zh.cryptoratesxe.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Submission: On October 18 via api (October 18th 2022, 11:03:19 am UTC) from FI — Scanned from NL

Summary HTTP 50 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is zh.cryptoratesxe.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time zh.cryptoratesxe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:4600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:600:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:ce00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:236... 2600:9000:236e:6600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.157.234.236 18.157.234.236	16509 (AMAZON-02) (AMAZON-02)
50	19

20 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

zh.cryptoratesxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cryptoratesxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cryptoratesxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:4600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:600:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:ce00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:6600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.234.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-234-236.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	cryptoratesxe.com zh.cryptoratesxe.com cdn.cryptoratesxe.com	177 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	209 KB
4	quantcast.com test.cmp.quantcast.com — Cisco Umbrella Rank: 10950 cmp.quantcast.com — Cisco Umbrella Rank: 3108 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12657	110 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	9 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2424	45 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 14180 www.google.nl — Cisco Umbrella Rank: 8898	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 876	633 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 948	10 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306	92 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	700 B
50	12

	Domain	Requested by
12	cdn.cryptoratesxe.com	zh.cryptoratesxe.com cdn.cryptoratesxe.com
9	zh.cryptoratesxe.com	zh.cryptoratesxe.com ajax.googleapis.com
6	pagead2.googlesyndication.com	zh.cryptoratesxe.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cmp.quantcast.com	quantcast.mgr.consensu.org
2	quantcast.mgr.consensu.org	zh.cryptoratesxe.com quantcast.mgr.consensu.org
2	www.google.com	zh.cryptoratesxe.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	zh.cryptoratesxe.com www.google-analytics.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	rules.quantcount.com	secure.quantserve.com
1	test.cmp.quantcast.com	quantcast.mgr.consensu.org
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	www.google.nl	zh.cryptoratesxe.com
1	ajax.googleapis.com	zh.cryptoratesxe.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
50	19

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.cmp.quantcast.com R3	`2022-08-22` - `2022-11-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Frame ID: 3C6516BC144100AC8B8FF2E03A24964A
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
Frame ID: 0E91083EE995553FE7579EC3CAF52CD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7546957787628946&output=html&adk=1812271804&adf=3025194257&lmt=1666090994&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzh.cryptoratesxe.com%2Fduihuan-AIRT-IMP.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666090994481&bpp=2&bdt=186&idt=169&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6417739855947&frm=20&pv=2&ga_vid=256148791.1666090995&ga_sid=1666090995&ga_hid=1029289718&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531705%2C31070415&oid=2&pvsid=1987985601380956&tmod=1453899337&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=183
Frame ID: 002B527392D171837ADAD3258409EFA9
Requests: 1 HTTP requests in this frame

Frame: https://zh.cryptoratesxe.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666080000
Frame ID: AA131E7FD1A45C10BD4B68740C33B6C8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E086C6DBFD31A024342AE487DBE88CF7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBA2B5BEA3490FC40D8B694BA34CD84D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AirNFTs (AIRT) 至曼岛镑 (IMP) 汇率

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

95 %
IPv6

12
Domains

19
Subdomains

19
IPs

3
Countries

676 kB
Transfer

1875 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.cryptoratesxe

Search URL Search Domain Scan URL

URL: https://apps.apple.com/cn/app/cryptocurrency-exchange/id1568106339

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request duihuan-AIRT-IMP.html Show response
zh.cryptoratesxe.com/ 40 KB
10 KB 1993ms
1902ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 3afba396e0bd0930a2f0abed98a277ed70bf8f8b44ab93de4a5e5923e843f435

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 75c0c93e6a049bb0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 11:03:14 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6d6Mwsq67rmVH%2BmdorShYmbDhyI32eABBFlKnRuZcGZjuHnK5eyEecN4DJV%2Fp3E9T7WzO6lTu%2B%2FHKleOe8JJSv8LlALbh0fslK%2FYoPQeWapM4YM2ZsvlFOXrmSEpRqUCUUF4dhuYg0yLSLZLHyKU604DA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.4.16

GET
H2 200 style.min.css
cdn.cryptoratesxe.com/cryptoratesxe.com/include/ 37 KB
8 KB 76ms
32ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cryptoratesxe.com/cryptoratesxe.com/include/style.min.css
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84870b4d065df66bfddd3bdfaabef2b2563966e156015e2960dc35ac699a84e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Oct 2019 13:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 55429
etag: W/"5da5c7ad-936f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH5mmBABEqyLPWRRAuqRMv8Oi1wzDQvvhBVQYdiTEqqjNqAUZaf7V%2BGY2fzaSyPvlXLu5%2BIjpbby8UEhDNx4Dg6nD4%2Fk8n8boJT7oBM6earfei1%2BzAPddba4HPhOurdU7FKTvOCAwtjVROkfelBO0Y%2FFIc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 75c0c94ab87e9bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Oct 2022 19:39:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 106ms
46ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7546957787628946

Requested by

Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

802439be82b5d14ea98937bd59c56e720cefdbc45177f203c1e61db25dc95c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zh.cryptoratesxe.com/
Origin: https://zh.cryptoratesxe.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55078
x-xss-protection: 0
server: cafe
etag: 15641272397703167347
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 11:03:14 GMT

GET
H2 200 logo.png
cdn.cryptoratesxe.com/cryptoratesxe.com/imgs/ 6 KB
7 KB 33ms
31ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cryptoratesxe.com/cryptoratesxe.com/imgs/logo.png

Requested by

Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dedc2a2a232a74ce62d9793558b5a465d2163e0ee430119e964f8affb227369

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6377
last-modified: Thu, 05 Jul 2018 11:48:34 GMT
server: cloudflare
etag: "5b3e0592-18e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwxoEzGNdhHucyNTtasPoBbygg0HAr1plbaBsSsTexpR%2FJH8cipoXXaUpM9E%2BbskMHgzqA6OiQDyKMF17myeF4zkRS1XBoUOFnWvrgeduDTQ3uAK5ZwePOPEd%2BjSJ7VHfoBPWdsZs1h6iPQA18rKvvnNuMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75c0c94ae90d9bb0-FRA

GET
H2 200 zh.png
cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/play-btns/ 6 KB
7 KB 282ms
274ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/play-btns/zh.png
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16a65ca16b3a2b64b15ab060024c91eb2e7c837d2b1f23d6bfd7d36de74862eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
cf-cache-status: MISS
last-modified: Thu, 26 May 2022 11:03:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "628f5e70-18aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOzKAdWOxjFAMKp%2BrFSFV%2BnrInm2qiPYfQ%2BRRhOkEMoZcq6z2M7gi0A%2Fw3qUHI9uvKAW%2BAcpdgI46Lr3HohuxoqJTi0yRDTsLrCK4CAd9aArynx%2Fl%2BI8HtLlHiHapZLYJJoDiZVmURjRLC4tuupCJhan67Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c0c94b09489bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6314
expires: Wed, 19 Oct 2022 11:03:14 GMT

GET
H2 200 zh.svg
cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/appstore-btns/ 8 KB
4 KB 219ms
210ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/appstore-btns/zh.svg
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65191b2d1182a194e510b27c9985b1367b60ed6ef565f86fc492f585a27bc932

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 May 2022 11:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628f5e6f-21c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lFRRfX2ddIiGW7uZBfXklfiNsciVugIpJqWFFfFIH2Rwohgv%2FhsSv27naaKH0X%2BQ6pc85UX7rgGajT%2F9aPMATTCGpUA0f9d2KPZZFaFGYlNSHuC7Oa4bJyQMT3ZpeuVqKqXYtyKTabODNYtPC%2Fc4D6SxaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 75c0c94b09569bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 11:03:14 GMT

GET
H2 200 ajax-blocks.gif
cdn.cryptoratesxe.com/cryptoratesxe.com/imgs/ 54 KB
54 KB 40ms
32ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cryptoratesxe.com/cryptoratesxe.com/imgs/ajax-blocks.gif
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885e0d3a35eb0b5d4d8e39e72d3a149814d62c272d1ba55c42dcc8023b93ad17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62506
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55081
last-modified: Wed, 20 Jun 2018 08:06:43 GMT
server: cloudflare
etag: "5b2a0b13-d729"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMkW9C3Gi7XbFu1ATUL8H9OvqGa0qWqbxBFKlmn6hbiBBrDRQEoNLWmsHdd122N8nD7JGEo82wEGFEWb%2FUjEuNTlv3nlhjjeyx4rVmXIMS30erccX3rlOZVCE192iaDVOSDlOjcsAONJvxmNd3JmRdn%2B0pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c0c94b09579bb0-FRA
expires: Tue, 18 Oct 2022 17:41:28 GMT

GET
H2 200 preferencies.js Show response
cdn.cryptoratesxe.com/_zho/js/ 303 B
533 B 234ms
227ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cryptoratesxe.com/_zho/js/preferencies.js
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46710b9a74bbb6eb03b7203d6ad7123b7a9f2a9af43649ce60b9087dedcd42e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 10 Apr 2018 10:24:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5acc90cd-12f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2v3HHAEzttUeN7NIp7z%2Fpo0sMzET4CjRaofKcJ09NJ1AcnnwQ6rUrADAAKegzR8nCz88D0Aj5y1zA0ddQ%2Fle28Yjw%2Fngt1cdthiMV4cCVhHLSo8m2TR9dd3Uk0GCHEtvi073Qyqus3gH78Ls6VFBBKXYes%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c0c94b09599bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 11:03:14 GMT

GET
H2 200 clipboard.m.js Show response
cdn.cryptoratesxe.com/_zho/js/ 10 KB
4 KB 274ms
267ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cryptoratesxe.com/_zho/js/clipboard.m.js
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 10 Apr 2018 10:24:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5acc90cd-2780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGzhdF%2BlTSIxDe8vr6COg4fj102ytCw%2BebUxhj%2FbYm929w7LOvOhNS9%2BTRHKCE%2FkQRQw8rKwFyLfM9hSrO4Acd%2B0BjdR1Iq5314Rmqj0kTK6K91r2xstodefTiuIww7ni%2BGt9wg9QmtIYyuxtvVvDMY4ghU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c0c94b095b9bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 11:03:14 GMT

GET
H2 200 valut_suggest2015.js Show response
zh.cryptoratesxe.com/js/ 18 KB
4 KB 270ms
264ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/js/valut_suggest2015.js
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: dbc7ad46e1b99cb0e90426e0e1f01f7cb73706092c43533bf05f95134119dc8b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KJsqYhe8EmDrkZrUtcaKAXilcVOF%2FClkLInkh0zwvwoGOm91ELbUO86ooyoqLiwn5xzYSSFkP1Ol7nV6t02HKJG4TukN8p%2FgXg7G7p7k0Ypd1fN7wm5vvtEbq1lyLydY9wD%2B6K7zTFMq8%2FJcrxNOjdRVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75c0c94b095d9bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 feedback_crxe.js Show response
cdn.cryptoratesxe.com/_zho/js/ 4 KB
2 KB 255ms
249ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cryptoratesxe.com/_zho/js/feedback_crxe.js
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f172b10eb9c9d061f80dc0625af88a1129addc367fcf79b4daba1d939d3e678e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 06 Jul 2018 12:07:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b3f5b9b-100f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHgwfq7GD4hnhJqqraGRze9pNECFUHjISr208aawZ%2BL%2BIUguuU%2FPK%2FCl9ZP2LZYPk9AWIm%2BgWZhxIiz90EEEaEXDbaiyvRrVmP%2FmEQZVM3MJyI7lXSc2z22GbP9WZ9czl%2F5xACqG1pqgQMmBPeILwciGAXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c0c94b09609bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 11:03:14 GMT

GET
H2 200 c.min.js Show response
cdn.cryptoratesxe.com/cryptoratesxe.com/js/ 16 KB
6 KB 32ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cryptoratesxe.com/cryptoratesxe.com/js/c.min.js

Requested by

Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d797d5e820f22e360260d957ada4a4bba653a4cf42f61fa71046a23bb85450e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 09:10:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2717
etag: W/"5d527e88-40fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1Dg4DDzX7J6KWJra7PL8jKLUowke4mTqrKEU%2BaAt8rDJy4FoP8F6YMz0wcvboKLIaf1NKaSTEaBuWvBHu5Ak2J%2BKZwulSU%2BilCGNfIT5T%2FxNGiSbdQ0GDo%2BJXSjvJvQOxBxvSrsejkrYJUz5nT0qo8Gl1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75c0c94b09629bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 selectarrow.png
cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/ 212 B
572 B 31ms
29ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/selectarrow.png
Requested by: Host: cdn.cryptoratesxe.com
URL: https://cdn.cryptoratesxe.com/cryptoratesxe.com/include/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82974d6b6889fdaa96d79f21f33859106bd4bd1558bbf8ac07da60bd81c90407

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.cryptoratesxe.com/cryptoratesxe.com/include/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 212
last-modified: Fri, 04 May 2018 12:24:32 GMT
server: cloudflare
etag: "5aec5100-d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5XODYLwrXVEfU9Cz2dbiRhq%2BKwvumJRXbFWhDgYTu7WlmGpoF%2BcXHsiYGc4PRbNMsRxx4uqUqD5esgnSnHybNqaEQHbCw7rYhjFwmdbpPRvlbA%2BDg09dUlsAiehCh9%2BE%2F4iK%2BbNjqMfR1Cj8IhO8sBIbcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c0c94b09669bb0-FRA
expires: Tue, 18 Oct 2022 19:39:26 GMT

GET
H2 200 icons.png
cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/ 44 KB
44 KB 48ms
48ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/icons.png

Requested by

Host: cdn.cryptoratesxe.com
URL: https://cdn.cryptoratesxe.com/cryptoratesxe.com/include/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

729be3e07360fbac55f9fb2aa87a61f775498bf4051f16edaefab2a686bf3a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.cryptoratesxe.com/cryptoratesxe.com/include/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78460
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44749
last-modified: Thu, 05 Jul 2018 11:49:31 GMT
server: cloudflare
etag: "5b3e05cb-aecd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuRlJGrh4AgUQucsNVsve3%2FHyQhfaF59VqaYuhkvY9jGlIYvZHzLUq77KRBZirUQlH9Q1fC7gWiI9U0b%2F20YNTUCL8znoyhhiOJptAmJBJ7YKtjyC%2FRQaqpxkXXu3QfH5Ha1If77MqIN416LmyaSxVR3okk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75c0c94b09799bb0-FRA

GET
H3 200 refresh.png
cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/ 306 B
847 B 29ms
29ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cryptoratesxe.com/cryptoratesxe.com/imgs2/refresh.png

Requested by

Host: cdn.cryptoratesxe.com
URL: https://cdn.cryptoratesxe.com/cryptoratesxe.com/include/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b8d6c643942c8e97f161622904dbd5ee9ef685154d989ee9c42794fc11ec09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.cryptoratesxe.com/cryptoratesxe.com/include/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19182
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 306
last-modified: Fri, 04 May 2018 08:18:34 GMT
server: cloudflare
etag: "5aec175a-132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu2x7VHl7pzUC9vD8IxHX0GGP5d4a5SyK8hcn8%2B6sYbC2SvSR0BQFZyWsSA8c1LO3fQzGyDy4RWSTKVUzo8V1tmqzhlSCT7paQj029jXzm0WI4V83xfpUjRgVhwyRyisDW1YKHPaoZd8A%2BHtAjO2QXRZXAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75c0c94b2cca9b63-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 11:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 75
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 13:01:59 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ 353 KB
116 KB 103ms
61ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7546957787628946&plah=zh.cryptoratesxe.com&bust=31070415

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7546957787628946

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

085521e65ba8a76a553838056488a54848ed72d384f17fbf57af666f8b65dddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118764
x-xss-protection: 0
server: cafe
etag: 17369798705726345859
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 11:03:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/ Frame 0E91 10 KB
5 KB 78ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7546957787628946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zh.cryptoratesxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 57649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:02:25 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:02:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 72ms
28ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1029289718&t=pageview&_s=1&dl=https%3A%2F%2Fzh.cryptoratesxe.com%2Fduihuan-AIRT-IMP.html&ul=en-us&de=UTF-8&dt=AirNFTs%20(AIRT)%20%E8%87%B3%20%E6%9B%BC%E5%B2%9B%E9%95%91%20(IMP)%20%E6%B1%87%E7%8E%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1811076135&gjid=189687228&cid=256148791.1666090995&tid=UA-3351246-56&_gid=1232826368.1666090995&_r=1&_slc=1&z=177276857

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zh.cryptoratesxe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 11:03:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zh.cryptoratesxe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 65ms
22ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3351246-56&cid=256148791.1666090995&jid=1811076135&gjid=189687228&_gid=1232826368.1666090995&_u=IEBAAEAAAAAAACAAI~&z=656343183

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zh.cryptoratesxe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 18 Oct 2022 11:03:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zh.cryptoratesxe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
700 B 79ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=zh.cryptoratesxe.com&callback=_gfp_s_&client=ca-pub-7546957787628946&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7546957787628946&plah=zh.cryptoratesxe.com&bust=31070415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1781d8eac0be43ce2980c0ca9bad08d9e5f76c8cd882fd077dbbd1ff137ee80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 194ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=zh.cryptoratesxe.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 84ms
29ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zh.cryptoratesxe.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 002B 9 KB
4 KB 220ms
177ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7546957787628946&output=html&adk=1812271804&adf=3025194257&lmt=1666090994&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzh.cryptoratesxe.com%2Fduihuan-AIRT-IMP.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666090994481&bpp=2&bdt=186&idt=169&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6417739855947&frm=20&pv=2&ga_vid=256148791.1666090995&ga_sid=1666090995&ga_hid=1029289718&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531705%2C31070415&oid=2&pvsid=1987985601380956&tmod=1453899337&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=183

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f386fec760fa8bf21af59d89e5bd0355d389b4dee8176943828845bb7e600cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zh.cryptoratesxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4187
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 11:03:14 GMT
expires: Tue, 18 Oct 2022 11:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 invisible.js Show response
zh.cryptoratesxe.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame AA13 39 KB
14 KB 35ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666080000
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc56667b16f4034201129f4bea1db30120e2f08e22e9d9ecb014c7894646ebb2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BD3MgLr%2FTgHdh1FWH5gJ0ZHmmV6ShMaQEaHKPgDFFJ6bE9BQWXrWTQrqEBHejJ%2Bd5NkqKQa8oCMQrIYbRYhN60IEP%2BT8KVPrbh1LzJSrjBBpUIswDv%2BuVNqp%2Baj7KtytG1YOtkTW%2BCeboIv5ObMN6NrvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75c0c94cba0f90a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 103ms
33ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 17:49:34 GMT
x-content-type-options: nosniff
age: 62020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 17:49:34 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 95ms
46ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3351246-56&cid=256148791.1666090995&jid=1811076135&_u=IEBAAEAAAAAAACAAI~&z=622787346

Requested by

Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 11:03:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 97ms
47ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3351246-56&cid=256148791.1666090995&jid=1811076135&_u=IEBAAEAAAAAAACAAI~&z=622787346

Requested by

Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 11:03:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pica.js
zh.cryptoratesxe.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame AA13 20 KB
7 KB 39ms
38ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab919414bb50b31120e89f69ede8f20a12c0cbbf0a5e12e631467aa3fc045d19

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:14 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxtYH4Ba7mmCcVYlBhNx68jWX9zUCsU6HDLFPsCs%2BWyGq3lm9gl9BimU5MQuly4W6EKtZg5%2FpNzaT0uCP4TC4mhM2MtF5ub3TS2gzLLhteEbySoXC2kVVA7RnJSBBWIpwYWpuN1tFSli9SAztMuwAiPBow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75c0c94d2a9a90a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 geoip.php Show response
zh.cryptoratesxe.com/include/ 400 B
811 B 443ms
443ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/include/geoip.php?ip=2001:1af8:4700:a069:35::3
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: a256a89fe1f7e954de8bb6a41614c0b39e1ad347fdf2399c4a96b42f53a36bf8

Request headers

Accept: */*
Referer: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 11:03:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nnkm3waGim%2FT98Iquu6qPwCIBbDLsjFv2OYMHt0eEbdSSW00WSnqhDopZnKvdwQhRpM4N%2B6O5%2FrullgI%2FBKzohXyKwUHl5FCYH%2BOeR%2BmtNcKn%2BHbcUsnl3qneOxRGPQ60stH4dGbSkWJsnU%2F%2FKRPDM%2Fi6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75c0c94dbb5890a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 timezone.php Show response
zh.cryptoratesxe.com/ 0
547 B 419ms
419ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/timezone.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 11:03:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ljs0amgZkt1OtrCFxkPAhVabgxyhUY4XTtYJrToqNdHP4FUi6NRBaHnmCrt6QOJ54CdoKMj895Ra%2FcM%2Fhz8OMvW1CKUDliPDewCsyaa0yNrsP39Nbd5RhBOCMFp90c8RmWqR1HLutZvLz0hHlTFOVVjYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75c0c94ddb8b90a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 75c0c93e6a049bb0 Show response
zh.cryptoratesxe.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame AA13 2 B
660 B 107ms
107ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/cdn-cgi/challenge-platform/h/b/cv/result/75c0c93e6a049bb0
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666080000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Oct 2022 11:03:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTkfBFMurInsRHc1eWQUbHg7zfA6vUoflDVf9hPtNIfhrPoVDKQNZrXZBoEmnmPacVb2lPgqRIZ2MI7YZXuDHFaSWbbvbnbSwe5eXS2TrvdF72ka0E9mIm4zZhBeeCufm1m1Uv3XtaRzWKUIyG9nlH1tKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75c0c94f0d5590a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 102ms
36ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221013&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

967ea73c4ed419a2577653906c1a68da6a360a332c2c3106501383464c3a3a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11193
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 11:03:15 GMT

POST
H3 200 geo.php Show response
zh.cryptoratesxe.com/include/ 1 KB
1 KB 97ms
96ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/include/geo.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 6765bf9cac23f2135cb8b53ac4f1d2d0a253e02c263c75ac837e0382d0819df6

Request headers

Accept: */*
Referer: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 11:03:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKFjGmjKpVYf5ntmYT%2BQ%2B%2FEKydULJ1oZBXZXwV65aYZ%2FC1R%2FWrgWsnYZWKWR43qDN9vMN05GwNip4BqyeYvDqDZJRm1aWk9UOj%2BTZxwK43GnE0kNZHZ6r1QDboBkRxL3q9n3CR7Ljz%2B%2BeJ%2BthiTf%2FhZ6Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75c0c9508ef090a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 quantcast_cryptoratesxe.js Show response
zh.cryptoratesxe.com/js/ 4 KB
2 KB 253ms
252ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zh.cryptoratesxe.com/js/quantcast_cryptoratesxe.js?_=1666090995279
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: a5fddeae2d5fcd100eaa10738e322d9571d54e1e16c0261370ac74c8df8bec54

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 11:03:15 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg3yJGTPyYpEBWijGyJL6fUER0YHf5AvOnpKrZbJ3FIMAWhhzhLcbNAljWhjiUxQgyQNltUD5y0v0uiQ42llFSzVlRerrdW3%2BAahfngnjiaNMUR%2FBdeSEisu4BTuOir1VSQq9bn6ylV3Ug28pEBEQzih5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75c0c9508ef690a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E086 13 KB
5 KB 94ms
24ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zh.cryptoratesxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 5252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 09:35:43 GMT
expires: Wed, 18 Oct 2023 09:35:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DBA2 783 B
532 B 74ms
31ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b71a9814e0826e9e015dfe1dff299eb3e464ffaf54718f7d829b50abdbde5b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2f7ViplEBoqdg_siLanAUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zh.cryptoratesxe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-2f7ViplEBoqdg_siLanAUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 11:03:15 GMT
expires: Tue, 18 Oct 2022 11:03:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DBA2 0
0 54ms
54ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221013&jk=1987985601380956&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame E086 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:48:17 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/thuPsf5U2LBfS/cryptoratesxe.com/ 3 KB
2 KB 481ms
428ms Script
application/javascript 2600:9000:206f:4600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/thuPsf5U2LBfS/cryptoratesxe.com/choice.js
Requested by: Host: zh.cryptoratesxe.com
URL: https://zh.cryptoratesxe.com/duihuan-AIRT-IMP.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a41569bf137d321295ba5e6b7f41f5954b5113ecf3785bf5d50ab39f835fb78f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:16 GMT
content-encoding: br
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jul 2021 10:45:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: W/"1c43d2327e80006f4b78162bf30b6fde"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3V7dOG0yHnrLwyQkkjQjYxCGhEeSsixL7rXqe9V_0kVk2AbzNVnn_A==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E086 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2Vxx7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 160ms
19ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/thuPsf5U2LBfS/cryptoratesxe.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:03:16 GMT
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 25 Oct 2022 11:03:16 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
44 KB 25ms
24ms Script
text/javascript 2600:9000:206f:4600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=cryptoratesxe.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/thuPsf5U2LBfS/cryptoratesxe.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:02:35 GMT
content-encoding: br
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 43
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 18:13:49 GMT
server: AmazonS3
etag: W/"6d50b90bdafc3d438c55bd915fd5301d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: 2BKBlnW5rlLokzh_nGpD1gKKcR7N5WMVB1e8OzhFlLyL-6S6D_NrUQ==

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 87ms
20ms XHR
application/json 2600:9000:211e:600:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=cryptoratesxe.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:600:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a516850efa3ee956c74740838465b2d9ba0252e81a4056a3c646baaefad3d3b3

Request headers

Accept: application/json, text/plain, */*
Referer: https://zh.cryptoratesxe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:00:37 GMT
x-amz-version-id: kSZtBt_BZH2e6X4wkdwH4ToD1vwHbb6H
content-encoding: br
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 28960
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 16 Oct 2022 19:52:29 GMT
server: AmazonS3
etag: W/"f44973b40f5b1f2c0d2efb33eb66a4ea"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: F9mWwViTh_LNP4GS39OmhFTdzuZvpBVlr_c2hbDw0tTIIjjX7vWgPA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221013&jk=1987985601380956&bg=!8_Cl8LTNAAYeOJy_Pjg7ACkAdvg8WmwQEJc5-qGQ46V1d8O-dhqEf1J0qwZilYULtgsES9BlJD16dgIAAABpUgAAAAJoAQcKALwr-hu2jsIJ2Hm44GfXvnY6t3e8CLRdNj41BcykR45dVqUDk3wuDpvl3zIELQ34uMgHKlwaLQufNNLd0cDA0ro1cvhYcUBaWYkru5hFEogaepd44UbTCUtMEmMMTbk8RZ4ZnYCzW6MgIAMwptPDhY8kohoHdV2JeakahQjvNHJMT3RsdLgYky4eTKU9SFz6rpHH1HhtaoPNeTzRayOQKADoJz90Hgdi49GpwyQ5lDbV7sQ04RXBOjPip9QyApkCrmSkN64_SDu-y6yHcNaE6-oGYKNNQrLTGMdMycPtMz4QUPcgiIJlUTQcUG8wn0nXYYBhzhnwpDKgknFPPHa1c0ZY1-6zdSSAz7NITOUkkrtl9XrkRLaQvKu3gNmVbHNkQu95qeadHna4bNxZHaiGx3L1BV3ggG9GzzFC9NoOdeeRAHUPQ2kq_DmXeA422ajQWtiGBeR2b4kQcQSdwPLArrQF9Wu8X_3j-wJwc8aPdiaO5MPXN17DRrmwBJOL-oNtkm992fSUhnm38wR9KrlulEAaA7qvtGCWw26qGtdg0W7Qm5nnxOW9DgQwOP26gRssFYXcmnDGKazlEAgPK_PbIRNJQhzhLPujrC3wGpZHvnEAkqq1PqnYtnX0wMqfXBKPmgXvT1Uw37XsHAz0hDWLu_8gPAYzsjbGmq8Zz3QH35eO9bwsEyZhmG0-L-LUt6UPfJLw8Nx4HDUUiOY6-wFm6V63JNbCtfNhpSEjAfRWt3SZ3Cez01yCDr-GFAtz8dOgOGN58M9x46FpjtgXcKAHc5OXmYesGXNK14FYaUpwLa9wM9zpu7Dj4FPRDve_L56JgeEl_WDZjYMMs7wwRP90dY4YbNepZ6jAj1fx8uCh1BNLDTH7nSmOPnhD6p2getEVeUzc_ScmzfZBBynBfUexqlZGhJAOJP9CkLr8bfXy2u8dOINPf-ivMny-UH0XAKTqL4fLHlstq6ailjjJYDOAXHXzH62n7IMXTunWGGZqfJ_oaUgsSYRt8vsmzWAH1d4SOoSdUFclpx4Hb10nSHBown5i8SoUQGfSUlTdDmUpePz_rCI9ppHsBtmvjrPYjrRdZV45O8WF8zGx05_sPRLC6RBp8rIhqS7hkrtyysBK_RC51jfdAwICVe45DbUSbepVi7U8Pwc8jHQ24QNJmsX4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 rules-p-thuPsf5U2LBfS.js Show response
rules.quantcount.com/ 160 B
633 B 71ms
20ms Script
application/javascript 2600:9000:225e:ce00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-thuPsf5U2LBfS.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e732f502493a26028aff6999f6aee9b07ba4260ff55aa36c95d7e19b30831960

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 10:27:30 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 16:29:11 GMT
server: AmazonS3
etag: "e299dcfffd38ad17d19c15ccd3ae1628"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Oe1tuXoo5ahUU0ugTzDlfc1kOMVIr4MkXt3kBdzIVB3F0Df5KUIayQ==

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/44/ 248 KB
65 KB 153ms
24ms Script
text/javascript 2600:9000:236e:6600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=cryptoratesxe.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 04:31:16 GMT
content-encoding: gzip
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 23521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 14 Sep 2022 18:13:35 GMT
server: AmazonS3
etag: W/"c26dab36f353a381230d68d0a5c0fa59"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: kW9z_Xn-Dm3c2nvhOXYnHXVAvLp2_wmXymt2Pio7D6U5WsZsYfgZkg==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 344 KB
42 KB 155ms
27ms XHR
application/json 2600:9000:236e:6600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=cryptoratesxe.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b18fbecf24620727f0c5203a20bf9bd9ce1d815d95cc7f8a40e30c92bd7c77f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zh.cryptoratesxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:00:44 GMT
content-encoding: br
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 28953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 18 Oct 2022 03:00:33 GMT
server: AmazonS3
etag: W/"51d2a0cfce211308e96b01829ade44aa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: tgqXLYN1Bum2DOm731SnA4XbKdwVNefU1i78cEpR0aFkjUV1FaospQ==

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 80ms
25ms XHR
text/plain 18.157.234.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22thuPsf5U2LBfS%22%2C%22domain%22%3A%22zh.cryptoratesxe.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22ml3vfJhW7Xc8IFlhNuMqLQ%22%2C%22clientTimestamp%22%3A1666090996405%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-j61dlp9rlky01ilfksfi%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.234.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-234-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://zh.cryptoratesxe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Oct 2022 11:03:16 GMT
content-length: 2
content-type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
zh.cryptoratesxe.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: s0p085kh68stbpurito74dkb35
.cryptoratesxe.com/	1970-01-20 16:24:10	Name: _ga Value: GA1.2.256148791.1666090995
.cryptoratesxe.com/	1970-01-20 06:49:37	Name: _gid Value: GA1.2.1232826368.1666090995
.cryptoratesxe.com/	1970-01-20 06:48:11	Name: _gat Value: 1
.cryptoratesxe.com/	1970-01-20 16:09:46	Name: __gads Value: ID=2192203a93c41e0e-2213b4604ace0062:T=1666090994:RT=1666090994:S=ALNI_MaDdZlpc9mfQbcofl7qXyPYiQ7H7A
.cryptoratesxe.com/	1970-01-20 16:09:46	Name: __gpi Value: UID=00000b74af916695:T=1666090994:RT=1666090994:S=ALNI_MbKy2Zh_l_26DChibs_81V5Txlr4w
zh.cryptoratesxe.com/	1970-01-20 07:31:22	Name: currs Value: %7B%22IRT-IMP%22%3A1%7D
zh.cryptoratesxe.com/	1970-01-20 07:31:22	Name: guid Value: 8c80f2cc-0c27-4663-ada7-6a7786b2fb95
.doubleclick.net/	1970-01-20 06:48:11	Name: test_cookie Value: CheckForPermission
.cryptoratesxe.com/	1970-01-20 06:48:12	Name: __cf_bm Value: vNUsIJuRahnUoxhXNg3oQtp0vCj_BN0cI5191K2S2gk-1666090995-0-AQnX/IMK18c8Sk8hs/P1+2QkqBmFpHVrQ7G3RQZ7p/IDV2Y9vtpYcqBRjLgtSIp1feII0aGA10GD5vJBQL8SI2cPxU5A9gYyBcq5mZrgDNdf8X1JUnxaEJaVUBsPALNqPw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
ajax.googleapis.com
audit-tcfv2.cmp.quantcast.com
cdn.cryptoratesxe.com
cmp.quantcast.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
test.cmp.quantcast.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
zh.cryptoratesxe.com
18.157.234.236
2600:9000:206f:4600:9:46dc:4700:93a1
2600:9000:211e:600:3:a4cd:8380:93a1
2600:9000:225e:ce00:6:44e3:f8c0:93a1
2600:9000:236e:6600:9:46dc:4700:93a1
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9d
2a06:98c1:3120::3
2a06:98c1:3121::3
085521e65ba8a76a553838056488a54848ed72d384f17fbf57af666f8b65dddc
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
16a65ca16b3a2b64b15ab060024c91eb2e7c837d2b1f23d6bfd7d36de74862eb
1781d8eac0be43ce2980c0ca9bad08d9e5f76c8cd882fd077dbbd1ff137ee80d
18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
31b8d6c643942c8e97f161622904dbd5ee9ef685154d989ee9c42794fc11ec09
3afba396e0bd0930a2f0abed98a277ed70bf8f8b44ab93de4a5e5923e843f435
3dedc2a2a232a74ce62d9793558b5a465d2163e0ee430119e964f8affb227369
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
65191b2d1182a194e510b27c9985b1367b60ed6ef565f86fc492f585a27bc932
6765bf9cac23f2135cb8b53ac4f1d2d0a253e02c263c75ac837e0382d0819df6
729be3e07360fbac55f9fb2aa87a61f775498bf4051f16edaefab2a686bf3a82
802439be82b5d14ea98937bd59c56e720cefdbc45177f203c1e61db25dc95c36
82974d6b6889fdaa96d79f21f33859106bd4bd1558bbf8ac07da60bd81c90407
84870b4d065df66bfddd3bdfaabef2b2563966e156015e2960dc35ac699a84e5
885e0d3a35eb0b5d4d8e39e72d3a149814d62c272d1ba55c42dcc8023b93ad17
967ea73c4ed419a2577653906c1a68da6a360a332c2c3106501383464c3a3a3f
9b71a9814e0826e9e015dfe1dff299eb3e464ffaf54718f7d829b50abdbde5b3
a256a89fe1f7e954de8bb6a41614c0b39e1ad347fdf2399c4a96b42f53a36bf8
a41569bf137d321295ba5e6b7f41f5954b5113ecf3785bf5d50ab39f835fb78f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a516850efa3ee956c74740838465b2d9ba0252e81a4056a3c646baaefad3d3b3
a5fddeae2d5fcd100eaa10738e322d9571d54e1e16c0261370ac74c8df8bec54
ab919414bb50b31120e89f69ede8f20a12c0cbbf0a5e12e631467aa3fc045d19
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b18fbecf24620727f0c5203a20bf9bd9ce1d815d95cc7f8a40e30c92bd7c77f8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
d797d5e820f22e360260d957ada4a4bba653a4cf42f61fa71046a23bb85450e4
dbc7ad46e1b99cb0e90426e0e1f01f7cb73706092c43533bf05f95134119dc8b
dc56667b16f4034201129f4bea1db30120e2f08e22e9d9ecb014c7894646ebb2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46710b9a74bbb6eb03b7203d6ad7123b7a9f2a9af43649ce60b9087dedcd42e
e732f502493a26028aff6999f6aee9b07ba4260ff55aa36c95d7e19b30831960
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f172b10eb9c9d061f80dc0625af88a1129addc367fcf79b4daba1d939d3e678e
f386fec760fa8bf21af59d89e5bd0355d389b4dee8176943828845bb7e600cce
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

zh.cryptoratesxe.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

95 %IPv6

12 Domains

19 Subdomains

19 IPs

3 Countries

676 kBTransfer

1875 kBSize

10 Cookies

2 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zh.cryptoratesxe.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

95 %
IPv6

12
Domains

19
Subdomains

19
IPs

3
Countries

676 kB
Transfer

1875 kB
Size

10
Cookies

50 HTTP transactions
0 data transactions