qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trailmagic.org/
Effective URL:
https://qa.cr-halal.com/3/what-is-a-crypto-exchange
Submission: On November 02 via manual (November 2nd 2022, 1:13:28 pm UTC) from IN — Scanned from DE

Summary HTTP 163 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 24 domains to perform 163 HTTP transactions. The main IP is 66.29.132.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is qa.cr-halal.com. The Cisco Umbrella rank of the primary domain is 707798.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 9th 2022. Valid for: a year.

This is the only time qa.cr-halal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.185.180.160 192.185.180.160	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
14	66.29.132.14 66.29.132.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3 13	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
163	26

1 192.185.180.160 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-180-160.unifiedlayer.com

trailmagic.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 66.29.132.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium197-2.web-hosting.com

qa.cr-halal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	592 KB
36	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367	203 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com	163 KB
14	cr-halal.com qa.cr-halal.com — Cisco Umbrella Rank: 707798	82 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	222 KB
8	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	7 KB
8	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 134	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	280 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	5 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 922	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 313	3 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 483	921 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 2255	414 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 989	797 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 5594	914 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1394	356 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2229	296 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 899	98 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	695 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2041	338 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	75 KB
1	ois.is ois.is — Cisco Umbrella Rank: 311558	722 B
1	trailmagic.org trailmagic.org	384 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
163	24

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net
23	pagead2.googlesyndication.com	qa.cr-halal.com pagead2.googlesyndication.com googleads.g.doubleclick.net trailmagic.org tpc.googlesyndication.com s0.2mdn.net www.gstatic.com www.googletagservices.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net trailmagic.org
14	qa.cr-halal.com	www.google.com qa.cr-halal.com
13	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
12	www.gstatic.com	googleads.g.doubleclick.net
11	s0.2mdn.net	trailmagic.org s0.2mdn.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.google.com	3 redirects ois.is googleads.g.doubleclick.net tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	trailmagic.org
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	qa.cr-halal.com
1	ois.is	trailmagic.org
1	trailmagic.org
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
163	30

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-10-29` - `2023-01-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
qa.cr-halal.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-09` - `2023-10-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
Frame ID: 6DE69EF12C747EFB1A5C7A7FF9A60EBD
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/zrt_lookup.html
Frame ID: 69CD9D75461F4CF3DD92E82EB9AA2914
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1667394803&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803775&bpp=4&bdt=695&idt=122&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6079542794128&frm=20&pv=2&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=147
Frame ID: 684134E5711A7EF3551586B31430A54D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157
Frame ID: FEAB95C3B78B12142BFAFB8726899A40
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=306952042&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803782&bpp=1&bdt=702&idt=159&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QBK0WvkklK&p=https%3A//qa.cr-halal.com&dtd=163
Frame ID: 821CDF6ED1B573B2DE31A96F6AD4BDAF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1667394803&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803783&bpp=1&bdt=703&idt=171&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=KvY4l8J45n&p=https%3A//qa.cr-halal.com&dtd=174
Frame ID: FB04358D77BA7751609C37D8683C3994
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 68AF376517ED935557C8FAA8695E6F04
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FF4B8795F03E528D7B8498E5857A9056
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 20896C0FECB7C486A83B5A9AD466303E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=2247616821&adf=2922560527&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=-M&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640&nras=2&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=y3wWdLNLCo&p=https%3A//qa.cr-halal.com&dtd=5
Frame ID: 61831FC53D5132F70D9CC3CBFFCFE69B
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10
Frame ID: 8445FC49E28E477630F5B0186395AEB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
Frame ID: 66313D2AA5C64B192640C0F1B541C688
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
Frame ID: B3EB1BDF422D24D7B64578A9B969D960
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: B2F351EFFCF159FF85B07BEA3587581C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A27897E76CE413D6916AA34A972C48B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 4B14E82A9F744DE709345DAB70778511
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj4kqp5MAE&v=APEucNXO_LOV8-tCnmprZMM48h-NuFUzTBov7gsyfDpkqYUt36fSPlbw-jiItgr1tij7Ch6377WUSqANRYlBMZokc26hW31S6JFbnBh0KySlYsOnitVZTz-Gkz3Q3jVZ0aAYJD_gIPEspDk5WN1UJUiyKeKSNskOp52_TCH8lcZ6zqOXFEgSZkQ
Frame ID: 7B667D17D34727441EE4B48321A02444
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AesgQQnjse8VYmW7A7q1II-fALXagxbCAE4em99tegCC0WOKLBOm774Jhh4coFY7eaMlM-Luq3gBEmsqseFyGV8wTb8Iw0JB7bXefKv5H7KV16LrbFY_0cqcQ2YPeradcbfCM8sNpgaTBFPBUFbvbNJWmjSr8ZZonm-M3J5lQ_Su-ckWo&dbm_d=AKAmf-B43nmJHpe-6H4TXkYeZBMGJmNQMp1_QjaRWuWM_EUlMZ8qifSB6JyTkedDrx-jLUw1Hac_0CEAnQyqiQ4iMqVuN5Oe5YIXVf5mjziYfr0psHGsbqpzVbGtVkautPuEM5rihMMKYYsaea66J2MSeI94xgM7iZnKzijyBhCR4CvF16f_MMKua3mvH_a-_WPxzH_1cT0UdhU_wzacv3P-F_7Hw7tsYIpw0tu-4BhTg7c0EAHyCmVeaw2oeH7EU1Dyn5FfRSNYW6aec_eXYN8hXQMFbMCcl1nEMZ01B7aH7YKU6G3jRBpqHG16M8FemXHfrqb-_QOfWyMAisE_z9HGFDez68fTmCisIpZ8gzT2LcIddygPGh0Oy6R2ghf2izUT7tW-p7oyWmleU1cIxmY9tqPIaa2AN1i_CgR9evhFXMTaT69CKVozb8t92WHtWQKhWv1wKQkp-SsxcM6OJvxF158rDytahKHurU0r4zn2FCEmV1LL8kmvt5zoOYY7zPReXTo4-YVGt_zxPDnd47YYxFFzaLZroM9Rl_Hc-U_RQe-o6uhlg7H_6EDHYFo-x-Yw4RdJ0Gh_pSEkgs3rQVp3h-1Jp5Xhe1o2PJvAfhi1cRodyhIZtOOlX7yaiggYCPizVu3F3W-Yu0OQb1UwaIw9HagUMV7KECpxrI72hIufJEG-REbwy_i_y2G-ItFcatB4wMFdb8mjxbP_7-0SVsRhwG71hYajZJDxJZQmflMm66iIwC03D34ZS6Cde5NXtLSCNgkm-F-_9l702pVNIeErGpLZT21BNnvkYlmOGzVJ2AbQI8xD_kfslQpbpvxcL1FcewlzSAQEcUeu1EAlejLJ0Y8_jZ1LQ_oTpjncNaYBOnJwB7Zs5zivfjG4cIhGuhsUq3RY-y8dkfSa0t58tCtw2RTIjIj3tUZCPevlHAdFSeQriAxEmnd4xzNzlW92S0YcQtvbMiM2rzPjrmpWuJo2GdusWUQ_rIXO-BEoOuQ3IPrnjklSXVlRN5tfTc-CG59qsGLWs3rMBKGZLWFQjtP7kk5R9SeP5Ucf6KBRbV-L0x8dZ-JqY62T7PCDeAOTDLTCq5Ah7txvuWhzfQgQ-NwiZJR3XOAP65JQGhs5_-ccmpcW-WnuK7mkar1iWtmZMygUjhOcBidY4kl0lj2I8l5IehNdp0ZI-yCu8ka2CG_A4nUvKZt6qRA2De8Ss5vzV9QRmSL13Autv3R5m1Ky_jWam1XWZQym5xyd8fq9jtCKJcFrV44c2ZD3DdibmOKEVE3QyXNroScIbeN9U5QtMaGzH1wWV3gyfFZ9lbA3ExrZfh0N0_VNWLhr-J80lIo7FTutZXFlBAb74sgqxAgMMeWTpbSwC18SuR-7SQdI4Qx2Op9za3USsTflqTZuxDkeve_l1ZqCpq6riFRJLz1fV18NbJqH3uMN1lbCBWIRz5oeGvSNlv8AJYAKK_Zzpq8TacNr8l2oekh-xu7d_Gv_IBzdc4ZPViAd0y4N9aoWLqNK_lvpsSrkzjKGviUEEOpNh8lCOYwZ3tZnuUTd9ChUQLwXZqPTepiCn9dAE4XsXdGev2tUi8F--gl58tpJTI6Khl93D7u87F3i_374-iUi4CoveHJHfFISV1raShM7cs2AUktCCBM38iUKHyveTWwbtqgGCiGWCpe0MTDObnW5-I2MQelL6sWRwpDw69pramLLwDmoM3rPAOLtLfufnV5eaPLh6O6Z1sYRD5J8TgQ6I56x8cc2oJqm35m9psBIZyj3-og_7nrx1LRe6GDEh979_mYuAeg8eerEpbBbKjIK7eke_nUj8c9E9mcS8Z7W-8CpczpRAT_KIuzK9rm26lQbO7z3jEv08-JqCzjCZsADvmLyrPwp4aseQ32lmJdqRCkJtExy68WNfP2gjGUKdRob6JDV0oGkYtlfrxXEYGc6KywqUyeWRUJsk7hPcJCN-Y3re5fxOZk79SYc7cvYzdLU04quk9D7TET4o6LlQslo_ntCMppfUq_moQwN_AElWln5F48lcURj_tcmXmcLEie7O5M0raYUoPUrU9nz2kJWTkARhFajQUKP8ohGQ65egAmCtnbfv9UmRiyR4zOFwPjIjN-uSb2k9gHBIrEwQ4oQOvWDnw8tHE5EV-TEA1xNM27ANuHX1vH75oXqXBJ8ZOSyFJQLjdfFOHETatl2OoT-JL_9tDOBj0HS6cV2lFtKdSsusAa7VDkwI0_HRsLqX0wLsVLQrZ7Dm45mhvxyaj_LTN04mtl82BzZ-RCBKotNOWi158JkdJ53O2S7Y3FAod_ny0xB7Xieqg6xn48M6d29_QC6efjoW8qn-O-z4dzCt3cGB64wadOxuQzBb3bdjffpiRK5x1jTlF-_bk5QVNxL0bBFYyiDaQNeCrWNSIj7TkOsp33o8noV5tPqK9CpQRIvazQ-M7dF_faaOzZqBZ_XlpEZbEKjc7WMn50oMBmoAe15hmekFTCh6xKpKgZERYn29VxenoRzXBhGCrxugkr6875_zcIYsHQe0ta9I0EDw9DzylvTZD1lV9hgtUPnDASlsDAuk7-stgHZVk_9v7SAUGl3srPax0WYQ3s2yme0LQ7fYRlL_mPWsFgyi7gsk_3NdkQUYrb9Stk8dU_lg2Ta5wGq828G-ffG3egP2hEpI90LBbcBP782tNonvIlrh3oDc1f4zwuhHND3FFYLoGpnALMa43aUmHC-TBTDO3QKMRupRdE34CjAQroP7WEfm6TP2S_sBiFmwESf9LKWt7S-itORDqncaIbNltwq-1FmP4UJSCxvpD9zQPZ9a9rQfNa5Qg8ldvHAi1hdz1RvSKB9k6SChzcB4-ol5KkQe8cbqJBZ4Ja-kc0wlElJ04D61Vp1xML5c-IYkjehQQc1VhsrBIyiuqbt9d76a92DPysJ3dTOftAQcUSHrUfDcZf2Tc4Yf6CP2PSXOI7339ToSGu4J_iR45kHZmnz72MZFx1QTb1pFaqebGRb8_LtPJBs9f4vF1TeG5pLsa6yIuUUK-8j9LDTtHPsfPAJ5gcP9QoJWWk9_5e-qMbzt4dnKZM8r7w9A7x5vSpJ6Vu5-onctiUVXIFW0gM0e8J7XXEcgKg1600As6QpMpwiwhZ6JIL0UtcALuZnrc3PuTfrJ7dChd92ZyToSkmUcA5ZAbxxlO9M4fpd7hFi2V8z7kfCD476kNxVmBy9FYZjT2wF9-zQOJ_01DC-SGLwD9lsHMiWZXt4oMiAu9VUrPSzBMDeOpVuy-V99VVQdPRs0wmG&cid=CAASJORosmVchwuXkvg_dsbGIxl4W6sGtOS56pJ6awI42IsK6hVK3Q&rfl=2%2Chttps%253A%252F%252Fqa.cr-halal.com%252F%240
Frame ID: 40DDF57CB21840CC31D7D6B8C17C7BA2
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 52101A130CF69C2983F472B68E339C15
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 018208A19871C54F84BEDE3E70A283E4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
Frame ID: 43086E7FC5562B722B31582DDC62608B
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA462A7BB2FBFF7C031ACB1BBB8D87EE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: CEB046FD8FE51C33D463DE67542C7F1E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F380E2DDF17C9B24CEADEC8C630223DA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63F0011A7A7FE0FE520CBDCC288154B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: F4481F2A58857F64CC6AE15B03E112FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What is a crypto exchange? - Cryptocurrency Earning

Page URL History Show full URLs

http://trailmagic.org/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/3/what-is-a-crypto-exc... Page URL
https://qa.cr-halal.com/3/what-is-a-crypto-exchange Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

163
Requests

92 %
HTTPS

57 %
IPv6

24
Domains

30
Subdomains

26
IPs

5
Countries

1632 kB
Transfer

4387 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trailmagic.org/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/3/what-is-a-crypto-exchange&ved=2ahUKEwiulqi094f7AhVrhf0HHZYRC104ChAWegQIEBAB&usg=AOvVaw2AObwX5o5Qb5qCQfKDFCDB Page URL
https://qa.cr-halal.com/3/what-is-a-crypto-exchange Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 53

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1&C=1

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2Js9VHex65m.CDZy7L1oQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1&google_hm=2

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL5-QBxEGVuVQLZ5XshdeCM&google_cver=1

Request Chain 98

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA5OTE3MTQwNTExNjM3MDY1Ng%3D%3D

Request Chain 109

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF2cHjgCGETJkJdP1zM89Ns&google_cver=1&google_push=AZmPxg9hyuA58Oy-O4zlLdbPy4a3RXCBudHUxsESOdleZZOdNnkF2O3mY8vOYDlKt76kerthL-pmHeqN-qlNgpzqaJ5YXhVQ6Kcd HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF2cHjgCGETJkJdP1zM89Ns&google_cver=1&google_push=AZmPxg9hyuA58Oy-O4zlLdbPy4a3RXCBudHUxsESOdleZZOdNnkF2O3mY8vOYDlKt76kerthL-pmHeqN-qlNgpzqaJ5YXhVQ6Kcd&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7zSfYwLvRSuCLuvlJW9fvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9hyuA58Oy-O4zlLdbPy4a3RXCBudHUxsESOdleZZOdNnkF2O3mY8vOYDlKt76kerthL-pmHeqN-qlNgpzqaJ5YXhVQ6Kcd

Request Chain 110

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJgvyV9TjgX0w1geGhZ1Ezg&google_cver=1&google_push=AZmPxg__d0V_Sl3M4muTz10jVvvCebC-cSqX21p2hOs8yutIUzFnBQSATSsFFM1v9zNgbmmy2Djo6H9KuBu6hOFV7IDgbOGdt2FJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlaTlRFNkUtMU8tMTdYSQ==&google_push=AZmPxg__d0V_Sl3M4muTz10jVvvCebC-cSqX21p2hOs8yutIUzFnBQSATSsFFM1v9zNgbmmy2Djo6H9KuBu6hOFV7IDgbOGdt2FJ

Request Chain 111

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_cver=1&google_push=AZmPxg-Nqvc5Omn_hekH56JgNXRcAadWlI824KL5TTfEjZLvKM9cVElu6GO5SWnoPs0YYWmOA_fLMwZv7N46iyBUbE_5BS-nO8iq HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_push=AZmPxg-Nqvc5Omn_hekH56JgNXRcAadWlI824KL5TTfEjZLvKM9cVElu6GO5SWnoPs0YYWmOA_fLMwZv7N46iyBUbE_5BS-nO8iq&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_hm=Y2Js9VHex65m-CDZy7L1oQAAFKYAAAAB&google_nid=index&google_push=AZmPxg-Nqvc5Omn_hekH56JgNXRcAadWlI824KL5TTfEjZLvKM9cVElu6GO5SWnoPs0YYWmOA_fLMwZv7N46iyBUbE_5BS-nO8iq

Request Chain 135

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMDQiXz24PSqpgF71i1J4xo&google_cver=1&google_push=AZmPxg-WRgJFCGgWtyEiIKGrAKWDGda-OzDMW4YO0M5dfyVPrn1dYvCRyOXwDOoTTJxnoQDd-QkFsriZvbsCZdQeAMLnAj-LSgVA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-WRgJFCGgWtyEiIKGrAKWDGda-OzDMW4YO0M5dfyVPrn1dYvCRyOXwDOoTTJxnoQDd-QkFsriZvbsCZdQeAMLnAj-LSgVA&google_hm=u3XErqYP7AR1bDM8Dq-wLA

Request Chain 138

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF2cHjgCGETJkJdP1zM89Ns&google_cver=1&google_push=AZmPxg_1yW0Jg72OELOfIh68IELoEHn5tb5oDxt8lKM4Oed-vEwPPTXs85mr52DtUMY_F0IIt_EqvqBbGYctMbBxbo4CA9Ad0CUf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7zSfYwLvRSuCLuvlJW9fvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_1yW0Jg72OELOfIh68IELoEHn5tb5oDxt8lKM4Oed-vEwPPTXs85mr52DtUMY_F0IIt_EqvqBbGYctMbBxbo4CA9Ad0CUf

Request Chain 139

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJgvyV9TjgX0w1geGhZ1Ezg&google_cver=1&google_push=AZmPxg8SdmcOvAjg-142BBgELvHF1E66tZbnwOxMbfJt0AL5JccEKVsOVZuvrmTPJI4YBnyxeXHnpTXIrvU5-yeGGTuIXqK7G2k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlaTlRFQk8tMTEtM1FVRA==&google_push=AZmPxg8SdmcOvAjg-142BBgELvHF1E66tZbnwOxMbfJt0AL5JccEKVsOVZuvrmTPJI4YBnyxeXHnpTXIrvU5-yeGGTuIXqK7G2k

Request Chain 140

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_cver=1&google_push=AZmPxg-TyghKtfJaNf2Crtby5SXK70aKbKkqw4Uyzp17DPEFiVdSfBm1EhYnhAklvjVcjSN7ZnSrGbGgRaFgZEdO_s2yboh3vFQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_hm=Y2Js9VHex65m-CDZy7L1oQAAFKYAAAAB&google_nid=index&google_push=AZmPxg-TyghKtfJaNf2Crtby5SXK70aKbKkqw4Uyzp17DPEFiVdSfBm1EhYnhAklvjVcjSN7ZnSrGbGgRaFgZEdO_s2yboh3vFQ8

163 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
trailmagic.org/ 145 B
384 B 2004ms
692ms Document
text/html 192.185.180.160
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://trailmagic.org/
Protocol: HTTP/1.1
Server: 192.185.180.160 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-180-160.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 123
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Nov 2022 13:13:21 GMT
Keep-Alive: timeout=5, max=75
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H2 200 logo.png
ois.is/images/ 459 B
722 B 94ms
39ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Requested by: Host: trailmagic.org
URL: http://trailmagic.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://trailmagic.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 763d208a68b0903d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 02 Nov 2022 13:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDLRpj1jiE9iKQX2YfvdDhTXX%2Fe4z0znfsC1rREflIAhVWua1I9Ap%2BJSQ9M7cbIZXB%2BmLNTmLJ9g%2BwmDnA4SEUXHMtGhyiFWIQJD7BTZ5LVRZQVMLOsH%2FjktxdH7G2%2F2XAM8Pns%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 url
www.google.com/ 974 B
1 KB 97ms
47ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/3/what-is-a-crypto-exchange&ved=2ahUKEwiulqi094f7AhVrhf0HHZYRC104ChAWegQIEBAB&usg=AOvVaw2AObwX5o5Qb5qCQfKDFCDB

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 483
content-type: text/html; charset=UTF-8
date: Wed, 02 Nov 2022 13:13:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request what-is-a-crypto-exchange Show response
qa.cr-halal.com/3/ 21 KB
6 KB 619ms
239ms Document
text/html 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/3/what-is-a-crypto-exchange&ved=2ahUKEwiulqi094f7AhVrhf0HHZYRC104ChAWegQIEBAB&usg=AOvVaw2AObwX5o5Qb5qCQfKDFCDB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 6d1b86cffd26e86430f7497206b96ebd2c27a841b78e4a7cb32d1824d2fa80ab

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 5200
content-type: text/html; charset=utf-8
date: Wed, 02 Nov 2022 13:13:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 qa-styles.css
qa.cr-halal.com/qa-theme/SnowFlat/ 70 KB
11 KB 202ms
201ms Stylesheet
text/css 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11456
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
qa.cr-halal.com/qa-content/ 87 KB
30 KB 371ms
370ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30282
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 qa-global.js Show response
qa.cr-halal.com/qa-content/ 20 KB
5 KB 542ms
541ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4765
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 snow-core.js Show response
qa.cr-halal.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 542ms
542ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/3/what-is-a-crypto-exchange
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 885
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 64ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V7K5ME1CH7

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/3/what-is-a-crypto-exchange

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b80651c45268cc022faf4d33872d9fa159423c8fedc3d519a5cee081e0b3d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76600
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Nov 2022 13:13:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
54 KB 95ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/3/what-is-a-crypto-exchange

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab0409d0865e25e8e82c345dc73aa95c6ee01ba22eb6240a8b7efa8f490b4908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55090
x-xss-protection: 0
server: cafe
etag: 462730964200916004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 13:13:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
55 KB 113ms
60ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/3/what-is-a-crypto-exchange

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

404bf30472041c88e162085c0fb94fa8ef5eaee21555432a94ba62f8e64ca7d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Origin: https://qa.cr-halal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55634
x-xss-protection: 0
server: cafe
etag: 6282106072893114555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 13:13:23 GMT

GET
H2 200 vote-buttons-3.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 212ms
212ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Sat, 01 Aug 2020 02:52:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1457
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 fontello.woff
qa.cr-halal.com/qa-theme/SnowFlat/fonts/ 7 KB
7 KB 213ms
212ms Font
font/woff 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.cr-halal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Tue, 26 Jul 2016 05:31:58 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7200
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 answer-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 203ms
202ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2867
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 answer-select.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 203ms
201ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1831
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 link-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 203ms
201ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3026
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 comment-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 204ms
202ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2906
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 comment.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 190 B
390 B 204ms
202ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/comment.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9afd202c3c8cdda6e0e07fba05f02e6d804b81c336c2b128168c2532eac62792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 190
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 search-icon-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 204ms
202ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1412
expires: Wed, 09 Nov 2022 13:13:23 GMT

GET
H2 200 spinner-icon-14x14.gif
qa.cr-halal.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 204ms
203ms Image
image/gif 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7781
expires: Wed, 09 Nov 2022 13:13:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
338 B 64ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V7K5ME1CH7&gtm=2oeav0&_p=358752111&cid=1296198601.1667394804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667394803&sct=1&seg=0&dl=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&dr=https%3A%2F%2Fwww.google.com%2F&dt=What%20is%20a%20crypto%20exchange%3F%20-%20Cryptocurrency%20Earning&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V7K5ME1CH7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qa.cr-halal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210310101/ 354 KB
116 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3135644639015474&plah=qa.cr-halal.com&bust=31070637

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f200ed5dea99ae4dc099e86e49792d79e8cc704c2b72b4f3dc6cd36facad482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119056
x-xss-protection: 0
server: cafe
etag: 14935392187782382478
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 13:13:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/ Frame 69CD 10 KB
5 KB 64ms
15ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 16:40:13 GMT
etag: 9671129459699598864
expires: Tue, 15 Nov 2022 16:40:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
695 B 70ms
24ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.cr-halal.com&callback=_gfp_s_&client=ca-pub-3135644639015474&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3135644639015474&plah=qa.cr-halal.com&bust=31070637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af8fd4962e034d87600d631df7f7892017c3942c661305f82e70926037cedf12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 93ms
25ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 77ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6841 240 KB
57 KB 921ms
886ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1667394803&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803775&bpp=4&bdt=695&idt=122&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6079542794128&frm=20&pv=2&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=147

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3184e2d1861aa1ecc6629cb55c9ed2bb2224cfae3a0072f84e4377f90f035d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 58299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:24 GMT
expires: Wed, 02 Nov 2022 13:13:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FEAB 73 KB
21 KB 792ms
770ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04e9fdfdf7df8f6215c5fbb66042a62597b592c946d51adfeabb93d9fe2290a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21735
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:24 GMT
expires: Wed, 02 Nov 2022 13:13:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 821C 81 KB
30 KB 618ms
605ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=306952042&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803782&bpp=1&bdt=702&idt=159&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QBK0WvkklK&p=https%3A//qa.cr-halal.com&dtd=163

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4d449e3a807c6c083004d38fb8d65c147bd56ee1b78dfc5baa4351d41ea8f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30761
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:24 GMT
expires: Wed, 02 Nov 2022 13:13:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB04 436 B
235 B 457ms
456ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1667394803&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803783&bpp=1&bdt=703&idt=171&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90%2C748x90&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=KvY4l8J45n&p=https%3A//qa.cr-halal.com&dtd=174

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af96beb0a56f20250f1a863980a2daa686b86048d899dc733f947738eaca2730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:24 GMT
expires: Wed, 02 Nov 2022 13:13:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 821C 8 KB
1 KB 66ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=306952042&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803782&bpp=1&bdt=702&idt=159&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QBK0WvkklK&p=https%3A//qa.cr-halal.com&dtd=163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Nov 2022 13:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 11:58:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Nov 2022 13:13:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 821C 2 KB
819 B 70ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 821C 23 KB
10 KB 66ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 821C 3 KB
1 KB 64ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 07:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 07:13:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 821C 17 KB
7 KB 67ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 821C 153 KB
47 KB 82ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 13:13:24 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 821C 33 KB
14 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 16:40:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 821C 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CN5nk9GxiY_2oApPro9kP69SZ-Arht-qbbbPPyv-xEM_R64iPGhABIIbczh1glYKggrAHoAGr1bS7AsgBAagDAcgDywSqBN0BT9ChXYcFFLiEzi6EvhQ0PgtPw3xCQV5IlF6yc7C7T6DK_DXsCilhOjP-_R4uO3BAiA6USyG-W0vngDNk-uVHePM0-aUT5i4p1_uCHOJdhpza92IE59k_OpUyJgx5KlNoRV8-VW7Gy0FbQ7We-hLGdtIp8NNBT_wVP13HD3A_WwHLQUxfOiraeHDJXpdhhumWSfxlEvwfw_98S84wH0eGlyf0n1yFUV1pjEHXEyLUI4jM09MrH3xkU33o2jKCauHu6sNknMHjmvJ-W6RXwLt0cHeGqq3RsAwNkEHzNJDABI3-2O3xApIFBAgEGAGSBQQIBRgEgAfFtJPJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOD3FNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQE0BUBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=zPfds40iA38&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=306952042&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803782&bpp=1&bdt=702&idt=159&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QBK0WvkklK&p=https%3A//qa.cr-halal.com&dtd=163
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 02 Nov 2022 13:13:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 02 Nov 2022 13:13:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 68AF 143 B
166 B 15ms
15ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=306952042&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803782&bpp=1&bdt=702&idt=159&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QBK0WvkklK&p=https%3A//qa.cr-halal.com&dtd=163
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 12:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 821C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44ebf160f9157bdd7e438e6628c8b0ee00e54d8234bfa308cadae9849f27bb10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 68AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

34ms
34ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:24 GMT
expires: Wed, 02 Nov 2022 13:13:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 821C 28 KB
28 KB 64ms
15ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 14973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 09:03:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FEAB 8 KB
895 B 65ms
26ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Nov 2022 13:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 11:23:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Nov 2022 13:13:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FEAB 2 KB
765 B 55ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame FEAB 23 KB
9 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FEAB 3 KB
1 KB 59ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 07:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 07:13:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FEAB 17 KB
7 KB 57ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEAB 153 KB
47 KB 76ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 13:13:24 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame FEAB 33 KB
14 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 16:40:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FEAB 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI_k69GxiY4-yAtbwo9kP6fG4-Azht-qbbevcq8vUD4r9oITDARABIIbczh1glYKggrAHoAGr1bS7AsgBAagDAaoE1wFP0Ly-5FB_biRlR6jMyu3ymTiLhnIuh5I0ljkKxrXxSranCeL0t5pc6UB2bXof1r36PxIuYI9rD3Po2dzUueXEtuO0pjWRQouQt6TAXK_GH2NIZNNYC_DbLDk6I1NkVyUYIAC4hQqJ08hprEAB_rWj3ZKzMP8dq_wZEJJsolR2t6cC99SyKPp6iW4FQI5IJ2gVEXSPxJn4j93zvziylJAyTppAt4M-qjDVZzPwszBpE7p6EazczJKFQqt4oDhOAxvqaqyYLMC6nEFpCjHo2D8Ru4gPV7rWK8AE7bSnlbUDkgUECAQYAZIFBAgFGASAB8W0k8kBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQxtsP0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAXQFQGAFwGyFxwKGggAEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=4c1wRNQyZpY&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 02 Nov 2022 13:13:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6950847046367072469/ Frame FEAB 2 KB
2 KB 49ms
20ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6950847046367072469/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de544c5e76e2f0604be850ae0b29ec2e5de0ac242184d0d50f28a5230453cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 16:13:43 GMT
x-content-type-options: nosniff
age: 507581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1799
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 19:44:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 16:13:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FF4B 143 B
166 B 19ms
18ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 12:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FEAB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f2cb7f800d8da42ba568a673edfd47ba8e024039c04e2d685c176c407c1d13f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2089 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:44:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FF4B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

27ms
27ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667394803&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394803779&bpp=3&bdt=699&idt=151&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=59Gl4f5lBA&p=https%3A//qa.cr-halal.com&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:24 GMT
expires: Wed, 02 Nov 2022 13:13:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame FEAB 28 KB
28 KB 51ms
15ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 14973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 09:03:51 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210310101/ 150 KB
51 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210310101/reactive_library_fy2021.js?bust=31070637

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2e5f4e3125895d94be42d2a68e91cb3929ab99267dfd24dbe019e1da996c027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52162
x-xss-protection: 0
server: cafe
etag: 6304867583257506882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 13:13:24 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 62ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 62ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6183 91 KB
34 KB 810ms
809ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=2247616821&adf=2922560527&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=-M&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640&nras=2&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=y3wWdLNLCo&p=https%3A//qa.cr-halal.com&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c6adfc0d03816f5b6ba9fa2ee86019463e703400d4c718a731018f8bd71e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34768
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8445 21 KB
10 KB 526ms
526ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1a37529f9d1b6fd8c61c242222d93d4d03a73e5ba12acff12ecea0d9eb4131b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/ Frame 6631 10 KB
4 KB 18ms
18ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 19:49:18 GMT
etag: 9671129459699598864
expires: Tue, 15 Nov 2022 19:49:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/ Frame B3EB 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 19:49:18 GMT
etag: 9671129459699598864
expires: Tue, 15 Nov 2022 19:49:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 6631 4 KB
636 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 12:46:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6631 205 B
229 B 19ms
19ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 11:42:31 GMT
x-content-type-options: nosniff
age: 5454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Nov 2023 11:42:31 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6631 604 B
628 B 20ms
19ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 11:24:18 GMT
x-content-type-options: nosniff
age: 6547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Nov 2023 11:24:18 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 6631 19 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 21:34:09 GMT

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame B3EB 9 KB
4 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 21:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 21:20:29 GMT

GET
H3 200 40f44225e0a1c31e628c89e0882e5f2b.js Show response
www.gstatic.com/mysidia/ Frame B3EB 10 KB
4 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 19:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4273
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 19:20:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B3EB 8 KB
895 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 13:01:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame B3EB 2 KB
765 B 17ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame B3EB 23 KB
9 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame B3EB 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 07:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 07:13:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame B3EB 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3EB 153 KB
47 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame B3EB 33 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 16:40:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B2F3 6 KB
672 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 12:34:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame B2F3 2 KB
765 B 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame B2F3 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame B2F3 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 07:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 07:13:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame B2F3 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2F3 153 KB
47 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame B2F3 33 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 16:40:17 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4613882048550124365/ Frame B3EB 8 KB
8 KB 16ms
15ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4613882048550124365/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7cf992cc959ec494f01e03b95bd5cb0a647822fea3b9f231594848bc7fb87bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:14:03 GMT
x-content-type-options: nosniff
age: 14362
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7959
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 19:44:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 09:14:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B3EB 0
0 59ms
57ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGhO882xiY4PMPJDAmLAP6e-UoATht-qbbevcq8vUD__1kOPXAhABIIbczh1glYKggrAHoAGr1bS7AsgBAagDAaoE3wFP0N8ZREJiZB4uQy8YAr_UqYdNZPLnQNjvuDxdONYd7L9adfOj-jkl7Liq5F3OVtgZ1rOh7e_SJ0-pw2StKvC9jo_M0EWxqYtkV_TfDXZHzUOYNad8RIrT0ZLure47km0j7QBR1I1O6dMEiUG7tweE1cdX9CaHPcf7rAYHgLJCM0wjXwpDU-sspkbdLKsEn4JpixOWhErLMjYZ7fcmDnQx6Y5a8LLA5ssR6Ozrn5eKJJYvzhe0fC4z_xeNEcIJBGZ51cbhhPgfh4lcSsLJBJzU_ELk18gc8jbde64UIqHQwATttKeVtQOSBQQIBBgBkgUECAUYBIAHxbSTyQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCMqxzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBdAVAYAXAbIXHAoaCAASFHB1Yi0zMTM1NjQ0NjM5MDE1NDc0GAA&sigh=hKPBUtUCirs&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 02 Nov 2022 13:13:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A27 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 12:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B3EB 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e23a21d1a2052d0bfbb522a63be8df15a624c5de4c07439cc8606e0dea8defe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B14 36 KB
16 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: trailmagic.org
URL: http://trailmagic.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:44:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A27
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:25 GMT
expires: Wed, 02 Nov 2022 13:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7B66 624 B
297 B 27ms
27ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj4kqp5MAE&v=APEucNXO_LOV8-tCnmprZMM48h-NuFUzTBov7gsyfDpkqYUt36fSPlbw-jiItgr1tij7Ch6377WUSqANRYlBMZokc26hW31S6JFbnBh0KySlYsOnitVZTz-Gkz3Q3jVZ0aAYJD_gIPEspDk5WN1UJUiyKeKSNskOp52_TCH8lcZ6zqOXFEgSZkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 40DD 84 KB
35 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AesgQQnjse8VYmW7A7q1II-fALXagxbCAE4em99tegCC0WOKLBOm774Jhh4coFY7eaMlM-Luq3gBEmsqseFyGV8wTb8Iw0JB7bXefKv5H7KV16LrbFY_0cqcQ2YPeradcbfCM8sNpgaTBFPBUFbvbNJWmjSr8ZZonm-M3J5lQ_Su-ckWo&dbm_d=AKAmf-B43nmJHpe-6H4TXkYeZBMGJmNQMp1_QjaRWuWM_EUlMZ8qifSB6JyTkedDrx-jLUw1Hac_0CEAnQyqiQ4iMqVuN5Oe5YIXVf5mjziYfr0psHGsbqpzVbGtVkautPuEM5rihMMKYYsaea66J2MSeI94xgM7iZnKzijyBhCR4CvF16f_MMKua3mvH_a-_WPxzH_1cT0UdhU_wzacv3P-F_7Hw7tsYIpw0tu-4BhTg7c0EAHyCmVeaw2oeH7EU1Dyn5FfRSNYW6aec_eXYN8hXQMFbMCcl1nEMZ01B7aH7YKU6G3jRBpqHG16M8FemXHfrqb-_QOfWyMAisE_z9HGFDez68fTmCisIpZ8gzT2LcIddygPGh0Oy6R2ghf2izUT7tW-p7oyWmleU1cIxmY9tqPIaa2AN1i_CgR9evhFXMTaT69CKVozb8t92WHtWQKhWv1wKQkp-SsxcM6OJvxF158rDytahKHurU0r4zn2FCEmV1LL8kmvt5zoOYY7zPReXTo4-YVGt_zxPDnd47YYxFFzaLZroM9Rl_Hc-U_RQe-o6uhlg7H_6EDHYFo-x-Yw4RdJ0Gh_pSEkgs3rQVp3h-1Jp5Xhe1o2PJvAfhi1cRodyhIZtOOlX7yaiggYCPizVu3F3W-Yu0OQb1UwaIw9HagUMV7KECpxrI72hIufJEG-REbwy_i_y2G-ItFcatB4wMFdb8mjxbP_7-0SVsRhwG71hYajZJDxJZQmflMm66iIwC03D34ZS6Cde5NXtLSCNgkm-F-_9l702pVNIeErGpLZT21BNnvkYlmOGzVJ2AbQI8xD_kfslQpbpvxcL1FcewlzSAQEcUeu1EAlejLJ0Y8_jZ1LQ_oTpjncNaYBOnJwB7Zs5zivfjG4cIhGuhsUq3RY-y8dkfSa0t58tCtw2RTIjIj3tUZCPevlHAdFSeQriAxEmnd4xzNzlW92S0YcQtvbMiM2rzPjrmpWuJo2GdusWUQ_rIXO-BEoOuQ3IPrnjklSXVlRN5tfTc-CG59qsGLWs3rMBKGZLWFQjtP7kk5R9SeP5Ucf6KBRbV-L0x8dZ-JqY62T7PCDeAOTDLTCq5Ah7txvuWhzfQgQ-NwiZJR3XOAP65JQGhs5_-ccmpcW-WnuK7mkar1iWtmZMygUjhOcBidY4kl0lj2I8l5IehNdp0ZI-yCu8ka2CG_A4nUvKZt6qRA2De8Ss5vzV9QRmSL13Autv3R5m1Ky_jWam1XWZQym5xyd8fq9jtCKJcFrV44c2ZD3DdibmOKEVE3QyXNroScIbeN9U5QtMaGzH1wWV3gyfFZ9lbA3ExrZfh0N0_VNWLhr-J80lIo7FTutZXFlBAb74sgqxAgMMeWTpbSwC18SuR-7SQdI4Qx2Op9za3USsTflqTZuxDkeve_l1ZqCpq6riFRJLz1fV18NbJqH3uMN1lbCBWIRz5oeGvSNlv8AJYAKK_Zzpq8TacNr8l2oekh-xu7d_Gv_IBzdc4ZPViAd0y4N9aoWLqNK_lvpsSrkzjKGviUEEOpNh8lCOYwZ3tZnuUTd9ChUQLwXZqPTepiCn9dAE4XsXdGev2tUi8F--gl58tpJTI6Khl93D7u87F3i_374-iUi4CoveHJHfFISV1raShM7cs2AUktCCBM38iUKHyveTWwbtqgGCiGWCpe0MTDObnW5-I2MQelL6sWRwpDw69pramLLwDmoM3rPAOLtLfufnV5eaPLh6O6Z1sYRD5J8TgQ6I56x8cc2oJqm35m9psBIZyj3-og_7nrx1LRe6GDEh979_mYuAeg8eerEpbBbKjIK7eke_nUj8c9E9mcS8Z7W-8CpczpRAT_KIuzK9rm26lQbO7z3jEv08-JqCzjCZsADvmLyrPwp4aseQ32lmJdqRCkJtExy68WNfP2gjGUKdRob6JDV0oGkYtlfrxXEYGc6KywqUyeWRUJsk7hPcJCN-Y3re5fxOZk79SYc7cvYzdLU04quk9D7TET4o6LlQslo_ntCMppfUq_moQwN_AElWln5F48lcURj_tcmXmcLEie7O5M0raYUoPUrU9nz2kJWTkARhFajQUKP8ohGQ65egAmCtnbfv9UmRiyR4zOFwPjIjN-uSb2k9gHBIrEwQ4oQOvWDnw8tHE5EV-TEA1xNM27ANuHX1vH75oXqXBJ8ZOSyFJQLjdfFOHETatl2OoT-JL_9tDOBj0HS6cV2lFtKdSsusAa7VDkwI0_HRsLqX0wLsVLQrZ7Dm45mhvxyaj_LTN04mtl82BzZ-RCBKotNOWi158JkdJ53O2S7Y3FAod_ny0xB7Xieqg6xn48M6d29_QC6efjoW8qn-O-z4dzCt3cGB64wadOxuQzBb3bdjffpiRK5x1jTlF-_bk5QVNxL0bBFYyiDaQNeCrWNSIj7TkOsp33o8noV5tPqK9CpQRIvazQ-M7dF_faaOzZqBZ_XlpEZbEKjc7WMn50oMBmoAe15hmekFTCh6xKpKgZERYn29VxenoRzXBhGCrxugkr6875_zcIYsHQe0ta9I0EDw9DzylvTZD1lV9hgtUPnDASlsDAuk7-stgHZVk_9v7SAUGl3srPax0WYQ3s2yme0LQ7fYRlL_mPWsFgyi7gsk_3NdkQUYrb9Stk8dU_lg2Ta5wGq828G-ffG3egP2hEpI90LBbcBP782tNonvIlrh3oDc1f4zwuhHND3FFYLoGpnALMa43aUmHC-TBTDO3QKMRupRdE34CjAQroP7WEfm6TP2S_sBiFmwESf9LKWt7S-itORDqncaIbNltwq-1FmP4UJSCxvpD9zQPZ9a9rQfNa5Qg8ldvHAi1hdz1RvSKB9k6SChzcB4-ol5KkQe8cbqJBZ4Ja-kc0wlElJ04D61Vp1xML5c-IYkjehQQc1VhsrBIyiuqbt9d76a92DPysJ3dTOftAQcUSHrUfDcZf2Tc4Yf6CP2PSXOI7339ToSGu4J_iR45kHZmnz72MZFx1QTb1pFaqebGRb8_LtPJBs9f4vF1TeG5pLsa6yIuUUK-8j9LDTtHPsfPAJ5gcP9QoJWWk9_5e-qMbzt4dnKZM8r7w9A7x5vSpJ6Vu5-onctiUVXIFW0gM0e8J7XXEcgKg1600As6QpMpwiwhZ6JIL0UtcALuZnrc3PuTfrJ7dChd92ZyToSkmUcA5ZAbxxlO9M4fpd7hFi2V8z7kfCD476kNxVmBy9FYZjT2wF9-zQOJ_01DC-SGLwD9lsHMiWZXt4oMiAu9VUrPSzBMDeOpVuy-V99VVQdPRs0wmG&cid=CAASJORosmVchwuXkvg_dsbGIxl4W6sGtOS56pJ6awI42IsK6hVK3Q&rfl=2%2Chttps%253A%252F%252Fqa.cr-halal.com%252F%240

Requested by

Host: trailmagic.org
URL: http://trailmagic.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed083f73dfd701e5889b6215302658f4ab89d368d61a8d9f97e6e7cbdb9c9c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35499
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 40DD 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 07:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 07:13:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 40DD 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 40DD 0
0 23ms
23ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQraAeT9FtNdHQnYpRUU5XPp9RRZFHfG2S4uOsSxDGCcfR6o5egrsOLBQZr3xJVxF85ItVzLVJ5bIWmkJ6odQl5zx4iAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40DD 153 KB
47 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40DD 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AETTEwIYxj0wzvVaRt9JKJR6dpgc93gSWP4tNMp0qE-IZc-yFz-FcvwOSTe-8CLQhyzFIT1ZnaFlC13LO1LLuwaQ69KALwXDkDzzra7Mvss5aEVww

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7B66
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1&C=1

43 B
766 B

16ms
16ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj4kqp5MAE&v=APEucNXO_LOV8-tCnmprZMM48h-NuFUzTBov7gsyfDpkqYUt36fSPlbw-jiItgr1tij7Ch6377WUSqANRYlBMZokc26hW31S6JFbnBh0KySlYsOnitVZTz-Gkz3Q3jVZ0aAYJD_gIPEspDk5WN1UJUiyKeKSNskOp52_TCH8lcZ6zqOXFEgSZkQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Nov 2022 13:13:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 02 Nov 2022 13:13:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7B66
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2Js9VHex65m.CDZy7L1oQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1&google_hm=2

43 B
766 B

19ms
16ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj4kqp5MAE&v=APEucNXO_LOV8-tCnmprZMM48h-NuFUzTBov7gsyfDpkqYUt36fSPlbw-jiItgr1tij7Ch6377WUSqANRYlBMZokc26hW31S6JFbnBh0KySlYsOnitVZTz-Gkz3Q3jVZ0aAYJD_gIPEspDk5WN1UJUiyKeKSNskOp52_TCH8lcZ6zqOXFEgSZkQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Nov 2022 13:13:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBzHQ-0voNDrTL3rb8nepyM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7B66
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL5-QBxEGVuVQLZ5XshdeCM&google_cver=1

43 B
1016 B

63ms
26ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL5-QBxEGVuVQLZ5XshdeCM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj4kqp5MAE&v=APEucNXO_LOV8-tCnmprZMM48h-NuFUzTBov7gsyfDpkqYUt36fSPlbw-jiItgr1tij7Ch6377WUSqANRYlBMZokc26hW31S6JFbnBh0KySlYsOnitVZTz-Gkz3Q3jVZ0aAYJD_gIPEspDk5WN1UJUiyKeKSNskOp52_TCH8lcZ6zqOXFEgSZkQ

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Nov 2022 13:13:25 GMT
AN-X-Request-Uuid: 87c3b412-5c78-40e6-9f6e-987127a56f8d
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL5-QBxEGVuVQLZ5XshdeCM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B66
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA5OTE3MTQwNTExNjM3MDY1Ng%3D%3D

170 B
188 B

56ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA5OTE3MTQwNTExNjM3MDY1Ng%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Nov 2022 13:13:25 GMT
AN-X-Request-Uuid: 7b9dbb09-61cb-4ec0-9b98-9f721986c9c1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA5OTE3MTQwNTExNjM3MDY1Ng%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 40DD 170 KB
59 KB 74ms
16ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: trailmagic.org
URL: http://trailmagic.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 40DD 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AesgQQnjse8VYmW7A7q1II-fALXagxbCAE4em99tegCC0WOKLBOm774Jhh4coFY7eaMlM-Luq3gBEmsqseFyGV8wTb8Iw0JB7bXefKv5H7KV16LrbFY_0cqcQ2YPeradcbfCM8sNpgaTBFPBUFbvbNJWmjSr8ZZonm-M3J5lQ_Su-ckWo&dbm_d=AKAmf-B43nmJHpe-6H4TXkYeZBMGJmNQMp1_QjaRWuWM_EUlMZ8qifSB6JyTkedDrx-jLUw1Hac_0CEAnQyqiQ4iMqVuN5Oe5YIXVf5mjziYfr0psHGsbqpzVbGtVkautPuEM5rihMMKYYsaea66J2MSeI94xgM7iZnKzijyBhCR4CvF16f_MMKua3mvH_a-_WPxzH_1cT0UdhU_wzacv3P-F_7Hw7tsYIpw0tu-4BhTg7c0EAHyCmVeaw2oeH7EU1Dyn5FfRSNYW6aec_eXYN8hXQMFbMCcl1nEMZ01B7aH7YKU6G3jRBpqHG16M8FemXHfrqb-_QOfWyMAisE_z9HGFDez68fTmCisIpZ8gzT2LcIddygPGh0Oy6R2ghf2izUT7tW-p7oyWmleU1cIxmY9tqPIaa2AN1i_CgR9evhFXMTaT69CKVozb8t92WHtWQKhWv1wKQkp-SsxcM6OJvxF158rDytahKHurU0r4zn2FCEmV1LL8kmvt5zoOYY7zPReXTo4-YVGt_zxPDnd47YYxFFzaLZroM9Rl_Hc-U_RQe-o6uhlg7H_6EDHYFo-x-Yw4RdJ0Gh_pSEkgs3rQVp3h-1Jp5Xhe1o2PJvAfhi1cRodyhIZtOOlX7yaiggYCPizVu3F3W-Yu0OQb1UwaIw9HagUMV7KECpxrI72hIufJEG-REbwy_i_y2G-ItFcatB4wMFdb8mjxbP_7-0SVsRhwG71hYajZJDxJZQmflMm66iIwC03D34ZS6Cde5NXtLSCNgkm-F-_9l702pVNIeErGpLZT21BNnvkYlmOGzVJ2AbQI8xD_kfslQpbpvxcL1FcewlzSAQEcUeu1EAlejLJ0Y8_jZ1LQ_oTpjncNaYBOnJwB7Zs5zivfjG4cIhGuhsUq3RY-y8dkfSa0t58tCtw2RTIjIj3tUZCPevlHAdFSeQriAxEmnd4xzNzlW92S0YcQtvbMiM2rzPjrmpWuJo2GdusWUQ_rIXO-BEoOuQ3IPrnjklSXVlRN5tfTc-CG59qsGLWs3rMBKGZLWFQjtP7kk5R9SeP5Ucf6KBRbV-L0x8dZ-JqY62T7PCDeAOTDLTCq5Ah7txvuWhzfQgQ-NwiZJR3XOAP65JQGhs5_-ccmpcW-WnuK7mkar1iWtmZMygUjhOcBidY4kl0lj2I8l5IehNdp0ZI-yCu8ka2CG_A4nUvKZt6qRA2De8Ss5vzV9QRmSL13Autv3R5m1Ky_jWam1XWZQym5xyd8fq9jtCKJcFrV44c2ZD3DdibmOKEVE3QyXNroScIbeN9U5QtMaGzH1wWV3gyfFZ9lbA3ExrZfh0N0_VNWLhr-J80lIo7FTutZXFlBAb74sgqxAgMMeWTpbSwC18SuR-7SQdI4Qx2Op9za3USsTflqTZuxDkeve_l1ZqCpq6riFRJLz1fV18NbJqH3uMN1lbCBWIRz5oeGvSNlv8AJYAKK_Zzpq8TacNr8l2oekh-xu7d_Gv_IBzdc4ZPViAd0y4N9aoWLqNK_lvpsSrkzjKGviUEEOpNh8lCOYwZ3tZnuUTd9ChUQLwXZqPTepiCn9dAE4XsXdGev2tUi8F--gl58tpJTI6Khl93D7u87F3i_374-iUi4CoveHJHfFISV1raShM7cs2AUktCCBM38iUKHyveTWwbtqgGCiGWCpe0MTDObnW5-I2MQelL6sWRwpDw69pramLLwDmoM3rPAOLtLfufnV5eaPLh6O6Z1sYRD5J8TgQ6I56x8cc2oJqm35m9psBIZyj3-og_7nrx1LRe6GDEh979_mYuAeg8eerEpbBbKjIK7eke_nUj8c9E9mcS8Z7W-8CpczpRAT_KIuzK9rm26lQbO7z3jEv08-JqCzjCZsADvmLyrPwp4aseQ32lmJdqRCkJtExy68WNfP2gjGUKdRob6JDV0oGkYtlfrxXEYGc6KywqUyeWRUJsk7hPcJCN-Y3re5fxOZk79SYc7cvYzdLU04quk9D7TET4o6LlQslo_ntCMppfUq_moQwN_AElWln5F48lcURj_tcmXmcLEie7O5M0raYUoPUrU9nz2kJWTkARhFajQUKP8ohGQ65egAmCtnbfv9UmRiyR4zOFwPjIjN-uSb2k9gHBIrEwQ4oQOvWDnw8tHE5EV-TEA1xNM27ANuHX1vH75oXqXBJ8ZOSyFJQLjdfFOHETatl2OoT-JL_9tDOBj0HS6cV2lFtKdSsusAa7VDkwI0_HRsLqX0wLsVLQrZ7Dm45mhvxyaj_LTN04mtl82BzZ-RCBKotNOWi158JkdJ53O2S7Y3FAod_ny0xB7Xieqg6xn48M6d29_QC6efjoW8qn-O-z4dzCt3cGB64wadOxuQzBb3bdjffpiRK5x1jTlF-_bk5QVNxL0bBFYyiDaQNeCrWNSIj7TkOsp33o8noV5tPqK9CpQRIvazQ-M7dF_faaOzZqBZ_XlpEZbEKjc7WMn50oMBmoAe15hmekFTCh6xKpKgZERYn29VxenoRzXBhGCrxugkr6875_zcIYsHQe0ta9I0EDw9DzylvTZD1lV9hgtUPnDASlsDAuk7-stgHZVk_9v7SAUGl3srPax0WYQ3s2yme0LQ7fYRlL_mPWsFgyi7gsk_3NdkQUYrb9Stk8dU_lg2Ta5wGq828G-ffG3egP2hEpI90LBbcBP782tNonvIlrh3oDc1f4zwuhHND3FFYLoGpnALMa43aUmHC-TBTDO3QKMRupRdE34CjAQroP7WEfm6TP2S_sBiFmwESf9LKWt7S-itORDqncaIbNltwq-1FmP4UJSCxvpD9zQPZ9a9rQfNa5Qg8ldvHAi1hdz1RvSKB9k6SChzcB4-ol5KkQe8cbqJBZ4Ja-kc0wlElJ04D61Vp1xML5c-IYkjehQQc1VhsrBIyiuqbt9d76a92DPysJ3dTOftAQcUSHrUfDcZf2Tc4Yf6CP2PSXOI7339ToSGu4J_iR45kHZmnz72MZFx1QTb1pFaqebGRb8_LtPJBs9f4vF1TeG5pLsa6yIuUUK-8j9LDTtHPsfPAJ5gcP9QoJWWk9_5e-qMbzt4dnKZM8r7w9A7x5vSpJ6Vu5-onctiUVXIFW0gM0e8J7XXEcgKg1600As6QpMpwiwhZ6JIL0UtcALuZnrc3PuTfrJ7dChd92ZyToSkmUcA5ZAbxxlO9M4fpd7hFi2V8z7kfCD476kNxVmBy9FYZjT2wF9-zQOJ_01DC-SGLwD9lsHMiWZXt4oMiAu9VUrPSzBMDeOpVuy-V99VVQdPRs0wmG&cid=CAASJORosmVchwuXkvg_dsbGIxl4W6sGtOS56pJ6awI42IsK6hVK3Q&rfl=2%2Chttps%253A%252F%252Fqa.cr-halal.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2990
x-xss-protection: 0
server: cafe
etag: 2274832811029412562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 18:50:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 40DD 30 KB
11 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 18:52:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 40DD 41 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 12:01:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5210 1 KB
643 B 29ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 14:27:35 GMT
etag: 48472445140208031
expires: Wed, 02 Nov 2022 14:27:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 40DD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8492f63d4e2aea17ab5498a4824207f6a57b8f5cb762ace5cd310678771b5e45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0182 22 KB
8 KB 16ms
16ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 12:01:33 GMT
expires: Thu, 02 Nov 2023 12:01:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5210 35 B
464 B 61ms
18ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMDQiXz24PSqpgF71i1J4xo&google_cver=1&google_push=AZmPxg-OigTLYwlhY5tqXozl6A5iVzJgVWiBDTPHqDBM3zmRUEBT6Cx5cDEpRFHiMWwUrueycmy2VzjBiWDixFZrpPeLnuAyKvI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 5210 0
98 B 73ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_MUTFXTitlSUG7UaWniWKeQC506wSGI7o_clpMb817zl4j7VtonHREwHBxOrQAOrE5Yr_WHR-aTam1AIDcP8ZsE3DEGww&google_gid=CAESEKgdZJApo8nnZRGj-AD3_8s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5210 43 B
350 B 75ms
27ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEM-SvFHrvYJ40nN8uJ_bC4E&google_cver=1&google_push=AZmPxg-4dvfksSaMWMKYnyDhWzspqTpBt3-NdJwG5rmWiFBM-oES1a59ilgNe38koU3u2Bru7pWDz2Ewl9o0Lc98uo7Pxb1NYDj-
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cj0j4lifmocv7i563l5suhneimmeed3p

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5210
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7zSfYwLvRSuCLuvlJW9fvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7zSfYwLvRSuCLuvlJW9fvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9hyuA58Oy-O4zlLdbPy4a3RXCBudHUxsESOdleZZOdNnkF2O3mY8vOYDlKt76kerthL-pmHeqN-qlNgpzqaJ5YXhVQ6Kcd

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7zSfYwLvRSuCLuvlJW9fvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9hyuA58Oy-O4zlLdbPy4a3RXCBudHUxsESOdleZZOdNnkF2O3mY8vOYDlKt76kerthL-pmHeqN-qlNgpzqaJ5YXhVQ6Kcd
date: Wed, 02 Nov 2022 13:13:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5210
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJgvyV9TjgX0w1geGhZ1Ezg&google_cver=1&google_push=AZmPxg__d0V_Sl3M4muTz10jVvvCebC-cSqX21p2hOs8yutIUzFnBQSATSsFFM1v9zNgbmmy2Dj...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlaTlRFNkUtMU8tMTdYSQ==&google_push=AZmPxg__d0V_Sl3M4muTz10jVvvCebC-cSqX21p2hOs8yutIUzFnBQSATSsFFM1v9zNgbmmy2Djo6H9KuBu6hOFV7IDgbOGdt2FJ

170 B
188 B

27ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlaTlRFNkUtMU8tMTdYSQ==&google_push=AZmPxg__d0V_Sl3M4muTz10jVvvCebC-cSqX21p2hOs8yutIUzFnBQSATSsFFM1v9zNgbmmy2Djo6H9KuBu6hOFV7IDgbOGdt2FJ

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlaTlRFNkUtMU8tMTdYSQ==&google_push=AZmPxg__d0V_Sl3M4muTz10jVvvCebC-cSqX21p2hOs8yutIUzFnBQSATSsFFM1v9zNgbmmy2Djo6H9KuBu6hOFV7IDgbOGdt2FJ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5210
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_hm=Y2Js9VHex65m-CDZy7L1oQAAFKYAAAAB&google_nid=index&google_push=AZmPxg-Nqvc5Omn_hekH56JgNXRcAadWlI824...

170 B
188 B

29ms
28ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_hm=Y2Js9VHex65m-CDZy7L1oQAAFKYAAAAB&google_nid=index&google_push=AZmPxg-Nqvc5Omn_hekH56JgNXRcAadWlI824KL5TTfEjZLvKM9cVElu6GO5SWnoPs0YYWmOA_fLMwZv7N46iyBUbE_5BS-nO8iq

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViHSLSuxBxkbPDp5x%2FWEkwpJSGjW40uWPXdQ0EMSz4Elz9Hwec1g3K8F%2B09V%2FVxJ0jZ3YZUweYNwDnb%2BUd22YwPe%2BrAPptvq67IbbNywROoLilWaAnskdPKIwijK2PPa%2B5UyMYkmF7OW8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_hm=Y2Js9VHex65m-CDZy7L1oQAAFKYAAAAB&google_nid=index&google_push=AZmPxg-Nqvc5Omn_hekH56JgNXRcAadWlI824KL5TTfEjZLvKM9cVElu6GO5SWnoPs0YYWmOA_fLMwZv7N46iyBUbE_5BS-nO8iq
cache-control: no-cache
cf-ray: 763d20a0986bbb53-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 5210 43 B
296 B 199ms
28ms Image
image/gif 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPpKgaBgPMS8Er7a5Em0N9E&google_cver=1&google_push=AZmPxg_ITUZkKOKBy1xi9h3p2rz4wloTzn1fmnovk5dbXVbEbkY-5JRcOi0G8tUognVNL1egufTyF0aAPO-6oR_HPurlfBGpRuch
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2185563714~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=1200x90&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=0&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640%2C607x280&nras=3&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=v8MmjAeCCl&p=https%3A//qa.cr-halal.com&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5210 0
12 B 64ms
25ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LqOXSji64LdCgIrFgOdNX9II93Ii-UFMcyFCIXkecNCxkdQLFDwxuapTEe58pYTsnt3Lpe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0182 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:44:08 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17446820045578257021/ Frame 4308 156 KB
29 KB 57ms
24ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc0919f1ccccd997de0e88b47f8fce17255cf80d9ea62f125370a0f6f6f94741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:25 GMT
expires: Thu, 02 Nov 2023 13:13:25 GMT
last-modified: Fri, 07 Jan 2022 15:07:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 40DD 0
0 115ms
59ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpopLvslsMdkEULR4urfart5AXUKnFrMqJpPknc2A42OFRhh-wYhzg4ENB88W29Sk5MOeasxIjQarH23f2mXe0YIrACKyK3bUng2qsQBciob9LjWFsLWrgG36G2RdJJwVYr9rrtbb2ZTzbnIwW0Afd-06VsXZlnPR-t1bFRk_arWUX5ITTcaVSG_Df4iVkKske6CUxZmYfGMdbB-mvJD1UxtkbcwrCB1-W9nwFzf7vj8NRSqjyxWVFOlCGex9rWDzV7BKBTxKkIg4uym0--p2SKkJooPqIC89NVbmIz_JVuwR4eqxNVItofEKuGs1R5EcQ7t0BuEC-vY1c2EN7P47mq0iRznzmcKXF_TYAcDGX_DWXiUxz-VL6p40DE_CCs7xcwOoSI9vVsCYU-LsKgrww5dEK3dfnPi4gzZVJCzT22Jxh4f076wj9zvBcnm6bp1P2syCzce9xcOk4z53GfAvqLKXIMfm139RidcfbcgHVNcYYt46kZ7xaCPuEjopEpzlFlCPe1CYCUum8LvK_VX1_nuQfiX8ubfP3IjMfbNa_LHYw-S40TTL8w9yu-yUN9XaLSRqJB3p_ax8ZjsZK_vUr5Q0aN20UJSB2YRHhMkLSt8Xwh2yaNCQpURZGV8tHDTn_VvoIujLDoR5PlCbkUZmuyoE33haPrKfilWRmNXCUHj9eR43H78Qr8-pw6LJLz7qgPZdc2KNVYf1NWJRrVTi4aEf77y8RcVO4DT992yydtz5dRUTPXo7IUMjK57yjwyWxCd-IOp02jEs6_o7wnjXI2iNgW7o5BS0cmWX9yak5QytXWtR0cFB-SKD1mABYsK9eFku9JqY2VAjYVmrgK9qi_OWB4WtKd4-437GSuLiSX5IJ5-LMscH0BbcE5CRyYkxUIYzlmi8mpd1tXe8rCQO_WNjuBW8Jy442v5cpShwamnPYxa2ArIBgJDT0SfUHxSeAPVsnOq_Jqw7bQQuVMkRCXqNBW520sQRsntRkyBnQrFmCsjl0l8P8nad2K-XuZjDr1rh3cy-soB5Fx4FwmEv75a4raYTce3zAlfbF6nVSsHlGEzr8uUHiGoUcuGfv27oTSGWPOCiI0s1Z3WXqCt8nmdDW8oIOMz_A0cqweVDaEhcixD-sB-SDFgRq0yWWIGcpvNjr315BGS41AltDmEHd27OerlnZnmC0OSSe8ovjSmwV9NpGRmz3AU3q_DpoHdnNCgYE9oyY3QDzsvSESXCB_Y4&sai=AMfl-YTGGOXLsCXI-sgLYWjE5pOcVMgN2Q-435yr_D1osOlcMCieOMoHR3v5rH2nkeOH11tKzMowS5oFT5rL-rZ51fIHoL0ZJ5S_VZwiY5Xur_T8hZxz0CJHcaGI6q2ImPc4gzq0Hp2cGGhmYx2GEWQBi9M5nrEO-rNdkQ7BbDIxwj2u2qrJcBO1QympKBZTz_e_t8S_8wcO_cKLt-syybjjdaFdvYk&sig=Cg0ArKJSzH8C-2Q5QnjnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=129&cbvp=1&cstd=123&cisv=r20221027.03128&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: trailmagic.org
URL: http://trailmagic.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 02 Nov 2022 13:13:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 6183 9 KB
4 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=2247616821&adf=2922560527&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=-M&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640&nras=2&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=y3wWdLNLCo&p=https%3A//qa.cr-halal.com&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 21:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 21:20:29 GMT

GET
H3 200 f811ceb9b4a6a990ad4105fc3f7ba433.js Show response
www.gstatic.com/mysidia/ Frame 6183 19 KB
8 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 21:10:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6183 4 KB
621 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 11:20:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 6183 2 KB
765 B 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 d6c5bcf26e2f43f621526b11ea468107.js Show response
www.gstatic.com/mysidia/ Frame 6183 5 KB
2 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d6c5bcf26e2f43f621526b11ea468107.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2008
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 21:15:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 6183 23 KB
9 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 6183 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 07:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 07:13:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 6183 17 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 14:27:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6183 153 KB
47 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 13:13:25 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 6183 33 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 16:40:17 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4308 118 KB
40 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 11:10:17 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4613882048550124365/ Frame 6183 20 KB
20 KB 16ms
16ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4613882048550124365/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eff8c9e2b8d23c216ab416b7d15949fedb249ad7710918248204396e8580a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 03:14:57 GMT
x-content-type-options: nosniff
age: 35908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20376
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 19:44:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 03:14:57 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7550206103838395798/ Frame 6183 10 KB
10 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7550206103838395798/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42db25bed9d7d64c7ab6b28f7125272b6bca5c149274dffece0935fb103230c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:57:59 GMT
x-content-type-options: nosniff
age: 501326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10387
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 18:22:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 17:57:59 GMT

GET
DATA 200
OK truncated
/ Frame 6183 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6183 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cej_Q9WxiY65jxYq3B5m_mugE4bfqm23r3KvL1A-K_aCEwwEQASCG3M4dYJWCoIKwB6ABq9W0uwLIAQmoAwHIA8sEqgTfAU_QAvDvKTikJqcsR38mu86MKYjLbZfLh5BxXpGRMrU-nF_soECSvmxQ5yW2G1XiL5XmbTw0HRqt0S6OTppgn75DEiKDsDacWpM_ZZPlaj8T3tbwVGIaQiXxL1IUMC69BwT2o5I5X_6ZlYq7DSZdu325bIUz6O8s530qzlpDwKv1Kt0Q69TpwCuEzlfarxn4MGjBqXDEyzRMC5M8u7bZMb2QvdnRlBExo6zHDmRqdFLDuIBrOJ6SXW1JEwl3c4w_fLBKOn_wFKVS7x8L6ZQmnwWMbC_TulWy6e4YdgnjBDXABO20p5W1A5IFBAgEGAGSBQQIBRgEoAYugAfFtJPJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELXqH9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUBdAVAYAXAbIXHAoaCAASFHB1Yi0zMTM1NjQ0NjM5MDE1NDc0GAA&sigh=xAlyxh8yGzs&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=2247616821&adf=2922560527&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=-M&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640&nras=2&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=y3wWdLNLCo&p=https%3A//qa.cr-halal.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 02 Nov 2022 13:13:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BA46 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 14:27:35 GMT
etag: 48472445140208031
expires: Wed, 02 Nov 2022 14:27:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6183 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 813571930250c78062679054dc3a63ddbabbb2e772007211d1d591ce486781e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/17446820045578257021/ Frame 4308 23 KB
23 KB 19ms
19ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17446820045578257021/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:16:37 GMT
x-content-type-options: nosniff
age: 89808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23072
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 15:07:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 12:16:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA46
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMDQiXz24PSqpgF71i1J4xo&google_cver=1&google_push=AZmPxg-WRgJFCGgWtyEiIKGrAKWDGda-OzDMW4YO0M5dfyVPrn1dYvCRyO...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-WRgJFCGgWtyEiIKGrAKWDGda-OzDMW4YO0M5dfyVPrn1dYvCRyOXwDOoTTJxnoQDd-QkFsriZvbsCZdQeAMLnAj-LSgVA&google_hm=u3XErqYP7AR1...

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-WRgJFCGgWtyEiIKGrAKWDGda-OzDMW4YO0M5dfyVPrn1dYvCRyOXwDOoTTJxnoQDd-QkFsriZvbsCZdQeAMLnAj-LSgVA&google_hm=u3XErqYP7AR1bDM8Dq-wLA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-WRgJFCGgWtyEiIKGrAKWDGda-OzDMW4YO0M5dfyVPrn1dYvCRyOXwDOoTTJxnoQDd-QkFsriZvbsCZdQeAMLnAj-LSgVA&google_hm=u3XErqYP7AR1bDM8Dq-wLA
pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame BA46 43 B
356 B 80ms
24ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMV6GcdlKTr0z242WfOjTw8&google_push=AZmPxg_85tk9Lme21Jl-kojWJLFgSTq8wfev0JB_hxZVfq-Ab3TjCcZ0ALISv_k1x1kncOKDsffUEBoLaFQWhQKKU5S3FAChO4HM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=2247616821&adf=2922560527&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=-M&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640&nras=2&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=y3wWdLNLCo&p=https%3A//qa.cr-halal.com&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:26 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame BA46 43 B
64 B 43ms
25ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEM-SvFHrvYJ40nN8uJ_bC4E&google_cver=1&google_push=AZmPxg87ADi06rXAVZztOSI70n3fp7i4wy3h4Ptw_FRu6ndoKZf3To6HlhPkTLErKp0kT6rtCx3sKf9eEdb1iTx3qVbGxFWnarU7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=2247616821&adf=2922560527&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1667394804&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F3%2Fwhat-is-a-crypto-exchange&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667394804966&bpp=1&bdt=1886&idt=-M&shv=r20221027&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66fb445f8619a8a5-2262010d61ce0012%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw&gpic=UID%3D00000b7b9bb74944%3AT%3D1667394803%3ART%3D1667394803%3AS%3DALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg&prev_fmts=0x0%2C748x90%2C748x90%2C320x640&nras=2&correlator=6079542794128&frm=20&pv=1&ga_vid=1296198601.1667394804&ga_sid=1667394804&ga_hid=358752111&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070637%2C44775017&oid=2&psts=APxP-9Bwkk64tJExaojny2xSypI54KpjfEIxVomDxaLmJpkSrt2t5h_d7MIa9IF53m5gs8DiCgMIWJW3vUCIoWXYNg%2CAPxP-9CeCnnpu17gpM3sN_KutVGiZXxLR2ag9BeAM3F2eRPx4fzfY78s4mJBfl8TMGl7V37LstAYy7G5QAiKtDNrLA&pvsid=381626547704199&tmod=708995078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=y3wWdLNLCo&p=https%3A//qa.cr-halal.com&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bhsgddudf64f5jrn95j8avse560fr75a

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA46
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7zSfYwLvRSuCLuvlJW9fvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

42ms
41ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7zSfYwLvRSuCLuvlJW9fvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_1yW0Jg72OELOfIh68IELoEHn5tb5oDxt8lKM4Oed-vEwPPTXs85mr52DtUMY_F0IIt_EqvqBbGYctMbBxbo4CA9Ad0CUf

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7zSfYwLvRSuCLuvlJW9fvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_1yW0Jg72OELOfIh68IELoEHn5tb5oDxt8lKM4Oed-vEwPPTXs85mr52DtUMY_F0IIt_EqvqBbGYctMbBxbo4CA9Ad0CUf
date: Wed, 02 Nov 2022 13:13:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA46
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJgvyV9TjgX0w1geGhZ1Ezg&google_cver=1&google_push=AZmPxg8SdmcOvAjg-142BBgELvHF1E66tZbnwOxMbfJt0AL5JccEKVsOVZuvrmTPJI4YBnyxeXH...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlaTlRFQk8tMTEtM1FVRA==&google_push=AZmPxg8SdmcOvAjg-142BBgELvHF1E66tZbnwOxMbfJt0AL5JccEKVsOVZuvrmTPJI4YBnyxeXHnpTXIrvU5-yeGGTuIXqK7G2k

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlaTlRFQk8tMTEtM1FVRA==&google_push=AZmPxg8SdmcOvAjg-142BBgELvHF1E66tZbnwOxMbfJt0AL5JccEKVsOVZuvrmTPJI4YBnyxeXHnpTXIrvU5-yeGGTuIXqK7G2k

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlaTlRFQk8tMTEtM1FVRA==&google_push=AZmPxg8SdmcOvAjg-142BBgELvHF1E66tZbnwOxMbfJt0AL5JccEKVsOVZuvrmTPJI4YBnyxeXHnpTXIrvU5-yeGGTuIXqK7G2k
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA46
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_hm=Y2Js9VHex65m-CDZy7L1oQAAFKYAAAAB&google_nid=index&google_push=AZmPxg-TyghKtfJaNf2Crtby5SXK70aKbKkqw...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_hm=Y2Js9VHex65m-CDZy7L1oQAAFKYAAAAB&google_nid=index&google_push=AZmPxg-TyghKtfJaNf2Crtby5SXK70aKbKkqw4Uyzp17DPEFiVdSfBm1EhYnhAklvjVcjSN7ZnSrGbGgRaFgZEdO_s2yboh3vFQ8

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vULPTupUAuWXizt5fC3wZQ2WBxUlvcifdinYuCRRx%2BZ1aG7maVAHPe3PF4BztDPD7locUKNXe1njmORa%2BmdQ4KoZh20GRlh75kAtDNg8RgLravItbTcbZu2UXmFuPZdE2zm%2F44oKYfvz%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcdSmwlo4gt2cfdBONRnJM&google_hm=Y2Js9VHex65m-CDZy7L1oQAAFKYAAAAB&google_nid=index&google_push=AZmPxg-TyghKtfJaNf2Crtby5SXK70aKbKkqw4Uyzp17DPEFiVdSfBm1EhYnhAklvjVcjSN7ZnSrGbGgRaFgZEdO_s2yboh3vFQ8
cache-control: no-cache
cf-ray: 763d20a13a41bb53-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame BA46 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BA46 0
12 B 26ms
23ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5DY9xJ_uRpM34UvtYNXA9Yr-duxP3OyTphAFi3ENhhqAl3zb1Fhq8adXr_4P_-EW0xz1COg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6183 15 KB
16 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 461036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 05:09:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0182 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBaHI9WxiY_XpIZSY-gbO9KGQBwAAAAA4AeAEAg&bg=!3N-l35vNAAZPh4lnb4c7ACkAdvg8WlipeQgVIHOECgcrGWgQ33MyPUpjLo83-3QFAqcjMi-vxgLKjwIAAACrUgAAAAJoAQcKABQWWJtMhw05Nb5AtbkYZ8s26baL-pkC5v5XJIObMJ5O5XVddc6Ph2-1gmpo60lHjhNuJazGQFfhwlgzR0kM2iAdenmzxp7BI80HxcCIEP4J6yO7j_5QbRoK_YBuBaxQ2-6JWD0EERxMrtlgebcJyqERiaRsrTpHJ1kcLwOzbSQhF7X4RgvMwYMQcuo1EdOJv_VyFxkWO-Y3yZqpmJWF3Me9k9wH3i0solxKR7cqQ641gI9iy_rSdmfu_CPI5VHUktKbJ0epmxeYtLpHMM9It37JFggPQMQS8Afe4KHAI1v7BgSqgyEdiR-9RibtUw0CttD0K3MZ3PCzUa3vmLeB4cv3kUZ89nInY0etUGPsFrKVqIQfBh2ZwtE5XWRk3OrxFmxQkvH04arPaeIeMS8GKlVGncB52R3sxvXlXAS0JeG51f27xuWJLCQmmrRXAJhiuVHaD7MP_YrF8whmPCMNFYcSe97CJmvuNopSDpohY1wysitR6_GR9KqPadyROINNJTsTUi3VHq_gCOX9J6zj-QcAKHUgauV-z6VBrvIws7dPS52Fo6blLErXSRLQhIMrS2kUSvvalUMw5mqI3ZT-JY6e8tZrL-bqAVwwt80aAh7JnTjnB9l8vathguxGmIwabMGiIEsCjMzTem4zB_e8jl709Nv7K_aFOGUh89pqvA3cCA79Sk-_gFGYdkByW2Nmfl2DvNvbzYsJP-4b36W2lv9vdXMGoxOf-t482NQrb1vrqnfi5QKt2RKPv0GzVdkAw-ZrDnqwKIDPlIks9g9yvgY4qaZPGrphKpegAbtEmK62ecwm9F5YE1y0o-kwDHHN4AbXaB06oR9F1i_xKU7UDBlLCFAIjMUKx1UsCLzQxZdttiA-3hPdvBRQUuFIMjlxVxO7AjYO6FfgF-LpIG5a7wGFs6sjOEC3m-VwQIELQa-PtVDi12q-dyEDfTEoC99JOCH22wF5n1cb1ZGvrP8EEQz-vapo-UmS8VhqVWjjX4m9_Qwdd1WIm1sFfrLq1BE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 40DD 0
0 83ms
52ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpopLvslsMdkEULR4urfart5AXUKnFrMqJpPknc2A42OFRhh-wYhzg4ENB88W29Sk5MOeasxIjQarH23f2mXe0YIrACKyK3bUng2qsQBciob9LjWFsLWrgG36G2RdJJwVYr9rrtbb2ZTzbnIwW0Afd-06VsXZlnPR-t1bFRk_arWUX5ITTcaVSG_Df4iVkKske6CUxZmYfGMdbB-mvJD1UxtkbcwrCB1-W9nwFzf7vj8NRSqjyxWVFOlCGex9rWDzV7BKBTxKkIg4uym0--p2SKkJooPqIC89NVbmIz_JVuwR4eqxNVItofEKuGs1R5EcQ7t0BuEC-vY1c2EN7P47mq0iRznzmcKXF_TYAcDGX_DWXiUxz-VL6p40DE_CCs7xcwOoSI9vVsCYU-LsKgrww5dEK3dfnPi4gzZVJCzT22Jxh4f076wj9zvBcnm6bp1P2syCzce9xcOk4z53GfAvqLKXIMfm139RidcfbcgHVNcYYt46kZ7xaCPuEjopEpzlFlCPe1CYCUum8LvK_VX1_nuQfiX8ubfP3IjMfbNa_LHYw-S40TTL8w9yu-yUN9XaLSRqJB3p_ax8ZjsZK_vUr5Q0aN20UJSB2YRHhMkLSt8Xwh2yaNCQpURZGV8tHDTn_VvoIujLDoR5PlCbkUZmuyoE33haPrKfilWRmNXCUHj9eR43H78Qr8-pw6LJLz7qgPZdc2KNVYf1NWJRrVTi4aEf77y8RcVO4DT992yydtz5dRUTPXo7IUMjK57yjwyWxCd-IOp02jEs6_o7wnjXI2iNgW7o5BS0cmWX9yak5QytXWtR0cFB-SKD1mABYsK9eFku9JqY2VAjYVmrgK9qi_OWB4WtKd4-437GSuLiSX5IJ5-LMscH0BbcE5CRyYkxUIYzlmi8mpd1tXe8rCQO_WNjuBW8Jy442v5cpShwamnPYxa2ArIBgJDT0SfUHxSeAPVsnOq_Jqw7bQQuVMkRCXqNBW520sQRsntRkyBnQrFmCsjl0l8P8nad2K-XuZjDr1rh3cy-soB5Fx4FwmEv75a4raYTce3zAlfbF6nVSsHlGEzr8uUHiGoUcuGfv27oTSGWPOCiI0s1Z3WXqCt8nmdDW8oIOMz_A0cqweVDaEhcixD-sB-SDFgRq0yWWIGcpvNjr315BGS41AltDmEHd27OerlnZnmC0OSSe8ovjSmwV9NpGRmz3AU3q_DpoHdnNCgYE9oyY3QDzsvSESXCB_Y4&sai=AMfl-YTGGOXLsCXI-sgLYWjE5pOcVMgN2Q-435yr_D1osOlcMCieOMoHR3v5rH2nkeOH11tKzMowS5oFT5rL-rZ51fIHoL0ZJ5S_VZwiY5Xur_T8hZxz0CJHcaGI6q2ImPc4gzq0Hp2cGGhmYx2GEWQBi9M5nrEO-rNdkQ7BbDIxwj2u2qrJcBO1QympKBZTz_e_t8S_8wcO_cKLt-syybjjdaFdvYk&sig=Cg0ArKJSzH8C-2Q5QnjnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=344&vt=11&dtpt=215&dett=3&cstd=123&cisv=r20221027.03128&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: trailmagic.org
URL: http://trailmagic.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 02 Nov 2022 13:13:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4308 8 KB
6 KB 94ms
63ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1efaecd38f2f3d5651efd326734f187da9237c3c9a5c303fec8b636f24bed58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5878
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 66ms
47ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221027&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f26164aaffe198ca07d9961da2bab3f35debd8a73355f7466d3d2569fe7d7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11266
x-xss-protection: 0

GET
H3 200 motif.svg
s0.2mdn.net/sadbundle/17446820045578257021/ Frame 4308 440 B
336 B 17ms
17ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17446820045578257021/motif.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a826d60a5200da993c038ea9f6c39c45cd060b72936775a4a865509a4d4991f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 307
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 15:07:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 12:17:05 GMT

GET
H3 200 23717839_20210104241901563_xceed.svg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 4308 3 KB
1 KB 29ms
27ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20210104241901563_xceed.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2024d3b45760a2b95d57b396be69dcde335503e41f0482b262204ee51b7238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 13:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1333
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 11:37:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 13:44:22 GMT

GET
H3 200 logo_kia.svg
s0.2mdn.net/sadbundle/17446820045578257021/ Frame 4308 1 KB
689 B 28ms
27ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17446820045578257021/logo_kia.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c995290dbf27de9164f855b49d38e38662ab43b021b8bd9712ab3a8559c5a0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 660
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 15:07:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 12:17:05 GMT

GET
H3 200 23717839_20210104245332592_bg_06.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 4308 15 KB
15 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20210104245332592_bg_06.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b85a4a19b40ca6fa984aa9e2bdb0626963149541fc3ef97cee4ed77a46a68a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:49:26 GMT
x-content-type-options: nosniff
age: 80639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14848
x-xss-protection: 0
last-modified: Mon, 04 Jan 2021 08:53:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 14:49:26 GMT

GET
H3 200 23717839_20191028020938342_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 4308 17 KB
17 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20191028020938342_bg_04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06bb8f84398a6db73b6f7b49aa99df2277b24ffff4851864f083c4bba3b0f52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:49:31 GMT
x-content-type-options: nosniff
age: 80634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17440
x-xss-protection: 0
last-modified: Mon, 28 Oct 2019 09:09:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 14:49:31 GMT

GET
H3 200 23717839_20191028020933978_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 4308 20 KB
20 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20191028020933978_bg_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0be00402acec52eb215879b0a65f7470938b0dc67a5107463c78e714cae85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:49:31 GMT
x-content-type-options: nosniff
age: 80634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20342
x-xss-protection: 0
last-modified: Mon, 28 Oct 2019 09:09:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 14:49:31 GMT

GET
H3 200 23717839_20210104245335698_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 4308 17 KB
17 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20210104245335698_bg_01.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf3869da4747d9e843be208de0aaaf2130702ca3d0498c7f3f51ab81869c2723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17446820045578257021/index.html?e=69&leftOffset=0&topOffset=0&c=Tf3SIpnEg8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:49:26 GMT
x-content-type-options: nosniff
age: 80639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16978
x-xss-protection: 0
last-modified: Mon, 04 Jan 2021 08:53:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 14:49:26 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame CEB0 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:44:08 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6183 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZURXaXRob3V0Qm9keQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAA3QDAECg0QAyEAAICZmTGMQDAECg0QCiEAAABgZmYQQDAECg0QDSEAAAAAAAAAADAECg0QHioHNjA3eDI4MDAECg0QGSoHNjA3eDI4MDAECg0QDiEAAAAAoJm5PzAECg0QBCEAAEAzM1eMQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA9QDAECg0QBSEAAMDMzFiMQDAECg0QECEAAAAAgB_hQDAECg0QESEAAAAAwNTQQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAICZmWGNQDAECg0QFCEAAAAAoATqQDAECg0QFSEAAAAAAAAsQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAEAzMzePQDAECg0QMiEAAAAAmpnZPzAECg0QMyEAAAAAmpnZPzAECg0QNCEAAAAAmpnZPzAECg0QNSEAAAAAmpnZPzAECg0QNiEAAAAAmpnZPzAECg0QNyEAAAAAmpnZPzAECg0QOCEAAABAMzMLQDAECg0QOSEAAMDMzGSJQDAECg0QOiEAAEAzM4eJQDAECg0QOyEAAEAzM1-NQDAECg0QPCEAAEAzM1-NQDAECg0QPSEAAICZmWGNQDAECg0QPiEAAICZmf2OQDAECg0QPyEAAICZmf2OQDAECg0QQCEAAEBmZkqPQDAEEhpDTzZ4dHRqSmpfc0NGVVhGN1FvZG1aOEdUUSIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 13:13:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FEAB 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvek5Ov-QkAA9DoLZnDLsHk0pWF_tkmPhDWvbJ7zPcEnelJi3r37un2aN3l0UZe72ufM7rxI8UhhCETnF6DnfPqfPxDuagyHaozO3DobS963VFPY1dEVjSlYBt7GNZ-zMoTQRA2Q&sai=AMfl-YQ1KFjNCZvDQhk8IxEGdcDE3PhG2a40VV1GHKy4_271kiUfITP1eEC2QgCdjnCJwnEi-19KEuOb2CyiCoE&sig=Cg0ArKJSzDcob0YxXCxrEAE&id=lidar2&mcvt=1022&p=0,0,90,748&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20221031&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3576269607&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667394803938&rpt=1058&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4308 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 13:13:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F380 13 KB
5 KB 17ms
16ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 12:24:23 GMT
expires: Thu, 02 Nov 2023 12:24:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 63F0 783 B
537 B 29ms
29ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54f38b7e1453d257f3f8256ed1469b563179fb3e9f8afe76d432bed1694f6196

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YBy_DgVzy4YS2R8w-pHQ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-YBy_DgVzy4YS2R8w-pHQ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 13:13:26 GMT
expires: Wed, 02 Nov 2022 13:13:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame F448 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:44:08 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame F380 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:44:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 63F0 0
0 49ms
48ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221027&jk=381626547704199&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F380 0
11 B 15ms
15ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?if3MtQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:13:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B3EB 42 B
64 B 55ms
54ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTw9V37Vw2srcGC2D9KPcX4Frmbc307ktyjJsSR6Dj60u3r3I8jho-sXWRbhQRc0N1MBrnIFzAUFb0rT_H_METhiOmDlRfmUBwaV8P9huMTphheXhO7DseKrz3qpCyflQBnZR7Aw&sai=AMfl-YSllTi2QqphFNVhwOx6JBFo2RUSgel3TgNUaP7stvX_rJ7YPHeQr1Lunbs093o7SNvwizvRaJqBRU2JwYU&sig=Cg0ArKJSzGZcinMuhCqdEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,751,1000,1079,1148&tos=83,668,249,79,69&v=20221031&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667394805017&rpt=231&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 13:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221027&jk=381626547704199&bg=!trWltfHNAAZPh4lnb4c7ACkAdvg8WpWM8BJVflwBk35sVuDVq4LZbNts6neTos2P2gk8yFTT8iko9gIAAABPUgAAAANoAQcKAFHCFV7goD6Ny-mq7CdqOllWYEqmOqGVaE9SzHf2c4LRZN0c51Agi8ZjfZfVMu5nHIPp_Im69yUlSYqiF5opVe-lQ-sdA5V5ZvIyfxdFG4Z10BGZAp1tuKbq9Hs2hIJWFN2t4Ivyta-3B1TfTUV634T10iU98JGroSkUnL-b6CTiEnaSyJQxL5SEA6OLeNqTN_boNHFoCeiFhjJ_VHfgDBDrVDgDuFw0T0wMYxZM104RvMaAvjZqU5d9WovT930b3k4jdgP8qRO8LABN1ggPg-fzeaNTsiQEOVCAFyi8OlG0aDjEZAiprVsVz1WrlyIMr6L9dj0E5yeUztaTWiyhDn6JR5cBNcKK_IVf-D_cZ-iSC0B6CKJ4-hxOGYa39l_2ZAmJ4HPSYJK0KYIig9BcGxuSYZDxmjRh2ZY_l6DfPoNOG-hx41JkzCc5aZvrMxyPblYEXCLCY2haJeBi6aZUcJw2m05JRAigIi3u5tWXisy6NbCeLAd1RURgn0S1LDxu8fPgdMsgpbZth_APD-lVzjb_V0d-ONamjhZIiKiRwiMzXPgnoOuB_b8xTdYnITPJUCFW96gZsgazE9Kg7tYL1KKO_G-auyBymiVI_VlzY7WM2FShoFYzdbDpBSsJO2MWo-WqnJSwIabVF5f_YcgIMyNnzrX8zc877-19Lnib63kMR_yv-1BEYe7PAMsjMkYgJKgv1wvGw-8wb3LRCk1ahADUVqdLLg-bgH4E4rdXz4b49DxO9RfS2GjpOTcOqzlnJ9W3EdP-Wy_ymbM0a7AT1i2k7cq5mwuGO1Y4at9GEW4Z6jZm4MbBYw_wcuvFq3iqB2MQWg9JyZEMf399QSuGN0t9UXD87emLQFc2WHFwhLwPS1geBhykJglV-1NvUNTpBI459RHfYRjICS-1jt4_PW0-f7jYxkxTNncC4NqdkNpIlgPfdFZTeVj5PqzO7hHcusw_OlkksQF8EhClIWAQ2fy_RQ4hXHHd3OTktxLQFY82WIY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOSphUX-lPatHsr3N662wqI&google_cver=1&google_push=AZmPxg9plSuwP5olnRRG91ovZL6LhhN0Y0oBE3S5___Y7jwgm6nKWdGqhJUTX-_torvnxloUmS2V4FXozDIugb8yZ15okd7Tj1Bo

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 16:39:41	Name: __Secure-ENID Value: 7.SE=RXAh93QZA6cI0k4d5hAxaeG9Sc_2aFMmewCdGXDre-gU0o1Rh_6TbntvZ7k-ko4H0RopKnQHoQXh7bSWrT_QJGuSMo_IEeFPuxfF0BFvSvjtB_14_pHYBI4CpDk79O3XPPVgZVyVE1xKhEjCMfUB-GBrrCDzU0kAGTTw3ZjDZco
.google.com/	1970-01-20 16:45:54	Name: CONSENT Value: PENDING+527
qa.cr-halal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 480a9049999e5dd18ebaf17058f7fdf9
qa.cr-halal.com/	1970-01-20 07:12:47	Name: qa_key Value: 2x59pmd3fdx7aq28576b0cr0of6x2m5y
.cr-halal.com/	1970-01-20 16:45:54	Name: _ga_V7K5ME1CH7 Value: GS1.1.1667394803.1.0.1667394803.0.0.0
.cr-halal.com/	1970-01-20 16:45:54	Name: _ga Value: GA1.1.1296198601.1667394804
.cr-halal.com/	1970-01-20 16:31:30	Name: __gads Value: ID=66fb445f8619a8a5-2262010d61ce0012:T=1667394803:RT=1667394803:S=ALNI_MZEydHUzuFn9Es21R3b3A9vuXsGMw
.cr-halal.com/	1970-01-20 16:31:30	Name: __gpi Value: UID=00000b7b9bb74944:T=1667394803:RT=1667394803:S=ALNI_MZGDyo54Kv8EDXf0B-3RUgYVn2Usg
.doubleclick.net/	1970-01-20 16:31:30	Name: IDE Value: AHWqTUmX8jBZ6ovFz3it30CeUaOvrSdR2ZtFT73LFpbKInPiYgwkXBgqVHOSmWDHhDI
.doubleclick.net/	1970-01-20 07:09:58	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 09:19:30	Name: uuid2 Value: 4099171405116370656
.adnxs.com/	1970-01-20 09:19:30	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlgtEofR!]tbPl1M>e)ZlrFUfJ+tGXxp$[KaE0OwbU(Fnv%TaIS-:W=aj^NEg_W`9zubpRzqF1`b_?t*(Ds4
.quantserve.com/	1970-01-20 09:19:30	Name: d Value: EAIBCQG9J4EA
.quantserve.com/	1970-01-20 16:40:09	Name: mc Value: 63626cf5-b4c0e-65882-fd15d
.pubmatic.com/	1970-01-20 07:11:21	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:19:30	Name: KADUSERCOOKIE Value: EF349F63-02EF-452B-822E-EBE5256F5FBC
.casalemedia.com/	1970-01-20 09:19:30	Name: CMPS Value: 5164
.casalemedia.com/	1970-01-20 15:55:30	Name: CMID Value: Y2Js9VHex65m.CDZy7L1oQAA
.casalemedia.com/	1970-01-20 09:19:30	Name: CMPRO Value: 5286
.innovid.com/	1970-01-20 09:19:30	Name: uuid Value: da0e71f5-a864-45b2-b44e-d10541204aa2-20221102 09:13:25
.casalemedia.com/	1970-01-20 09:19:30	Name: CMTS Value: 5152

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_MUTFXTitlSUG7UaWniWKeQC506wSGI7o_clpMb817zl4j7VtonHREwHBxOrQAOrE5Yr_WHR-aTam1AIDcP8ZsE3DEGww&google_gid=CAESEKgdZJApo8nnZRGj-AD3_8s&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOSphUX-lPatHsr3N662wqI&google_cver=1&google_push=AZmPxg9plSuwP5olnRRG91ovZL6LhhN0Y0oBE3S5___Y7jwgm6nKWdGqhJUTX-_torvnxloUmS2V4FXozDIugb8yZ15okd7Tj1Bo Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
qa.cr-halal.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
trailmagic.org
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.18.126
142.250.185.130
142.250.185.98
185.64.189.115
185.80.39.216
185.89.210.180
192.185.180.160
2001:4860:4802:32::36
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2003
2a00:1450:4001:802::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a05:d01c:1d8:8101:d786:ef20:82e3:39f7
2a06:98c1:3120::3
34.98.67.61
35.227.252.103
35.244.174.68
66.29.132.14
69.173.144.165
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
04e9fdfdf7df8f6215c5fbb66042a62597b592c946d51adfeabb93d9fe2290a8
06bb8f84398a6db73b6f7b49aa99df2277b24ffff4851864f083c4bba3b0f52a
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
14c6adfc0d03816f5b6ba9fa2ee86019463e703400d4c718a731018f8bd71e32
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1a2024d3b45760a2b95d57b396be69dcde335503e41f0482b262204ee51b7238
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
1eff8c9e2b8d23c216ab416b7d15949fedb249ad7710918248204396e8580a60
3184e2d1861aa1ecc6629cb55c9ed2bb2224cfae3a0072f84e4377f90f035d47
404bf30472041c88e162085c0fb94fa8ef5eaee21555432a94ba62f8e64ca7d4
42db25bed9d7d64c7ab6b28f7125272b6bca5c149274dffece0935fb103230c9
44ebf160f9157bdd7e438e6628c8b0ee00e54d8234bfa308cadae9849f27bb10
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54f38b7e1453d257f3f8256ed1469b563179fb3e9f8afe76d432bed1694f6196
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5de544c5e76e2f0604be850ae0b29ec2e5de0ac242184d0d50f28a5230453cc2
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6d1b86cffd26e86430f7497206b96ebd2c27a841b78e4a7cb32d1824d2fa80ab
6f200ed5dea99ae4dc099e86e49792d79e8cc704c2b72b4f3dc6cd36facad482
6f26164aaffe198ca07d9961da2bab3f35debd8a73355f7466d3d2569fe7d7fb
7b80651c45268cc022faf4d33872d9fa159423c8fedc3d519a5cee081e0b3d9e
805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c
813571930250c78062679054dc3a63ddbabbb2e772007211d1d591ce486781e1
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
8492f63d4e2aea17ab5498a4824207f6a57b8f5cb762ace5cd310678771b5e45
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afd202c3c8cdda6e0e07fba05f02e6d804b81c336c2b128168c2532eac62792
9f2cb7f800d8da42ba568a673edfd47ba8e024039c04e2d685c176c407c1d13f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a826d60a5200da993c038ea9f6c39c45cd060b72936775a4a865509a4d4991f6
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
ab0409d0865e25e8e82c345dc73aa95c6ee01ba22eb6240a8b7efa8f490b4908
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
af8fd4962e034d87600d631df7f7892017c3942c661305f82e70926037cedf12
af96beb0a56f20250f1a863980a2daa686b86048d899dc733f947738eaca2730
b0be00402acec52eb215879b0a65f7470938b0dc67a5107463c78e714cae85c0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b7cf992cc959ec494f01e03b95bd5cb0a647822fea3b9f231594848bc7fb87bd
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
b85a4a19b40ca6fa984aa9e2bdb0626963149541fc3ef97cee4ed77a46a68a59
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c995290dbf27de9164f855b49d38e38662ab43b021b8bd9712ab3a8559c5a0d3
cc0919f1ccccd997de0e88b47f8fce17255cf80d9ea62f125370a0f6f6f94741
cf3869da4747d9e843be208de0aaaf2130702ca3d0498c7f3f51ab81869c2723
d4d449e3a807c6c083004d38fb8d65c147bd56ee1b78dfc5baa4351d41ea8f09
d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e23a21d1a2052d0bfbb522a63be8df15a624c5de4c07439cc8606e0dea8defe1
e2e5f4e3125895d94be42d2a68e91cb3929ab99267dfd24dbe019e1da996c027
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ed083f73dfd701e5889b6215302658f4ab89d368d61a8d9f97e6e7cbdb9c9c9a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a37529f9d1b6fd8c61c242222d93d4d03a73e5ba12acff12ecea0d9eb4131b
f1efaecd38f2f3d5651efd326734f187da9237c3c9a5c303fec8b636f24bed58
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

qa.cr-halal.com Open in urlscan Pro 66.29.132.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

92 %HTTPS

57 %IPv6

24 Domains

30 Subdomains

26 IPs

5 Countries

1632 kBTransfer

4387 kBSize

21 Cookies

2 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

92 %
HTTPS

57 %
IPv6

24
Domains

30
Subdomains

26
IPs

5
Countries

1632 kB
Transfer

4387 kB
Size

21
Cookies

163 HTTP transactions
6 data transactions