D459
Requests: 3 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZmfE2WwY3BmKW_DFUoLCtiSN-Zy6le2hjaNGZUm76DNx729drdnBcjfx6WikynlNXL8IgqUlDK674m6CBLsB2NoZZg3aUOm007ca-YOF4Z6kK3yoY3D7KSWQLvPNGDq5GSPKpgBR9bk8FP5f4MLMAONRwUNJ_8gIv1_0XT4lUbe6eiEsiutP5lBpxzuAoELQ28c1okgXDLJ4pwzrAh50lxGhgjqJ16U1PrZBHb7kroYd_rWfJuMjQcPPA_kpP4Z-HHoWMVZcedev6QS4o8dmItWOboqOdLSYGmniE6Gxsq6Tmeur1JsGxfPUh1r1gRySu0N6zfDkF2nsQvbn1akx-qjgJ36Bds7PmwIopB_MfK4EKJT-qktLN6HBndTy95pv5pHXBBiOGQXTbYCODSkzwjQomoSAH_B3SZUxyi_EtMOnG60D0hI7vHxO4KevwCTXvQWMbVLd49OUUu8bKJVykuW2t-G6emIOVAdzdPnyAnQ7E115isLn3OSaj1TPufNfuLmDjY1FA15TcAg6W_Xjo-vivZGovU47Fo1pBlODmwjaqZXxTBdulQqlkfeevIh5ht2JokdHf-QkbaGr2ry2sGYzxw89La8XNvHCowrr_riJFOjevkYk4fsxKqcg6bPY73YqsBit82_eAMY23uGvBrsL6NZpGysR5YIh_2qblmc57UwtPl_LuQPAvtoWPDn6gRqiOj7vXunh0ACImBZ6uhjCjbmwpGqRwxInt6xVZlZXPCNAPrGqa4ntL26Kb2VNQjwficoYQI-ArN3pmZiCvbhbxxFx1m0XHU2cFq5q_5kiyaCC6SH9tZu6eFkXv8YSfX3ldtk4RICzVMkEtP50UMiY_R8AgzNSeoB0wh46g-NaoWRQnG5GhIYwo7f1cTRbgfljoVe2Gd5lkf04JwqmVqhHVICM89yuOspH-KyQvmEkkL8zL0COJ_toIL9rqqMUHB87OFYi25NmnloFWOc_U2t6doagx5RhB_F_sjE1YtI6aAnCexDl7-hE95_0y07ODrq4dTs4g0eBwZrooaWZMUO0N1eUkWBSYTg&sai=AMfl-YTLflPzxkzAVvMa0ovGNonVhN8vIzrqziU0MZp_iSwNGzW-kr9NdoJuyv5wCXTffsVDg9xSekXouqPPYF6Y7M5BH3eme-rsOxEuPFzdtAfczpVX1O1MX2yUODbJxjNzfcDPG00Jks0JHbB6Sxd4_5mfpmrBnwzHCY0x1h7_4dnsY_6bUmQ6XCUmSADRdeQjnHzxBC7t50yONK6IJ-4Os0QkysyUmDjPEpACtAd9Bhf0PBOKQN8xtg&sig=Cg0ArKJSzEqWRB-PxBEjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: B0A2A4D32A9410AB5EC4CB6B4ABCFE23
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
Frame ID: F6568E2C2EA08E113D00BC3B8DCF0936
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E92E31B8CF82CBED7D7372C07C96A6D4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
Frame ID: D1BCA2FE9EFE9BC139A276B0EF5008F1
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FCBB6AECE3F00F91FA099F2B5F05B37
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A5436F9D82CE7FD8844EBC523602087
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

14 Best Play to Earn Games in 2023 - Top Crypto

Page URL History Show full URLs

http://scrubdress.com/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/5/14-best-play-to-earn-... Page URL
https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

99 %
HTTPS

79 %
IPv6

13
Domains

16
Subdomains

15
IPs

2
Countries

952 kB
Transfer

2444 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.business2community.com/visit/tamadoge
Title: Tamadoge

Search URL Search Domain Scan URL

URL: https://www.business2community.com/cryptocurrency/best-move-to-earn-crypto
Title: move to earn

Search URL Search Domain Scan URL

URL: https://t.me/TamadogeOfficial
Title: Telegram

Search URL Search Domain Scan URL

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://scrubdress.com/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023&ved=2ahUKEwikmfGU7N36AhVvR_EDHWOBBVoQFnoECAsQAQ&usg=AOvVaw2qN2FJcTlh-4Mhk5YbGLhH Page URL
https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
scrubdress.com/ 145 B
378 B 358ms
229ms Document
text/html 184.154.13.122
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://scrubdress.com/
Protocol: HTTP/1.1
Server: 184.154.13.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server1.perfecent.com
Software: Apache / PHP/7.2.34
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 17 Oct 2022 16:57:14 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.34

GET
H2 200 logo.png
ois.is/images/ 471 B
709 B 107ms
50ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Requested by: Host: scrubdress.com
URL: http://scrubdress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://scrubdress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75ba92810cf25c38-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 17 Oct 2022 16:57:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcSpmKCVntL52CbXURrAxfuVaZe7L3BdkEfQ7m6NdfT7q9Avif0hfa7SON7uiTbwf3DQ7FzQHBVt3j0P1zK%2BMg%2BABIp9Txa%2FxbMHvK1rSQ3UuZDzGesx0iv1lZZFUDV1tzAdXVc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 url
www.google.com/ 990 B
1 KB 83ms
42ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023&ved=2ahUKEwikmfGU7N36AhVvR_EDHWOBBVoQFnoECAsQAQ&usg=AOvVaw2qN2FJcTlh-4Mhk5YbGLhH

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 491
content-type: text/html; charset=UTF-8
date: Mon, 17 Oct 2022 16:57:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request 14-best-play-to-earn-games-in-2023 Show response
qa.elbwaba.com/5/ 24 KB
9 KB 651ms
199ms Document
text/html 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023&ved=2ahUKEwikmfGU7N36AhVvR_EDHWOBBVoQFnoECAsQAQ&usg=AOvVaw2qN2FJcTlh-4Mhk5YbGLhH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 73b60956291a2583d6a8cb8ef8627930ce06023c28d5ea917238c7ad0cf350e7

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 8870
content-type: text/html; charset=utf-8
date: Mon, 17 Oct 2022 16:57:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
x-nginx-cache: WordPress

GET
H2 200 qa-styles.css
qa.elbwaba.com/qa-theme/SnowFlat/ 70 KB
18 KB 167ms
166ms Stylesheet
text/css 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Apr 2021 04:04:58 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Wed, 16 Nov 2022 16:57:16 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
qa.elbwaba.com/qa-content/ 87 KB
38 KB 322ms
321ms Script
application/javascript 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Apr 2021 04:04:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Mon, 17 Oct 2022 22:57:16 GMT

GET
H2 200 qa-global.js Show response
qa.elbwaba.com/qa-content/ 20 KB
7 KB 164ms
164ms Script
application/javascript 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Apr 2021 04:04:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7211
expires: Mon, 17 Oct 2022 22:57:16 GMT

GET
H2 200 snow-core.js Show response
qa.elbwaba.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 163ms
163ms Script
application/javascript 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Apr 2021 04:04:58 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1047
expires: Mon, 17 Oct 2022 22:57:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
54 KB 100ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f97319a672469f97e64194d97b0b42e42f87dcf8c8d7f55142412e685d9155a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54263
x-xss-protection: 0
server: cafe
etag: 6158440843378259766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 16:57:16 GMT

GET
H2 200 tama-presale-12-7-900x404.png
www.business2community.com/wp-content/uploads/2022/09/ 100 KB
100 KB 90ms
32ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.business2community.com/wp-content/uploads/2022/09/tama-presale-12-7-900x404.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb3ef053c8d028495e7da78e5913caeb78dca28081f633227251de3d09961fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 351426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 102129
last-modified: Mon, 19 Sep 2022 11:18:15 GMT
server: cloudflare
etag: "63284ff7-18ef1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhQsawyn0Ute5S4JUKtj2bAO8jef3tSwsaAb0Ddg5B%2FxzUYdB29J2ZGwplxHyVJJhb8VReC5QfP4jOkVDbNJZtyOkgx4bUcc1UsDz6I4kBX4mxQ0Rf3R4YlyZanjx6ugq81u5ySGYuMlryNvLhDUJOauH4XYtmZlbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75ba92889d43717b-DUS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
54 KB 82ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1124263613222640

Requested by

Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa8da3fd6e3efdb0bb033d9e49d440bf745a206f600f7094634477f923f5bca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Origin: https://qa.elbwaba.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54278
x-xss-protection: 0
server: cafe
etag: 15363291762414958547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 16:57:16 GMT

GET
H2 200 vote-buttons-3.png
qa.elbwaba.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 163ms
162ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
x-nginx-cache: WordPress
last-modified: Sat, 01 Aug 2020 04:52:10 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1457
expires: Tue, 17 Oct 2023 16:57:16 GMT

GET
H2 200 fontello.woff
qa.elbwaba.com/qa-theme/SnowFlat/fonts/ 7 KB
7 KB 166ms
166ms Font
font/woff 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.elbwaba.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
x-nginx-cache: WordPress
last-modified: Tue, 26 Jul 2016 07:31:58 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7200
expires: Mon, 17 Oct 2022 22:57:16 GMT

GET
H2 200 answer-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 172ms
171ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2867
expires: Tue, 17 Oct 2023 16:57:16 GMT

GET
H2 200 link-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 170ms
170ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3026
expires: Tue, 17 Oct 2023 16:57:16 GMT

GET
H2 200 comment-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 168ms
168ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2906
expires: Tue, 17 Oct 2023 16:57:16 GMT

GET
H2 200 search-icon-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/ 1 KB
1 KB 171ms
171ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1412
expires: Tue, 17 Oct 2023 16:57:16 GMT

GET
H2 200 spinner-icon-14x14.gif
qa.elbwaba.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 167ms
167ms Image
image/gif 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7781
expires: Tue, 17 Oct 2023 16:57:16 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 352 KB
116 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bb4b7d7871f1367264ff579417a17506457830aacda9c077f5cedada824be1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118624
x-xss-protection: 0
server: cafe
etag: 16692534173810263547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 16:57:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame 3391 10 KB
5 KB 56ms
15ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Oct 2022 20:59:28 GMT
etag: 9671129459699598864
expires: Sun, 30 Oct 2022 20:59:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
693 B 107ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.elbwaba.com&callback=_gfp_s_&client=ca-pub-1124263613222640&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1124263613222640&plah=qa.elbwaba.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

910abe1db77e5cc87f069308472465ab4279087f2206d1d9dd944a10083695bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 148ms
52ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qa.elbwaba.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 100ms
35ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.elbwaba.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8767 0
19 B 167ms
113ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&adk=1812271804&adf=3025194257&lmt=1666025837&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836959&bpp=2&bdt=462&idt=126&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8490763474587&frm=20&pv=2&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=145

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 16:57:17 GMT
expires: Mon, 17 Oct 2022 16:57:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAF3 74 KB
31 KB 685ms
646ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836961&bpp=2&bdt=465&idt=148&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PKuCWSVCDs&p=https%3A//qa.elbwaba.com&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2003d9e3ab5c3e9d1642dee8be520347d77223ac1ddbea93c82583a94bf125f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31465
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 16:57:17 GMT
expires: Mon, 17 Oct 2022 16:57:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27C2 74 KB
31 KB 809ms
780ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=161&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XFpf9rOLbL&p=https%3A//qa.elbwaba.com&dtd=165

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b9828ea363c009ddae05eb49a71000fe78150b6ce0ce9d44eedcba186117abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31323
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 16:57:17 GMT
expires: Mon, 17 Oct 2022 16:57:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82DB 73 KB
21 KB 622ms
600ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666025837&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=CSHUzoShm3&p=https%3A//qa.elbwaba.com&dtd=171

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e7c8622ac02e1dcff60723580cb80c7ac64a333e4416def6b99a99b334f4d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21237
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 16:57:17 GMT
expires: Mon, 17 Oct 2022 16:57:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 82DB 3 KB
1 KB 74ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666025837&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=CSHUzoShm3&p=https%3A//qa.elbwaba.com&dtd=171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 16:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 16:38:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 16:57:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 82DB 2 KB
984 B 69ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:57:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 82DB 23 KB
10 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 08:27:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 82DB 3 KB
1 KB 64ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 14:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 14:07:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 82DB 17 KB
7 KB 67ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:55:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82DB 152 KB
47 KB 50ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 16:57:17 GMT

GET
H2 200 fed584b8ce81e04d8838584f2ea59ee6.js Show response
www.gstatic.com/mysidia/ Frame 82DB 33 KB
14 KB 66ms
16ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fed584b8ce81e04d8838584f2ea59ee6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 00:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13787
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 23:46:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 Jan 2023 00:28:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 82DB 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMA5hbYlNY5LmDrGXqMwPq62-8AP5uLLmbOb_nLivEPD9xaGRDhABIJSpqIQBYJXikIKgB6AB_NHe4wPIAQapAlAvywoFZ7A-qAMByAMCqgTxAU_QowetDVTTGXWK_lRikrdw5OCMky4SUmZJr23zdaF2rQi8NmYegPWRqu_ha2JYbN3sDHeQHkBmkYTWyO2w6c-3r0kebtvBtHVAcekE8gS3JsVO6m3nWSM7TTvZnoACiAvN0mmRbXRiKQTLbeC-eAbmMLFxf3ijOVlcscsq0FIe3mWA_SDnZvKYgA9yidJNfNGOgbMGBFPdaUg3QBtmQ2qZvTpXn6qQPVw_J5BDAxH-ExniWl18RuXHQEA7OfKl7z6qcKJPBPV703djLWUF2wxrBB6_FdA9PPcXJp1vOlCJuDNyJo7jzSVWcuwp0rAPnt_ABNaHx9WUBJIFBAgEGAGSBQQIBRgEoAY3gAeJwpeCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBD_zQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi0xMTI0MjYzNjEzMjIyNjQwGAA&sigh=-sk-mz8-AA8&uach_m=[UACH]&cid=CAQSGwDq26N9tN2rDNfwUmP6tiWAwM29jedIRb6vChgBIA4&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666025837&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=CSHUzoShm3&p=https%3A//qa.elbwaba.com&dtd=171
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 16:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Oct 2022 16:57:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0EA8 0
0 126ms
64ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslGQzM45BABsdI_iTa0vkBfF0LY5NbHyWXk0o9VFMXI4fSj7z8T7MjsZc7QO9JJLzRCkqxPkbmwkdKhZz5w7QqFapHUXJ8sC1IhyB9yx4yPZJr2AuSWm8tC_PyEwTGFt9-r31fUfnyMmdP5IoekdskK03exX8-6DR1Vd9Vn_APOVmoyzgQUqErJOwDqi-WagIuVu-imLtsInnN8s9Tk-fWHjUQ-dMEOsi38hOgJ5mVbMrcgUjKQY5Ndxyadq7gcHZ3mdfjCAtOIXaSHpJyYMfTgbGBEQeI4SRpeIADGHWg4u49l_odGp0HwcsV7SH-lThVeDOvVn0IvDnFz7BSilpmxGHtBG5Camy6PTy1LQv-pyuHHkgg_hBrSOycxJpiUax8y5yqyrsUxwMSy4UX7OwJUb6-rGcTPYdKAdUyRQeq-qpdyWy5p-T7F5wtkPsDfpFDf0R948SHEGy7p0ncOCDg3ZfgSgpYnrKaTPoggK75jyBLhqh8fbqCkb3-X3Rbmqk-_mHw2MJg18gCtt1sPYBf7MYIKaf-NeV8pIZBC3s4WatKyw5tXYov3UHYVxmZ-21rhy6gBlUTf6HpdNE690mTNAqebeRcO8KcHiuPMDeaSfslz3VK3aKPDjkxsZt6AfgVAQY1SAJaeef2VvL6xaR0GnGj-wFigs_0eNT8iHoULjFxu9uca25IDsQ2rU1esj2J_fqlkXMnnLU8XdgRI-wslZYcUKwYnYhBSaeEzsaJldV9icVADa2UNn7SxMs72LRQW2ErpPpfHVO5WIBN3fr_wbJX6ln1Kq1SE68-iUTgKc6OocOVKK_EXxhd3lild8c-T5l8Ji0_5ugpM3NUg2Je6FNcUVB472m_diAoEoLvHPn_SX__3WhMY7dpkzRu9C7ypELpDxWeT5Zr4m5n-5X20VKjjVcq_U6nKxIcna-cFZ32hmmtiNYsPNi_gmbG1niAFwBvQOcowvUJj0HZPTOJ_0CQHdTgocF-8V1qKYkW4qzc7DNglT6Jbyhk5Qc9kRIil88Knp3W-cX4HNvR0erJSOaJm9aNwRifQDk8_zEKJ0G3pw&sai=AMfl-YQPjfokc5xlOB51C88ahNmxM0bsB-NFwWF2Q3kPfeFGDJVgBf9LYJSgqo11h93AN8_AJ_s6LGNtPgCCPJWJunA2L4WTYZKMgMsafYUg6Vd1uTBF2nyI_jDfuq1RgWBoxOcYwQ1GSFX4SpQwhBGmUBhHGOV5W1MTfoqQwT4HJIyzeampRsu7H4CpMuijUgoSe-ALTdcehirSQMHOwOSjUG-VSmYtMAl22xm8CShEdBuRfWstZXWK2g&sig=Cg0ArKJSzA7zLLghrb-4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: scrubdress.com
URL: http://scrubdress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 16:57:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Oct 2022 16:57:17 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0EA8 106 KB
38 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: scrubdress.com
URL: http://scrubdress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Oct 2022 08:52:50 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0EA8 41 KB
15 KB 82ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: scrubdress.com
URL: http://scrubdress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 10:22:29 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 0EA8 35 KB
14 KB 71ms
29ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836961&bpp=2&bdt=465&idt=148&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PKuCWSVCDs&p=https%3A//qa.elbwaba.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 19:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14245
x-xss-protection: 0
server: cafe
etag: 192306719259198832
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 19:20:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 0EA8 3 KB
1 KB 88ms
47ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 14:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 14:07:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 0EA8 17 KB
7 KB 62ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:55:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EA8 152 KB
46 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 16:57:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 0EA8 23 KB
9 KB 61ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 08:27:09 GMT

GET
DATA 200
OK truncated
/ Frame 0EA8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4e0cb7343b362794075b68496f30d1a27e1b3ff018621db7d7aaa6894c957f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 80C8 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 292039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 07:49:58 GMT
expires: Sat, 14 Oct 2023 07:49:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B0A2 0
0 142ms
90ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZmfE2WwY3BmKW_DFUoLCtiSN-Zy6le2hjaNGZUm76DNx729drdnBcjfx6WikynlNXL8IgqUlDK674m6CBLsB2NoZZg3aUOm007ca-YOF4Z6kK3yoY3D7KSWQLvPNGDq5GSPKpgBR9bk8FP5f4MLMAONRwUNJ_8gIv1_0XT4lUbe6eiEsiutP5lBpxzuAoELQ28c1okgXDLJ4pwzrAh50lxGhgjqJ16U1PrZBHb7kroYd_rWfJuMjQcPPA_kpP4Z-HHoWMVZcedev6QS4o8dmItWOboqOdLSYGmniE6Gxsq6Tmeur1JsGxfPUh1r1gRySu0N6zfDkF2nsQvbn1akx-qjgJ36Bds7PmwIopB_MfK4EKJT-qktLN6HBndTy95pv5pHXBBiOGQXTbYCODSkzwjQomoSAH_B3SZUxyi_EtMOnG60D0hI7vHxO4KevwCTXvQWMbVLd49OUUu8bKJVykuW2t-G6emIOVAdzdPnyAnQ7E115isLn3OSaj1TPufNfuLmDjY1FA15TcAg6W_Xjo-vivZGovU47Fo1pBlODmwjaqZXxTBdulQqlkfeevIh5ht2JokdHf-QkbaGr2ry2sGYzxw89La8XNvHCowrr_riJFOjevkYk4fsxKqcg6bPY73YqsBit82_eAMY23uGvBrsL6NZpGysR5YIh_2qblmc57UwtPl_LuQPAvtoWPDn6gRqiOj7vXunh0ACImBZ6uhjCjbmwpGqRwxInt6xVZlZXPCNAPrGqa4ntL26Kb2VNQjwficoYQI-ArN3pmZiCvbhbxxFx1m0XHU2cFq5q_5kiyaCC6SH9tZu6eFkXv8YSfX3ldtk4RICzVMkEtP50UMiY_R8AgzNSeoB0wh46g-NaoWRQnG5GhIYwo7f1cTRbgfljoVe2Gd5lkf04JwqmVqhHVICM89yuOspH-KyQvmEkkL8zL0COJ_toIL9rqqMUHB87OFYi25NmnloFWOc_U2t6doagx5RhB_F_sjE1YtI6aAnCexDl7-hE95_0y07ODrq4dTs4g0eBwZrooaWZMUO0N1eUkWBSYTg&sai=AMfl-YTLflPzxkzAVvMa0ovGNonVhN8vIzrqziU0MZp_iSwNGzW-kr9NdoJuyv5wCXTffsVDg9xSekXouqPPYF6Y7M5BH3eme-rsOxEuPFzdtAfczpVX1O1MX2yUODbJxjNzfcDPG00Jks0JHbB6Sxd4_5mfpmrBnwzHCY0x1h7_4dnsY_6bUmQ6XCUmSADRdeQjnHzxBC7t50yONK6IJ-4Os0QkysyUmDjPEpACtAd9Bhf0PBOKQN8xtg&sig=Cg0ArKJSzEqWRB-PxBEjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: scrubdress.com
URL: http://scrubdress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 16:57:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B0A2 106 KB
37 KB 125ms
55ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: scrubdress.com
URL: http://scrubdress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Oct 2022 08:52:50 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B0A2 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: scrubdress.com
URL: http://scrubdress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 10:22:29 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame B0A2 35 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=161&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XFpf9rOLbL&p=https%3A//qa.elbwaba.com&dtd=165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 19:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14245
x-xss-protection: 0
server: cafe
etag: 192306719259198832
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 19:20:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame B0A2 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=161&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XFpf9rOLbL&p=https%3A//qa.elbwaba.com&dtd=165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 14:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 14:07:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame B0A2 17 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=161&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XFpf9rOLbL&p=https%3A//qa.elbwaba.com&dtd=165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:55:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0A2 152 KB
46 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=161&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XFpf9rOLbL&p=https%3A//qa.elbwaba.com&dtd=165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 16:57:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame B0A2 23 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=306952042&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666025837&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F5%2F14-best-play-to-earn-games-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666025836963&bpp=1&bdt=466&idt=161&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=8490763474587&frm=20&pv=1&ga_vid=1214359617.1666025837&ga_sid=1666025837&ga_hid=1622567615&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44770880%2C31065825&oid=2&pvsid=1645961971969373&tmod=483995104&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XFpf9rOLbL&p=https%3A//qa.elbwaba.com&dtd=165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 08:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 08:27:09 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/ Frame F656 4 KB
2 KB 91ms
37ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0ce409f38eb4d4ab4b89f64dd74e339bbda0561a2a2c2d345a21305636e673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 358283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1565
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 13:25:55 GMT
expires: Fri, 13 Oct 2023 13:25:55 GMT
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E92E 22 KB
8 KB 36ms
31ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 292040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 07:49:58 GMT
expires: Sat, 14 Oct 2023 07:49:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 80C8 36 KB
16 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 05:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 05:27:36 GMT

GET
DATA 200
OK truncated
/ Frame B0A2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d04b23160b197b50f758713be303e37485070b488be8629d505c7729dc98d62f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 style.css
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/ Frame F656 3 KB
1 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e2a37ec9babf7ebb24c1667f9624df292b7595e0f1bf9d0ebcd54be8b915e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 21:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Oct 2023 21:34:48 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/scripts/ Frame F656 2 KB
638 B 47ms
47ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d44dd867f44722158fd47846c41a31d4d58d37d40c8e317fb9d86dcd5d4ec590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 609
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 16:37:12 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame E92E 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 05:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 05:27:36 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/ Frame D1BC 4 KB
2 KB 37ms
37ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0ce409f38eb4d4ab4b89f64dd74e339bbda0561a2a2c2d345a21305636e673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 358283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1565
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 13:25:55 GMT
expires: Fri, 13 Oct 2023 13:25:55 GMT
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 search.png
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/images/ Frame F656 514 B
541 B 37ms
37ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/images/search.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 11:35:25 GMT
x-content-type-options: nosniff
age: 451313
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 11:35:25 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/ Frame D1BC 3 KB
1 KB 31ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e2a37ec9babf7ebb24c1667f9624df292b7595e0f1bf9d0ebcd54be8b915e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 21:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Oct 2023 21:34:48 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/scripts/ Frame D1BC 2 KB
638 B 32ms
31ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d44dd867f44722158fd47846c41a31d4d58d37d40c8e317fb9d86dcd5d4ec590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 609
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 16:37:12 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80C8 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH1R8bYlNY5X4DvmBqMwPvO6sgA4AAAAAOAHgBAI&bg=!QEOlQwfNAAYeOJy_Pjg7ACkAdvg8WoI8Fjj_wTQhjL6uY8PQDNUvVR_1QNH5M1o8_FPzA1IZRZZ6TAIAAACZUgAAAAJoAQcKAI-aLyhIe-hFIEmYZLbwOheso_a3OVFw61uKfk-xROilDwlK6um8Lj9cGAUUhFaOBLUxChlLwjqWsLduu0DxVzOuWpqAVkp3M7199l6wK_kSXYzUqkvznhqMXZC1oodsNyoE-glm1_mLQZx9tbzAYCZrE4JWqbCQLSSQN1fkkeZ_BS9U0-PRAyBQCT5Grj0_5pkC6yrEKMRHgLb3hy7p4EOosiHOLPwdZhFKmn562NDF_61hP8yNwCH1-06XMGwATUHqQgoe--559tBlt3jfCtPrEeeRbt0tE3kZIKFfauoZHrgnNcbrthh3b6yrG3ExAghbaYfx39ujpAi2tOOSKMTu91v_Gy2t6vCOaoQSr_Ab9HmvGWMsX4bpulsYcS9qZsebtijPSlKlGM2vQwXTe6wjbKreJfxZcX7ATwvB61Lt0sozv03w8wXF4czMdpbVMTT5dx2gs7kX7tvUh7k2YQSs25bdumcXRrL53z4x_MpBcaua3MEHmNl90Gcpx10uJrmhOzMDMO6FZITTDQDGqv7poOS83RdrTcUCwDSsjmeIG9hSaETZ9oIl-LVVWgXuHWIFZHHEEfpwGk1se7ylDIUKbG0UpE0PBHCAoN56v5OEJkwSe9I7tvRKcR5mh9SqxPjUihdUmBUli-oJHmaM9MFnOL9QpGhpeNTsQpibDbYrxsibbTaL_8Xchxc_b_RwhqXXobG9Bl4JgYnfNb9CaZDhLOGQ16mVFluaUDEc2i4UvLgOdZ67_XtVIP4tZXRj7uM00VI1WLF9bXrKP5qYceph4djbp8OoVtUIi_JQRz2ZspyJYIfzm1pGi7ESI2tJQLY2GbDUQqsDro7Hlcg2L-_u-c_S1l_9iqCPldUSyUBhFqapiMg2SCYYG60OPDI4WNpiU8Mcc8MgeOGYQ9gY3FIV9OdsKf07O2yr8oy0U5KldUjD7vGQ3AVgRTRTNowY9OWyu5Fqsh7QMfHm0UK1_CvC23_4ctEXaB5sLcpzrHAM4HK7sR_Wb5X5iAJxhnRTaoX_mYUYgPYGpFGUSMle-MKU0AyJWhsV9Dz4cT6zx0fTOaFlg7WHt3n_XPL2AVLjbqUd7XWxy6ffDRMTNyU5k1l1-Y7OQOM3WO2epb5LTeaYlGq6daCZ7ZD1cj-0mJGpz58Xl571ISB87YAcFML1XlbdMHsPR75ZYeBL8BAahw

Requested by

Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/5/14-best-play-to-earn-games-in-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 16:57:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 search.png
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/images/ Frame D1BC 514 B
541 B 25ms
25ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/images/search.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 11:35:25 GMT
x-content-type-options: nosniff
age: 451313
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 11:35:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 107ms
31ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f065c01245ac369f6ad53decee953de20bf64f16f5c032890101f96b757ea692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11167
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E92E 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6BHsbYlNY-LbDqi3o9kPx-Gu4AMAAAAAOAHgBAI&bg=!V1SlVBDNAAYeOJy_Pjg7ACkAdvg8WmtJ2fC_sTOJEbE0l7cQJZj2woiQ38BO3-kjnYZ731Tcqdvd-AIAAAB8UgAAAAJoAQcKADiQ7buPVS7AVPwKfaWc-Hk6zNsQ70n64NLAwddHzGCn5xnvaRwYIbgkJAnnn9vnpB-ZhKtR7id-NJkC4y8enxPLVCd7jtCALkZhUdu90PbZ6-YYzo5QSWC3LerBimR46iEsZRGzFtr2mVG-2OzDoU4p1D9zwqODFTdkAZS6uB900Hdg-MLQ_kT9MS92-saittCwNTsxhpOzBAZJO2oIhz_4XZd_-SkBrKTxUENwVB9w8cYXtKLc63VM1VcAHYPceCUTieMOdIJIWuTwHbXuTdPBXNeSYeL_ZH0rP5G4kUTpQuTg8yxqv0xkKEl6QZWNQYZzVXfqk9arCt1f7vYtbf68omYOISE1TPYDscaQyccId9PbR2OlQILr-ys1qCl6snd-_ncjH2dAJfsQsXYWh3uWcFqlaFyNxG_lt0VutYBhjKOQV9S0L-a2ro0MraIEYsyftfQjEl1V0ISNYmJBnvfmYIfrULlXyiyyfhDZiQEsASavAf8SHxcbMsk3fGETfntOTVhxF0-6aE0w0pVx0zsQYPMwHN5ayFzlm38ui_9_ELYFQoHEV1YYZiiU5v9HPlcbMebZQQnYBx94_Uk5z92eLZWqb--RFtG5-hKG2y1YeGaDOzjAwvSemHJ-MHJcNaZU79JsJq1kO3eQfIwpKQIzHsDiEbCDoTJm0f9MF3YJkHgpnjoGdHHt9kfC_fwXyGzbEmowvo4eRe_g2WO4KGR8nRiHGBJm2ah5me1kIrykLbcRS-738coMzH0GApfFEX8Z-SP2Mqwtu7_c3Oxnsz0IsIWyx2CJ9LmEZzzUZ4KE-uxckCq-q2mbG9Zp9EquyTQoKj-BuQUqnjIJlI4jbClPo_J_kH1LoxBewRSIxZGqKKXTC9la1YQCaboGR5c9MU0hmkpABi9rwLvp1mynjnUP4TZHMKeTMi8dABTelGWHR0mCO1SnuECCko11lTzckML0ixl1X4GxfjTBC9cTDwJADA6xDFHOuP3ArX46EI-_ZmkFkmmp7VVmxbe7vkQcJTc4FzpkLN3DUxf1VVyADXMWUDxf8U3-wtlcaXVtDcY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 16:57:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 16:57:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FCB 13 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 15:45:34 GMT
expires: Tue, 17 Oct 2023 15:45:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A54 783 B
536 B 83ms
33ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a61914ce1994f323f2f968bda327245850d134c1dad782645684b11ebbbb909

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5UlLTI4u5CI5pZJVStzJ2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-5UlLTI4u5CI5pZJVStzJ2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 16:57:18 GMT
expires: Mon, 17 Oct 2022 16:57:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1FCB 36 KB
16 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 05:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 05:27:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A54 0
0 52ms
52ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=1645961971969373&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1FCB 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ImYOoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:57:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EA8 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiYm0qb3Jxs2eQ7o9JKfX3luqy7LzYzYPgK7xte_ca8xv5fzfLj92FjE114tfka5BhxkfK4_FLlAx7IBRXR6wze25d7gADpzhaKYUx_47P6TqSyR5QbyPnw3UvgO1K6IqydUrQTIp5qIkbpvly8OD4ggSS1QYTLo0KBQ58tJSLsRmBEtzpPju6cVLYvV59Wg&sai=AMfl-YTcDPTG6tQTMSa9T8eBxndpHJ90sbQAvWUfX6aPnVp35EoP00xu0ro6YLk2KG8G8SF4RMs6dBrcMe5Eg2o&sig=Cg0ArKJSzD7Mj_IQ_WnjEAE&cid=CAQSGwDq26N985CR-7Ye6Ff5gHhQYzMMSDxiqJ2NBBgBIA4&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=909556274&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666025837819&rpt=409&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 16:57:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221012&jk=1645961971969373&bg=!fn2lfTnNAAYeOJy_Pjg7ACkAdvg8WhDw0o90gtwMiGDcgRRA70s-sFCX-p2l46OC7qa1yjz-VS74fgIAAABWUgAAAAJoAQcKAHAHlxGEozhpKoUmMT65yaDNR5nTLj8wYZDZWOpbUYASpQmRhPQZZtJoSPA_kD-MeYLYigwmdglDoB2Jw46egi811RaCrVaXHle5UFeToljRX_NTH_tzP9w68rpCD7IVUEeZE65GtEIzWpIBQOISRwC9mQKf97pFXOST5FyvsLWMm99qM8s5D6LXPxok_DK_jCX9WXVERplPhRlNoQ6QmvTKlpP-iMmS4zsKeunzwtIZsoLCdM8gUqHLFneDv9Bw9FIlPWyzyLX-YcWMAHJZlpgO-IUK35wF0rUMmQqviU568jtn7Rx4YdYuAnPpSPhnMDxrQb34NazhOQuFrdQETESkrCpSWyiIiiXX-gDSxmxd2grtkTprNiroWZQ0nnc9o0lXhOjN6G3qypFg-k1nxVJsQM5ZvCrAsPZvqelLjuBdBOBgVeHB8YulcEYqQJqCDLB1kz_sLfg38BIJfOU3YVcx33VuBQhvVIq_l6RTykSgkIzQTTrE6lroP1UnFD5KbjQrNvveh67E46R8uS3_sKUkCMB0Ip25NKXA8tWQqUANnH57CXq3e206oEdb0a2T-P8W8CSIBHuwSEE-DAhZ8HvlbOfiB1o3x8Gf2DESldjSvQPp_USfX6ATMuNyKFMyKE69LIJYapnqqdesTWJ3Zbcj-p9zvHVLmA5au6--82KxzrgVDNeywimk2BlOgdur5LECgUtnL-bSJ5ZZO_MZpZ6qzvkaF3bVIL8kHQzI1QbxXbAAsfHeKvAw56SgIuDk9HqR69PatqEDN-c2zo6C4Tggwt8Ml5RbMzLfTLmolRafj-MFCqmVUMS5aFJ407pa_ljJjKs0MINCQjPKOGNhhe6v0OqnyEj7N94Adw3tmNdaaoxsizMJhhecNMUhlnOTBjl2XTWjD24OPDgTQusPtPnl34WKFrxbeQ__G9amk6NXsx4_lgGaHOYfziP4wAshgKrRBY20XJnvNJghoS4OCpfCK2E-X1_d5uhc-SLDeYKPl75hBY20mi3WSbMlmEBrRiZq1FkZtJWaSUrfEli2UxJkcpI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 16:16:52	Name: __Secure-ENID Value: 7.SE=alwuMyhCdFgO89CLoCXqossf3nNih6LyJsViVuriDcW2bLaFnlbCcIHnfT3viDJHRqPhiQaUJd8GuzBM-YBezKqwr9m-9PWAKRtshgrVwA6y0xst8AaSolfbEr5O4hYjVF8YRdDTEdlMR18HMJjqRFrW-wTyD-0YjzCm-vuuBmI
.google.com/	1970-01-20 16:23:05	Name: CONSENT Value: PENDING+677
qa.elbwaba.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ebc6e649590dbe593c9e79a2df02b83f
qa.elbwaba.com/	1970-01-20 06:49:58	Name: qa_key Value: 9ktrkr5jchmbm15b3yav385kz17igrvo
.elbwaba.com/	1970-01-20 16:08:41	Name: __gads Value: ID=97582658764b452b-2261366f48ce0088:T=1666025837:RT=1666025837:S=ALNI_MbWfIfkd8YaMBv8dpj1KVytC78Xow
.elbwaba.com/	1970-01-20 16:08:41	Name: __gpi Value: UID=00000b7482a9c591:T=1666025837:RT=1666025837:S=ALNI_MbW_Lguxi_Zss7rDfXpVg5ciZ5fjw
.doubleclick.net/	1970-01-20 16:08:41	Name: IDE Value: AHWqTUmS5LHX9uaHOKfxDIxlwvmAiRCqVDq8YXk5yhTOdXc1BsKKwMh7LMoIn2mZ4Qo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
qa.elbwaba.com
s0.2mdn.net
scrubdress.com
tpc.googlesyndication.com
www.business2community.com
www.google.com
www.googletagservices.com
www.gstatic.com
172.217.23.98
184.154.13.122
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:812::2001
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a06:98c1:3120::3
2a06:98c1:3121::3
50.87.253.242
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0e2a37ec9babf7ebb24c1667f9624df292b7595e0f1bf9d0ebcd54be8b915e14
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1e7c8622ac02e1dcff60723580cb80c7ac64a333e4416def6b99a99b334f4d36
2003d9e3ab5c3e9d1642dee8be520347d77223ac1ddbea93c82583a94bf125f7
2a61914ce1994f323f2f968bda327245850d134c1dad782645684b11ebbbb909
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9828ea363c009ddae05eb49a71000fe78150b6ce0ce9d44eedcba186117abc
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
73b60956291a2583d6a8cb8ef8627930ce06023c28d5ea917238c7ad0cf350e7
7bb4b7d7871f1367264ff579417a17506457830aacda9c077f5cedada824be1e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
910abe1db77e5cc87f069308472465ab4279087f2206d1d9dd944a10083695bb
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9b0ce409f38eb4d4ab4b89f64dd74e339bbda0561a2a2c2d345a21305636e673
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
aa8da3fd6e3efdb0bb033d9e49d440bf745a206f600f7094634477f923f5bca9
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
bb3ef053c8d028495e7da78e5913caeb78dca28081f633227251de3d09961fa7
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792
d04b23160b197b50f758713be303e37485070b488be8629d505c7729dc98d62f
d44dd867f44722158fd47846c41a31d4d58d37d40c8e317fb9d86dcd5d4ec590
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f065c01245ac369f6ad53decee953de20bf64f16f5c032890101f96b757ea692
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f4e0cb7343b362794075b68496f30d1a27e1b3ff018621db7d7aaa6894c957f9
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f97319a672469f97e64194d97b0b42e42f87dcf8c8d7f55142412e685d9155a1
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

qa.elbwaba.com Open in urlscan Pro 50.87.253.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

79 %IPv6

13 Domains

16 Subdomains

15 IPs

2 Countries

952 kBTransfer

2444 kBSize

7 Cookies

5 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qa.elbwaba.com Open in urlscan Pro
50.87.253.242 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

79 %
IPv6

13
Domains

16
Subdomains

15
IPs

2
Countries

952 kB
Transfer

2444 kB
Size

7
Cookies

74 HTTP transactions
2 data transactions