qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bangladeshembassy.bt/
Effective URL:
https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Submission: On October 30 via api (October 30th 2022, 4:52:51 pm UTC) from FR — Scanned from FR

Summary HTTP 145 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 8 countries across 27 domains to perform 145 HTTP transactions. The main IP is 66.29.132.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is qa.cr-halal.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 9th 2022. Valid for: a year.

This is the only time qa.cr-halal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2405:d000:0:1... 2405:d000:0:100::216	18024 (BTTELECOM...) (BTTELECOM-AS-AP Bhutan Telecom Ltd)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
13	66.29.132.14 66.29.132.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 1	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
1	192.124.249.5 192.124.249.5	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700:10:... 2606:4700:10::6816:6f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3 18	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	88.221.168.166 88.221.168.166	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c03::78	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.155 64.233.167.155	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:9::6	15169 (GOOGLE) (GOOGLE)
145	29

1 2405:d000:0:100::216 (Bhutan)

ASN18024 (BTTELECOM-AS-AP Bhutan Telecom Ltd, BT)

bangladeshembassy.bt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 66.29.132.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium197-2.web-hosting.com

qa.cr-halal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.5 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10005.sucuri.net

www.analyticsinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:6f6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.stilt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.74.194 (Glen Cove, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.166 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-166.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::78 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:9::6 (Ireland)

ASN15169 (GOOGLE, US)

r1---sn-25glenld.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	562 KB
39	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 295 cm.g.doubleclick.net — Cisco Umbrella Rank: 213 bid.g.doubleclick.net — Cisco Umbrella Rank: 499	183 KB
13	cr-halal.com qa.cr-halal.com	86 KB
10	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	69 KB
9	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 257 gcdn.2mdn.net — Cisco Umbrella Rank: 910 r1---sn-25glenld.c.2mdn.net	121 KB
8	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 516 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421	7 KB
7	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 71	3 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 417	131 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 668	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	188 KB
3	openx.net 3 redirects rtb.openx.net — Cisco Umbrella Rank: 1413	639 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 544	573 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 338	957 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1474	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 644	793 B
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 25793	914 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 944	725 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 869	696 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2835	347 B
1	stilt.com www.stilt.com — Cisco Umbrella Rank: 357726	96 KB
1	analyticsinsight.net www.analyticsinsight.net — Cisco Umbrella Rank: 285987	113 KB
1	shortpixel.ai 1 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 17598	709 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	75 KB
1	ois.is ois.is — Cisco Umbrella Rank: 360028	717 B
1	bangladeshembassy.bt bangladeshembassy.bt	352 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
145	27

	Domain	Requested by
26	tpc.googlesyndication.com	googleads.g.doubleclick.net bangladeshembassy.bt tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
23	pagead2.googlesyndication.com	qa.cr-halal.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com bangladeshembassy.bt www.googletagservices.com
18	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net qa.cr-halal.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	qa.cr-halal.com	www.google.com qa.cr-halal.com
6	s0.2mdn.net	bangladeshembassy.bt s0.2mdn.net googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	2 redirects ois.is googleads.g.doubleclick.net tpc.googlesyndication.com
4	image6.pubmatic.com	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	rtb.openx.net	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	bangladeshembassy.bt
2	r1---sn-25glenld.c.2mdn.net
2	id.rlcdn.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	csi.gstatic.com	imasdk.googleapis.com
2	pixel.rubiconproject.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	odr.mookie1.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.stilt.com	qa.cr-halal.com
1	www.analyticsinsight.net	qa.cr-halal.com
1	sp-ao.shortpixel.ai	1 redirects
1	www.googletagmanager.com	qa.cr-halal.com
1	ois.is	bangladeshembassy.bt
1	bangladeshembassy.bt
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
145	38

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-10-29` - `2023-01-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
qa.cr-halal.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-09` - `2023-10-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-10-18` - `2022-12-27`	2 months	crt.sh

This page contains 26 frames:

Primary Page: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Frame ID: BA273A73DDF28C445DE320BB5CA4A0D8
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: 33C73A18B8D86454B22DB1980534FD47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1667148764&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148764266&bpp=6&bdt=996&idt=153&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=35088432114&frm=20&pv=2&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=175
Frame ID: 784700EFC34061527229A87953493EBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667148764&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148764272&bpp=3&bdt=1003&idt=178&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JVkUxAOPkL&p=https%3A//qa.cr-halal.com&dtd=188
Frame ID: FE6A959A75CCA861DBF66F1D0C2B8762
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1667148764&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148764276&bpp=1&bdt=1006&idt=190&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=AOA2AjCpAZ&p=https%3A//qa.cr-halal.com&dtd=194
Frame ID: 067044774DE4759CD9E8A7A03D829707
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=CwMzPLbgMN&p=https%3A//qa.cr-halal.com&dtd=13
Frame ID: D79580DCD7D379FF642E30DFA690BF9D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20
Frame ID: 55AF2E5F3C0E24D045BC2629D49BE81C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1946537239&adf=3143954499&pi=t.aa~a.2331998442~i.6~rp.4&w=607&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=607&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2HRXM22xwA&p=https%3A//qa.cr-halal.com&dtd=28
Frame ID: 70E71E1298F8663FE6B26B1F9F20F01D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1667148765&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765145&bpp=3&bdt=1876&idt=3&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C607x280&nras=5&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=3888&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=l1VYDlFbDp&p=https%3A//qa.cr-halal.com&dtd=9
Frame ID: DE10BE25A149CC9D9ECCFCB6AD19CBFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: E007988220AB66E8C5406AD618EDA915
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0E1C4DAA0DA7DAD13581AB5B2C6208EB
Requests: 13 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSr4erikozAiNmm6n9o1UVT7V_LTN_QUeYICQV7PqujIm-4aI6TrsoLf4LIcPKeLoWlOCdWJ2u_F6V_AUYLOLr1vK0eWwsW3740cKB_f3iLIkci5dqA098oUGJo59gHNOFJuMc9dqOVjps-1VHxPXV9AmXyMZLDxQLf5ghRIErb6VdhCWbKaR_r0UzmggyWZtKsBQh_djOG-K5dwgkHmmdwPJxisOvkkNR3PeoS0GiRSYZ9MEnKG490uHAx-OPnwefDz6eCSz-tomNVGt3z_zdGk0bcwuske2Sk3zM4mU4-3ovk8LZI4wEj-deyEo4f9kVJYxMRT9oREc0ySZQMWJrTGuQzHTpsObhr3MhWQeB2uN-hDJ5LzU3Uvq_oxg4tYPv8cLp7V6-1R_QVCIC02uEeLhE9epaIniHolBUm9xLhtnrdX686ahJwqfCHDPnQdG58SLIEQiASCsd9pD9SPhsyEsDRIMDE24Co8BeeYOnpBaS7mfktumhuwl_G6azbPVBnXA8aObGyac2VufOGilgPmjXLxjH1qewqNqcJ6dNYVoTH1nvoRa4oia8QB6nDwm7Weh6MV75CnLQ1CLKOd0VhbsWzAXAOCpWKI-4AwARucurRzzHPx2qmDi5F20lNSBHdsKL2U7VGmZzjMtwbeLD4eVEPhk-AOOp7kTmZ5bbyfrc9WPizpi75T0wIY2R-nhgJHlb3h9rXSM95P1EM22Vl-wnxCBpcU-03oJlHyskstSFUt60vXkg9ZqvoL-WV7Es87V0Mby6ooj7w8RM5Ty6sc4IyIuo7m5tsIfdHoRO_pl0JVtvqWbhjd_P-kG3IIgcV2tzW3HcKfpOMxCLq33Ibqss4hgvmh3I23QT-zGaXaEvCKbx3RNZFAQ1iuF-r1kTOHlpJkBwh5apBS5uFx_aS5c-6I_OVqSJ3uLcmlNBrxn3ZRfLosiJRspaqfxR74V6hiXp3gkzvLgqXrb3noIICE-AIq8nt2J1mw-_Manhzz7u66DaZgLa86nZRLFrhBb4doGnOUsdwpSOILCVRll010NbqYHjTjTplSTU&sai=AMfl-YR5MS7OB0KHbbD2jM0ELftfJPF_V-RJCCd4zTw1YdgctYl_x_ne9TPBP3bcGio9i99yUhDHzyLb1gCsQGU4YwQZecUow8ywcidRrjOTnuOa00L9&sig=Cg0ArKJSzLCZ8KRlJROnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 3871CB88E287422F008CA8432256A85C
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 25246BF4055B36CE2C6F52BA8A614D79
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 793744B87C259FB8EECE0BB5DE8F45EB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6E736F7B7C4B2532EFBF04E96A1DBE38
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
Frame ID: 5D03F2B5F78561FD408E037184A328CC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6972ADA2E372F758EEBD19B9FAD331C6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 86EA3084309E13C5DC284D5A717C14A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIetIhCX29H0ARiGsIzVATAB&v=APEucNXUG8aXMNuNHqKQ6FS98Nso2AoQa8IGbJANw5MeZrchm7_wWzZbQUGCUQr5bTHJdwFYyU-OzBVpp3YBCgJwBnxtFUwrN_qxg-wNnvxj8XJ3NUi-We8EMBdjIsiZo6-Rfi8bltvTCa21mWIIM0w5oD8RXIrM86cyCKgLFXoQULuojWRs5qI
Frame ID: 20C675A61B45646E60497D9F583393D6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Frame ID: AD7B5A1756A61E40F2D47F098C7D4CE3
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DFAB173ACCFF24A8072FE2341FE34694
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B35D669DA567C41C4F3665EBE7C2D46A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F92E796A2A58B44559063CCB7A005A1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5330CE604DF98D290C6249FDF14EE319
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB589D36FDEADA3C21AA366E72BBF4E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1E78D1FD6DCAD48D5D426287A9651F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

7 Ways to Make Money Every Day in Crypto - Cryptocurrency Earning

Page URL History Show full URLs

http://bangladeshembassy.bt/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/11/7-ways-to-make-mone... Page URL
https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

145
Requests

86 %
HTTPS

59 %
IPv6

27
Domains

38
Subdomains

29
IPs

8
Countries

1632 kB
Transfer

4214 kB
Size

35
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bangladeshembassy.bt/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto&ved=2ahUKEwjT_vjB3eD6AhWi8rsIHS_vDS8QFnoECBMQAQ&usg=AOvVaw2BTLSxZUOfSKfRjEqFys1q Page URL
https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_900/https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg HTTP 302
https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1&C=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y16r3rZHPJXLg61kU-kp6gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGnVYw3l65dLSUDc_WDwzVA&google_cver=1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3MzE2ODI2Mjc3MjMzMjc4Mg%3D%3D

Request Chain 105

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8OPYL-LLPXshWXQmjbwyROe5r2TE6ZHIG0NFwktQmtRtOZhgg5VTB4bFPldtdteYt5EBKKbt6LsrcYJSW-jLnhLsJd9m_xWPS4M6O8sgVepNU032Zdbsub4tBucSCn7WPYpH9tyyE&google_gid=CAESEL8b_rnZ-bsE8UdnLICHjN0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8OPYL-LLPXshWXQmjbwyROe5r2TE6ZHIG0NFwktQmtRtOZhgg5VTB4bFPldtdteYt5EBKKbt6LsrcYJSW-jLnhLsJd9m_xWPS4M6O8sgVepNU032Zdbsub4tBucSCn7WPYpH9tyyE&google_gid=CAESEL8b_rnZ-bsE8UdnLICHjN0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMzAxNjUyNDYwMDAxNzYxODgwNzU1MA%3D%3D&google_push=AZmPxg8OPYL-LLPXshWXQmjbwyROe5r2TE6ZHIG0NFwktQmtRtOZhgg5VTB4bFPldtdteYt5EBKKbt6LsrcYJSW-jLnhLsJd9m_xWPS4M6O8sgVepNU032Zdbsub4tBucSCn7WPYpH9tyyE

Request Chain 106

https://rtb.openx.net/sync/dds?google_gid=CAESEI8v_TOLiE32NuABANZ17SU&google_cver=1&google_push=AZmPxg_2pfDYxlG33x5QblMFAR3CrGmHwX4FJFCZqINbBdESPDhm3tv-Rpy4dI-CcmrryGINrF3vrb2M_uBaSRwYi7JRaQNiTESANcfz6Ht-yA0jZ-vxFfnZPW-dcGJkY-YK1AssZpQpnrw9 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEI8v_TOLiE32NuABANZ17SU&google_cver=1&google_push=AZmPxg_2pfDYxlG33x5QblMFAR3CrGmHwX4FJFCZqINbBdESPDhm3tv-Rpy4dI-CcmrryGINrF3vrb2M_uBaSRwYi7JRaQNiTESANcfz6Ht-yA0jZ-vxFfnZPW-dcGJkY-YK1AssZpQpnrw9&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_2pfDYxlG33x5QblMFAR3CrGmHwX4FJFCZqINbBdESPDhm3tv-Rpy4dI-CcmrryGINrF3vrb2M_uBaSRwYi7JRaQNiTESANcfz6Ht-yA0jZ-vxFfnZPW-dcGJkY-YK1AssZpQpnrw9&google_hm=IMcn_PjryQ89Eccycr17RQ==

Request Chain 107

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEObV62ev8j3hXMzhdl51tcA&google_cver=1&google_push=AZmPxg__u192mo4z9JrxzDjeZgz6e4CUZmcV6q3UDoUl1Qph07tzRgeOQfGKTcBfe4Uu5SsVfP5lhtElMwaWuM9BgVY2abp65b35wyvKYd0tsPsM74Z1dtXE7QjTKNsBDlDOi9TTXfNc3C00 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEObV62ev8j3hXMzhdl51tcA&google_cver=1&google_push=AZmPxg__u192mo4z9JrxzDjeZgz6e4CUZmcV6q3UDoUl1Qph07tzRgeOQfGKTcBfe4Uu5SsVfP5lhtElMwaWuM9BgVY2abp65b35wyvKYd0tsPsM74Z1dtXE7QjTKNsBDlDOi9TTXfNc3C00&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=me3k5LcLTnehxEuqWV5sJg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg__u192mo4z9JrxzDjeZgz6e4CUZmcV6q3UDoUl1Qph07tzRgeOQfGKTcBfe4Uu5SsVfP5lhtElMwaWuM9BgVY2abp65b35wyvKYd0tsPsM74Z1dtXE7QjTKNsBDlDOi9TTXfNc3C00

Request Chain 108

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYiacCpvtxvZAvxHRIo_0w&google_cver=1&google_push=AZmPxg_dkQRN-uVs1HD2IXUu4fahwLhL-8vsSoQDMLQWsnoP3vFY8P5QNJctnbeqNmrBo3VXOyoXnDXxoGvbiMpUrGmmVDX9UelrrdwLid9B6IF0cnIzZez371a6P5zM0azmtxCvvG5dSLBm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWTEJXU1AtUy1HVlpa&google_push=AZmPxg_dkQRN-uVs1HD2IXUu4fahwLhL-8vsSoQDMLQWsnoP3vFY8P5QNJctnbeqNmrBo3VXOyoXnDXxoGvbiMpUrGmmVDX9UelrrdwLid9B6IF0cnIzZez371a6P5zM0azmtxCvvG5dSLBm

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECxjJkJlwxN6n7kqq0RVYvo&google_cver=1&google_push=AZmPxg8loFdVrGYR2K1-VZdmnbj0GkvgmuEC1G_5MFI0IyX5FoyadmUyQxhjQ__6_NDS-hEkQYybMjDni7AMXcmqEAeGzoJKmmWJ2pKQtt4gT1fbuyGrgaOs_6NGctxnyO10EPIXleQbX-c HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECxjJkJlwxN6n7kqq0RVYvo&google_push=AZmPxg8loFdVrGYR2K1-VZdmnbj0GkvgmuEC1G_5MFI0IyX5FoyadmUyQxhjQ__6_NDS-hEkQYybMjDni7AMXcmqEAeGzoJKmmWJ2pKQtt4gT1fbuyGrgaOs_6NGctxnyO10EPIXleQbX-c&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECxjJkJlwxN6n7kqq0RVYvo&google_hm=Y16r3rZHPJXLg61kU_kp6gAAFCYAAAIB&google_nid=index&google_push=AZmPxg8loFdVrGYR2K1-VZdmnbj0GkvgmuEC1G_5MFI0IyX5FoyadmUyQxhjQ__6_NDS-hEkQYybMjDni7AMXcmqEAeGzoJKmmWJ2pKQtt4gT1fbuyGrgaOs_6NGctxnyO10EPIXleQbX-c

Request Chain 121

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDZXIM7t8nPIL_zrssLJ2-s&google_cver=1&google_push=AZmPxg-f12SzOFvZLxgWx8wx2C7fyj4144mqYiFsrzD8IrUjNS8o6FTv5jkPp0Wbwzx8p8r2PPT4hbJEvlR4tectP0RpllpLNt8 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-f12SzOFvZLxgWx8wx2C7fyj4144mqYiFsrzD8IrUjNS8o6FTv5jkPp0Wbwzx8p8r2PPT4hbJEvlR4tectP0RpllpLNt8&google_hm=4AVzLUe89edkGg-MwBYXXA

Request Chain 122

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_AgiuUHjdVWD60djkMppt8VKRVYE5rMzKMG3e5a692PWC28Pq8bwpJgIYbf6eenU2wF2G4ujZZK5KK-ZteZDgMv0k3kJgz&google_gid=CAESELZFrH1M8RNc4oeYLAaB6iQ&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCN7X-poGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWm1QeGdfQWdpdVVIamRWV0Q2MGRqa01wcHQ4VktSVllFNXJNektNRzNlNWE2OTJQV0MyOFBxOGJ3cEpnSVliZjZlZW5VMndGMkc0dWpaWks1S0stWnRlWkRnTXYwazNrSmd6 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTmFQUTc4ckZqRENhM1dVcnRqVC1qX295MXJCaWdKVERGMVlZT1JPLTBYcw==&google_push

Request Chain 123

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGhRHAsDDdEGeG87RaZ0ICw&google_push=AZmPxg9NNHtqi02vrq4jXPeGRt8z3917J4qC4ru8J1G2ue4ZjAMUQM_V5xSKlZf7gtyiEC2V0P1OYLjHFtOwLpHP43veoc0h406G&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg9NNHtqi02vrq4jXPeGRt8z3917J4qC4ru8J1G2ue4ZjAMUQM_V5xSKlZf7gtyiEC2V0P1OYLjHFtOwLpHP43veoc0h406G&google_hm=MTA4MTE4MDU3MDE1ODI0Njc3MzQ

Request Chain 124

https://rtb.openx.net/sync/dds?google_gid=CAESEH44h4FfcGpnAe2w6_joxI4&google_cver=1&google_push=AZmPxg_r77ywZq56s_-org8ZZSq1eqd6-LwwMwy9Pv9hJU2Lpn6_5P5TuNDZNBD8OX7ZiHB6_XfFSI1SIbb4W7l6NO_yjgNazA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_r77ywZq56s_-org8ZZSq1eqd6-LwwMwy9Pv9hJU2Lpn6_5P5TuNDZNBD8OX7ZiHB6_XfFSI1SIbb4W7l6NO_yjgNazA&google_hm=IMcn_PjryQ89Eccycr17RQ==

Request Chain 125

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHpKjOJYNpwt2skvFenzDnc&google_cver=1&google_push=AZmPxg9t_1MHPxaXMiyA-RzDLneWmb7ZdH0QxUyhIgzKmHwAMK7BCydMCggkxqjDTmXDbPx_Opyy3NjxCuYWkC4S5ynVdInaczPh HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHpKjOJYNpwt2skvFenzDnc&google_cver=1&google_push=AZmPxg9t_1MHPxaXMiyA-RzDLneWmb7ZdH0QxUyhIgzKmHwAMK7BCydMCggkxqjDTmXDbPx_Opyy3NjxCuYWkC4S5ynVdInaczPh&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=85T5JJTVRk-63eeSosbnAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9t_1MHPxaXMiyA-RzDLneWmb7ZdH0QxUyhIgzKmHwAMK7BCydMCggkxqjDTmXDbPx_Opyy3NjxCuYWkC4S5ynVdInaczPh

Request Chain 126

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOe7ije3v0hhTrFUPnQHAVw&google_cver=1&google_push=AZmPxg--ZR8Sm-M5Ch9qpwr_B9TdNpYw4YrMw_DCVls8veseTic-Y_EZCY3hoz789s2w28mc9Am_Jiu5fFoTpnqwHALvNKwRXaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWTEJXVFMtSi1JUTg0&google_push=AZmPxg--ZR8Sm-M5Ch9qpwr_B9TdNpYw4YrMw_DCVls8veseTic-Y_EZCY3hoz789s2w28mc9Am_Jiu5fFoTpnqwHALvNKwRXaQ

Request Chain 127

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFSWkhXmajrHQwzQpOhqRnM&google_cver=1&google_push=AZmPxg9J3RN1sXJDZyTIRVhgBdXXSQAziI90D26eucK-H5X4WWR_FCzV0JbNpzXe3q3uFqoRbKU3Ga7u0Ug9QZFC62c18cry4oUD HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFSWkhXmajrHQwzQpOhqRnM&google_hm=Y16r3rZHPJXLg61kU_kp6gAAFCYAAAIB&google_nid=index&google_push=AZmPxg9J3RN1sXJDZyTIRVhgBdXXSQAziI90D26eucK-H5X4WWR_FCzV0JbNpzXe3q3uFqoRbKU3Ga7u0Ug9QZFC62c18cry4oUD

Request Chain 131

https://gcdn.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698684766/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2514B60A5639C5CE339E22773A30924623F9FABF.A0AA8FF007A52BCC3BF3DD018EF87EBF0DE0396A/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-25glenld.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698684766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A64A43271B7828FBCF87855085CB105B051EFC0.57EF2C9D287B7DFFA73B88AEDC59957779D42AF0/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::2/mm/42/mn/sn-25glenld/ms/onc/mt/1667147616/mv/u/mvi/1/pl/46/file/file.mp4

145 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
bangladeshembassy.bt/ 145 B
352 B 1034ms
199ms Document
text/html 2405:d000:0:100::216
BTTELECOM-AS-AP B...

General

Check archive.org

Show headers Download Go to

Full URL: http://bangladeshembassy.bt/
Protocol: HTTP/1.1
Server: 2405:d000:0:100::216 , Bhutan, ASN18024 (BTTELECOM-AS-AP Bhutan Telecom Ltd, BT),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Oct 2022 16:52:41 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 logo.png
ois.is/images/ 487 B
717 B 111ms
54ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Requested by: Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://bangladeshembassy.bt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7625a9b4fb6df18c-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 30 Oct 2022 16:52:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ig2FWGwDefCOOQgcZFjSF35JVXY57nfzf0QqZOsqqsqfNdZ8Kmz08PErVIQTrvzIB5p%2F8v0TI6VAmcCfaanzJydPtluhSedaLkYfChpXjJLCaIikPB0He%2B4dNhBQ1bSR5o545xQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 url
www.google.com/ 1006 B
1 KB 116ms
51ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto&ved=2ahUKEwjT_vjB3eD6AhWi8rsIHS_vDS8QFnoECBMQAQ&usg=AOvVaw2BTLSxZUOfSKfRjEqFys1q

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 499
content-type: text/html; charset=UTF-8
date: Sun, 30 Oct 2022 16:52:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request 7-ways-to-make-money-every-day-in-crypto Show response
qa.cr-halal.com/11/ 35 KB
9 KB 647ms
318ms Document
text/html 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto&ved=2ahUKEwjT_vjB3eD6AhWi8rsIHS_vDS8QFnoECBMQAQ&usg=AOvVaw2BTLSxZUOfSKfRjEqFys1q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 63bde5c0922f69570794d504d1a6b689645cb8a8bac183f4020b5c69d1fa3128

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 8776
content-type: text/html; charset=utf-8
date: Sun, 30 Oct 2022 16:52:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 qa-styles.css
qa.cr-halal.com/qa-theme/SnowFlat/ 70 KB
11 KB 323ms
321ms Stylesheet
text/css 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:43 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11456
expires: Sun, 06 Nov 2022 16:52:43 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
qa.cr-halal.com/qa-content/ 87 KB
30 KB 639ms
637ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:43 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30282
expires: Sun, 06 Nov 2022 16:52:43 GMT

GET
H2 200 qa-global.js Show response
qa.cr-halal.com/qa-content/ 20 KB
5 KB 797ms
796ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:43 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4765
expires: Sun, 06 Nov 2022 16:52:43 GMT

GET
H2 200 snow-core.js Show response
qa.cr-halal.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 798ms
797ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:43 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 885
expires: Sun, 06 Nov 2022 16:52:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 103ms
40ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V7K5ME1CH7

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8afcc2380ea7b1745497d81339b2dad311f422b584edf1c6ad2ae74927ba2f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76377
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Oct 2022 16:52:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 125ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ccc5124182a6c2c188923e0622cb286be240ccb7e88d6b3dce7ab4bb8342aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55239
x-xss-protection: 0
server: cafe
etag: 2144902440920624628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 16:52:44 GMT

GET
H2

200

Skype_Picture_2022_05_09T06_33_18_388Z.jpg
www.analyticsinsight.net/wp-content/uploads/2022/05/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_900/https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg
https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg

112 KB
113 KB

138ms
39ms

Image
image/jpeg

192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

a2b0e59a8e051718635735716392aedcf9d714a7b352c4a0d7cb72cc182568bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:43 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 16:51:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 13005
accept-ranges: bytes
content-length: 114786
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sun, 30 Oct 2022 16:52:44 GMT
cdn-edgestorageid: 713
cdn-cachedat: 10/30/2022 08:44:42
cdn-pullzone: 257218
cdn-tag: 0; Domain: www.analyticsinsight.net; 302
content-length: 0
pragma: cache
server: BunnyCDN-DE-713
cdn-proxyver: 1.03
cdn-requestpullcode: 302
content-type: text/html; charset=UTF-8
location: https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg
access-control-allow-origin: *
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-requestid: 736bf152b855945a9948f96a4015a403
cdn-requestcountrycode: FR
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 4-1024x576.png
www.stilt.com/wp-content/uploads/2022/03/ 109 KB
96 KB 112ms
41ms Image
image/png 2606:4700:10::6816:6f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.stilt.com/wp-content/uploads/2022/03/4-1024x576.png

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:6f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2fed796bc88dc10c8540676338f4c712b58ffaa2bc7db5a5a93f36bc37ae052

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN always

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
age: 6180
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Mar 2022 00:15:43 GMT
server: cloudflare
etag: W/"6222abaf-1b359"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN always
content-type: image/png
cf-ray: 7625a9c00ed2d5e1-CDG

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
55 KB 109ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3a04e05fb7d684f57dac89d54d2221abf3d2967d3e4141dcd9cac7acfe18f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Origin: https://qa.cr-halal.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55438
x-xss-protection: 0
server: cafe
etag: 13040062126495190461
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 16:52:44 GMT

GET
H2 200 vote-buttons-3.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 160ms
160ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
last-modified: Sat, 01 Aug 2020 02:52:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1457
expires: Sun, 06 Nov 2022 16:52:44 GMT

GET
H2 200 answer-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 162ms
162ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2867
expires: Sun, 06 Nov 2022 16:52:44 GMT

GET
H2 200 answer-select.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 162ms
162ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1831
expires: Sun, 06 Nov 2022 16:52:44 GMT

GET
H2 200 link-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 162ms
162ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3026
expires: Sun, 06 Nov 2022 16:52:44 GMT

GET
H2 200 comment-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 163ms
162ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2906
expires: Sun, 06 Nov 2022 16:52:44 GMT

GET
H2 200 search-icon-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 163ms
162ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1412
expires: Sun, 06 Nov 2022 16:52:44 GMT

GET
H2 200 spinner-icon-14x14.gif
qa.cr-halal.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 317ms
316ms Image
image/gif 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7781
expires: Sun, 06 Nov 2022 16:52:44 GMT

GET
H2 200 fontello.woff
qa.cr-halal.com/qa-theme/SnowFlat/fonts/ 7 KB
7 KB 316ms
316ms Font
font/woff 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.cr-halal.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
last-modified: Tue, 26 Jul 2016 05:31:58 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7200
expires: Sun, 06 Nov 2022 16:52:44 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 353 KB
116 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3135644639015474&plah=qa.cr-halal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1598b1ea3ad76587b77ce3f930a0818a33b4804270f23af96b65f9d2c7591374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118893
x-xss-protection: 0
server: cafe
etag: 5937386397108543918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 16:52:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame 33C7 10 KB
5 KB 98ms
26ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 8265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 14:34:59 GMT
etag: 9671129459699598864
expires: Sun, 13 Nov 2022 14:34:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 79ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V7K5ME1CH7&gtm=2oeaq0&_p=1289461730&cid=1259080444.1667148764&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667148764&sct=1&seg=0&dl=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&dr=https%3A%2F%2Fwww.google.com%2F&dt=7%20Ways%20to%20Make%20Money%20Every%20Day%20in%20Crypto%20-%20Cryptocurrency%20Earning&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V7K5ME1CH7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qa.cr-halal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
696 B 148ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.cr-halal.com&callback=_gfp_s_&client=ca-pub-3135644639015474&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3135644639015474&plah=qa.cr-halal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09e74d56ba258111fe273e096f0ce3143e7da7ac3a2493e5ef5ff69f7d4c55e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 149ms
37ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 108ms
35ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7847 238 KB
58 KB 562ms
508ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1667148764&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148764266&bpp=6&bdt=996&idt=153&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=35088432114&frm=20&pv=2&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=175

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d034c3f9dd7b4caaccaa7d71c7a18e897fe6872840ebf1c35ddd35cdd8a308ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 58958
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:44 GMT
expires: Sun, 30 Oct 2022 16:52:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE6A 73 KB
30 KB 788ms
748ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667148764&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148764272&bpp=3&bdt=1003&idt=178&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JVkUxAOPkL&p=https%3A//qa.cr-halal.com&dtd=188

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d540ef13eb4384bf634d6c42eb1030a5d1e30b3a324e03a8fcce899072b144f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31166
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
expires: Sun, 30 Oct 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0670 436 B
235 B 623ms
594ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1667148764&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148764276&bpp=1&bdt=1006&idt=190&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=AOA2AjCpAZ&p=https%3A//qa.cr-halal.com&dtd=194

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

678bfd94c68afc6a4132801d3c414b4b5686a823e12dc7ac391de6c31fa1fa99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
expires: Sun, 30 Oct 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 151 KB
51 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96a1307165b6bc114b21f8480f40c694adbb788ef3c2ece3af0cff637d49b323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52397
x-xss-protection: 0
server: cafe
etag: 9811660993680349232
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 95ms
39ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 92ms
37ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D795 71 KB
24 KB 532ms
526ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=CwMzPLbgMN&p=https%3A//qa.cr-halal.com&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3faea1e399e6b42f0d09246bb5830523180a265cd64cf6d01a41a98053405fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24194
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
expires: Sun, 30 Oct 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55AF 87 KB
38 KB 542ms
541ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcb468917c9ba7de586db5381f64570c3a3220510183aa203ff055bd0ec2e038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 38392
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
expires: Sun, 30 Oct 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 70E7 436 B
235 B 428ms
422ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1946537239&adf=3143954499&pi=t.aa~a.2331998442~i.6~rp.4&w=607&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=607&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2HRXM22xwA&p=https%3A//qa.cr-halal.com&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a1a0c6ddbca643c8148527a8329347eb08c28e80daae5678c03b1bc621b57e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
expires: Sun, 30 Oct 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE10 436 B
235 B 577ms
577ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1667148765&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765145&bpp=3&bdt=1876&idt=3&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C607x280&nras=5&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=3888&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=l1VYDlFbDp&p=https%3A//qa.cr-halal.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1850d4a00f34b02563f4be9b1b9bd49e7c542f4bb4d1ef3c164e9e55cfbf2ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
expires: Sun, 30 Oct 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame E007 10 KB
4 KB 30ms
30ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 78347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 19:06:58 GMT
etag: 9671129459699598864
expires: Sat, 12 Nov 2022 19:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame 0E1C 10 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 78347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 19:06:58 GMT
etag: 9671129459699598864
expires: Sat, 12 Nov 2022 19:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame E007 4 KB
1 KB 108ms
42ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Oct 2022 15:15:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E007 205 B
518 B 147ms
71ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 15:25:36 GMT
x-content-type-options: nosniff
age: 5229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Oct 2023 15:25:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E007 604 B
694 B 148ms
72ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:27:11 GMT
x-content-type-options: nosniff
age: 1534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Oct 2023 16:27:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame E007 19 KB
8 KB 151ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:31:44 GMT

GET
H2 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 0E1C 9 KB
4 KB 129ms
70ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H2 200 40f44225e0a1c31e628c89e0882e5f2b.js Show response
www.gstatic.com/mysidia/ Frame 0E1C 10 KB
4 KB 130ms
71ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4273
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 02:15:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0E1C 8 KB
968 B 91ms
43ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Oct 2022 15:19:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0E1C 2 KB
847 B 127ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:28:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 0E1C 23 KB
10 KB 97ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 15:50:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0E1C 3 KB
1 KB 131ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 11:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 11:47:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0E1C 17 KB
7 KB 98ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E1C 153 KB
48 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 0E1C 33 KB
14 KB 91ms
34ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3871 0
0 169ms
70ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSr4erikozAiNmm6n9o1UVT7V_LTN_QUeYICQV7PqujIm-4aI6TrsoLf4LIcPKeLoWlOCdWJ2u_F6V_AUYLOLr1vK0eWwsW3740cKB_f3iLIkci5dqA098oUGJo59gHNOFJuMc9dqOVjps-1VHxPXV9AmXyMZLDxQLf5ghRIErb6VdhCWbKaR_r0UzmggyWZtKsBQh_djOG-K5dwgkHmmdwPJxisOvkkNR3PeoS0GiRSYZ9MEnKG490uHAx-OPnwefDz6eCSz-tomNVGt3z_zdGk0bcwuske2Sk3zM4mU4-3ovk8LZI4wEj-deyEo4f9kVJYxMRT9oREc0ySZQMWJrTGuQzHTpsObhr3MhWQeB2uN-hDJ5LzU3Uvq_oxg4tYPv8cLp7V6-1R_QVCIC02uEeLhE9epaIniHolBUm9xLhtnrdX686ahJwqfCHDPnQdG58SLIEQiASCsd9pD9SPhsyEsDRIMDE24Co8BeeYOnpBaS7mfktumhuwl_G6azbPVBnXA8aObGyac2VufOGilgPmjXLxjH1qewqNqcJ6dNYVoTH1nvoRa4oia8QB6nDwm7Weh6MV75CnLQ1CLKOd0VhbsWzAXAOCpWKI-4AwARucurRzzHPx2qmDi5F20lNSBHdsKL2U7VGmZzjMtwbeLD4eVEPhk-AOOp7kTmZ5bbyfrc9WPizpi75T0wIY2R-nhgJHlb3h9rXSM95P1EM22Vl-wnxCBpcU-03oJlHyskstSFUt60vXkg9ZqvoL-WV7Es87V0Mby6ooj7w8RM5Ty6sc4IyIuo7m5tsIfdHoRO_pl0JVtvqWbhjd_P-kG3IIgcV2tzW3HcKfpOMxCLq33Ibqss4hgvmh3I23QT-zGaXaEvCKbx3RNZFAQ1iuF-r1kTOHlpJkBwh5apBS5uFx_aS5c-6I_OVqSJ3uLcmlNBrxn3ZRfLosiJRspaqfxR74V6hiXp3gkzvLgqXrb3noIICE-AIq8nt2J1mw-_Manhzz7u66DaZgLa86nZRLFrhBb4doGnOUsdwpSOILCVRll010NbqYHjTjTplSTU&sai=AMfl-YR5MS7OB0KHbbD2jM0ELftfJPF_V-RJCCd4zTw1YdgctYl_x_ne9TPBP3bcGio9i99yUhDHzyLb1gCsQGU4YwQZecUow8ywcidRrjOTnuOa00L9&sig=Cg0ArKJSzLCZ8KRlJROnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Oct 2022 16:52:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3871 106 KB
38 KB 129ms
3ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 20:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Oct 2022 20:08:45 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3871 41 KB
15 KB 123ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 17:27:26 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 3871 35 KB
14 KB 117ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1667148764&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148764272&bpp=3&bdt=1003&idt=178&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JVkUxAOPkL&p=https%3A//qa.cr-halal.com&dtd=188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13949
x-xss-protection: 0
server: cafe
etag: 10882980839202096411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:22:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 3871 3 KB
1 KB 128ms
79ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 11:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 11:47:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 3871 17 KB
7 KB 84ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3871 153 KB
47 KB 132ms
73ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 3871 23 KB
9 KB 101ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 15:50:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2524 8 KB
895 B 108ms
36ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Oct 2022 15:32:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 2524 2 KB
765 B 90ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:28:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 2524 23 KB
9 KB 93ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 2524 3 KB
1 KB 97ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 11:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 11:47:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 2524 17 KB
7 KB 89ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:22:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2524 153 KB
47 KB 108ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 2524 33 KB
14 KB 86ms
26ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E1C 0
0 75ms
75ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChGTn3KteY4-qIIvQb_bktYgNqLzQhm2LsZq1oA6lhYbzlA4QASCG3M4dYPuBgICYCqABjezk2QLIAQGpAsscAA44rqg-qAMByAPLBKoE-gFP0PjDn7x4AihYyE44N2jYPjhR4hBaPYHBzjx41oW6gDGkmUA6KNwq2eCkM0im1yKTO-cop98pRfRjQ2DPGGtDOj5VCv8IkIcZVP1nINjWdGaU9dHX_Mp8AU5pf6yQQVbmw_QIHPaFLnmwngO3lQrIRRLNeTirWzVuSpQnqxKaGqtarErYg82BDGC7EJh-9bW6hS_2XNZBJAu5NNe8B9Wpof1M6k5KpbLiZR5cf6ycqDWYs35YSpb7n5U2IEPlZMoKzHC5r4GU_1bahhw8msSF8eVEvWm6FIt6Fx2qFVOtEu0OWDftq309VsLARDgstDAJlX7TS8t89BRUwASAv53M5gOSBQQIBBgBkgUECAUYBIAH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDGddIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQK0BUBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=1mHFkr0eR_s&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Oct 2022 16:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7937 143 B
166 B 26ms
26ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6E73 22 KB
8 KB 28ms
27ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 473466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3871 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94d68048a82ccbbbf8359f2e31bcdc70983581412f366de67e5b24337eb25bdd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0E1C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 907c82474365b931db275b8eab0524cebecb33abba932694ed10dc9235a6fe37

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/ Frame 5D03 4 KB
2 KB 80ms
27ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0ce409f38eb4d4ab4b89f64dd74e339bbda0561a2a2c2d345a21305636e673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 223925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1565
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 02:40:40 GMT
expires: Sat, 28 Oct 2023 02:40:40 GMT
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6972 143 B
166 B 27ms
26ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame D795 23 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=CwMzPLbgMN&p=https%3A//qa.cr-halal.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 15:50:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D795 8 KB
716 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Oct 2022 15:33:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame D795 14 KB
3 KB 241ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:53:02 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame D795 362 KB
124 KB 242ms
30ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126916
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:53:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D795 17 KB
7 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:22:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7937
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
expires: Sun, 30 Oct 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/ Frame 5D03 3 KB
1 KB 27ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e2a37ec9babf7ebb24c1667f9624df292b7595e0f1bf9d0ebcd54be8b915e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439387
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 14:49:38 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/scripts/ Frame 5D03 2 KB
638 B 28ms
27ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d44dd867f44722158fd47846c41a31d4d58d37d40c8e317fb9d86dcd5d4ec590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363790
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 609
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 11:49:35 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 86EA 36 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 13:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 13:52:20 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E73 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 13:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 13:52:20 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 20C6 624 B
297 B 40ms
40ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIetIhCX29H0ARiGsIzVATAB&v=APEucNXUG8aXMNuNHqKQ6FS98Nso2AoQa8IGbJANw5MeZrchm7_wWzZbQUGCUQr5bTHJdwFYyU-OzBVpp3YBCgJwBnxtFUwrN_qxg-wNnvxj8XJ3NUi-We8EMBdjIsiZo6-Rfi8bltvTCa21mWIIM0w5oD8RXIrM86cyCKgLFXoQULuojWRs5qI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame AD7B 23 KB
9 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:53:57 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame AD7B 6 KB
2 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2484
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:53:57 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AD7B 0
0 130ms
71ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubRAiPe0DmUa7UfWbvAIAMLV-knLVvZeRAvO-rcxXgv4Ij6gIvEIHc6ty7XCOxf5bbVPrTWLlpToHtuqeMMFZo2BM0a6vH7ge9_HiEfrco7mYjrrKjVJb-df1O3P5P3SPJ1t16QXo5AZoWQSgfvAooHlATZjCDG4AtOq8fzTtzmmiAdSc3nPMjlahQginjd7SxwGyGAPnACFsdsWHSwkUUZzetr01IRJpjtCcBKzRZ1HaUBabYNSGA7xh612DXpmkK1uRPIYUcI5IeAmYZjWBQjRkgi5_86LwbJv_NgOVYgW_qci-_Lxj9ggtt5QQ3wpdP4KCbOAPIufUOFvrJ3dA7aKRSAgVl__4VtpfybLXevB2kLnyx2DDHCrnckv6Su8dfBgNpNinKwyai4ePTjoPNz_mkhlq5QfaJgiPkeq1ZG8ulpO5hD9CDWUbQ0iiFSo8B4RluJN9uf6M5o5xLw7hu6VonbZhNYlRc4KQCfC28B6Up4LMKs4XZcK7eDBkCcKxHcel4SvifrkrB8HavXGfCmitWI6oMAlmzy_hhmYgk6sf5b1CvD9uS7lSXX5Qwa2NXyyTsTDDJoCcKuymIxFJ_XLhKXa2jGzVcCjA6Mp7xE7JTdnBk8PyJcZCFyVjRpP2cYDHd3FnNe080UaYhgor4vSXw-oy-dxPGGKcr246zMxXjHkdQ8DA0M0kb_0TU0dOzZFau38kbHLy989tREMQiGtcOtTjQE0s8l6ZzxnIdVscu3hBszERsIclm2kOL0i18o_43Dp05o9x8ny_uBnces2oxOrO74lcaKK9Lnz41KZsxWLwwpSynWSzWa93TUPN9Qn7kumuMDYDmEJBECtzI3WctIjoBSWxhNG0QE8aCg7mPKhDzq40ah4X9M9LjU6f6Qywh_x8fHfpX42b0_a6SI8gZD8dvJhh7gj5-gpk1PMXxhJN43knlkFHwvUIGDkt27ybGxpyj6ileM6pXJlY5XHifiZX6sTkzLB1kMZu0O-xmuOl5xWmf21Phwl0RU4Y24_qa0fbBlAanue6joagV_eyXKGug8cc8Zr0vhHCTy-ZPWEyPThYgfjeKvx1dOKOreFhLHvpuJ7u4wSgqphF5jCRdAZWeZdObSiv2SdsnEcZUxBKjaUmGcZQJWIuQURbj6Ig1mfXiefuYwTYmCFKmbvrny24&sai=AMfl-YTgevTFUTy1R9cuur955kSJmP4D9TFAOoKQfngAzp9Ijyc3TLiQ41VzUTVlUokGYqulcNjEmxncd6UxUhZ4kqzSe2O9a5jU83585kRUbRCekXbDidFyDLM-TQctQQFyuv1898Z9sINTtHM-Kd0Dp56yLUIcAdKkBNA8LnU45n3KENhzWnqBZhfpC3LVDOCZKE1QPR-ixk_XsLbF6L0vha-OGGQoUuk52EjuKZnPhxZvxcKiYYSjcys8eQGM_a8Rfc45jWKZTq10F2SnyoZ3r3OfedHm0fdBXJ1EqddqaLrWsXSgZN3AXfhG5ZKlaXJ8XwsHX6R-yWrnGlqy_Ybdym21odFoNmtbcnD5BBjK4646Nn3-kleMmLrphI0RAhuJS77i4tM9ofo3pYj8Vg&sig=Cg0ArKJSzOSpjvw9KuB9EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221026.92389&arae=0&ftch=1&adurl=

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Oct 2022 16:52:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AD7B 41 KB
15 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 17:27:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame AD7B 3 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 11:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 11:47:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame AD7B 17 KB
7 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 18:22:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AD7B 0
0 187ms
34ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh75g29Xr-Pegc0hmN3zw31QNd52gaGtFOb7rvI-qTaC9aiWcQhXNZ1PHTv2kWdqfjI0WGWFbl39PEd_7qlxHckZkeZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD7B 153 KB
47 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD7B 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeLqDdPPTfoUOCERjPIoMEDbCsqB0AiJZkMz9Q5V9O4EQpMJfer7dG_HTDGnOBwbGJftgoAIunexE_OZRYHGnDhq0jxL3ZwYce9LKY6lTnx9rmvIA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7746418781538916172
s0.2mdn.net/simgad/ Frame AD7B 79 KB
79 KB 28ms
27ms Image
image/gif 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7746418781538916172

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab426babbdbdf19d286d1fff0e8a603dc88fa3263fe2939b6e7dd62cc1d1ba8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:11:30 GMT
x-content-type-options: nosniff
age: 265275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80656
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 15:35:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 15:11:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6972
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:46 GMT
expires: Sun, 30 Oct 2022 16:52:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 search.png
s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/images/ Frame 5D03 514 B
541 B 27ms
27ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/images/search.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16338249951084529411/MAR-393-PL-uglyCreative-HoverEffect-728x90/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:05:48 GMT
x-content-type-options: nosniff
age: 193617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:17:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Oct 2023 11:05:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DFAB 1 KB
643 B 27ms
24ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 13:44:20 GMT
etag: 48472445140208031
expires: Mon, 31 Oct 2022 13:44:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AD7B 0
0 65ms
64ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubRAiPe0DmUa7UfWbvAIAMLV-knLVvZeRAvO-rcxXgv4Ij6gIvEIHc6ty7XCOxf5bbVPrTWLlpToHtuqeMMFZo2BM0a6vH7ge9_HiEfrco7mYjrrKjVJb-df1O3P5P3SPJ1t16QXo5AZoWQSgfvAooHlATZjCDG4AtOq8fzTtzmmiAdSc3nPMjlahQginjd7SxwGyGAPnACFsdsWHSwkUUZzetr01IRJpjtCcBKzRZ1HaUBabYNSGA7xh612DXpmkK1uRPIYUcI5IeAmYZjWBQjRkgi5_86LwbJv_NgOVYgW_qci-_Lxj9ggtt5QQ3wpdP4KCbOAPIufUOFvrJ3dA7aKRSAgVl__4VtpfybLXevB2kLnyx2DDHCrnckv6Su8dfBgNpNinKwyai4ePTjoPNz_mkhlq5QfaJgiPkeq1ZG8ulpO5hD9CDWUbQ0iiFSo8B4RluJN9uf6M5o5xLw7hu6VonbZhNYlRc4KQCfC28B6Up4LMKs4XZcK7eDBkCcKxHcel4SvifrkrB8HavXGfCmitWI6oMAlmzy_hhmYgk6sf5b1CvD9uS7lSXX5Qwa2NXyyTsTDDJoCcKuymIxFJ_XLhKXa2jGzVcCjA6Mp7xE7JTdnBk8PyJcZCFyVjRpP2cYDHd3FnNe080UaYhgor4vSXw-oy-dxPGGKcr246zMxXjHkdQ8DA0M0kb_0TU0dOzZFau38kbHLy989tREMQiGtcOtTjQE0s8l6ZzxnIdVscu3hBszERsIclm2kOL0i18o_43Dp05o9x8ny_uBnces2oxOrO74lcaKK9Lnz41KZsxWLwwpSynWSzWa93TUPN9Qn7kumuMDYDmEJBECtzI3WctIjoBSWxhNG0QE8aCg7mPKhDzq40ah4X9M9LjU6f6Qywh_x8fHfpX42b0_a6SI8gZD8dvJhh7gj5-gpk1PMXxhJN43knlkFHwvUIGDkt27ybGxpyj6ileM6pXJlY5XHifiZX6sTkzLB1kMZu0O-xmuOl5xWmf21Phwl0RU4Y24_qa0fbBlAanue6joagV_eyXKGug8cc8Zr0vhHCTy-ZPWEyPThYgfjeKvx1dOKOreFhLHvpuJ7u4wSgqphF5jCRdAZWeZdObSiv2SdsnEcZUxBKjaUmGcZQJWIuQURbj6Ig1mfXiefuYwTYmCFKmbvrny24&sai=AMfl-YTgevTFUTy1R9cuur955kSJmP4D9TFAOoKQfngAzp9Ijyc3TLiQ41VzUTVlUokGYqulcNjEmxncd6UxUhZ4kqzSe2O9a5jU83585kRUbRCekXbDidFyDLM-TQctQQFyuv1898Z9sINTtHM-Kd0Dp56yLUIcAdKkBNA8LnU45n3KENhzWnqBZhfpC3LVDOCZKE1QPR-ixk_XsLbF6L0vha-OGGQoUuk52EjuKZnPhxZvxcKiYYSjcys8eQGM_a8Rfc45jWKZTq10F2SnyoZ3r3OfedHm0fdBXJ1EqddqaLrWsXSgZN3AXfhG5ZKlaXJ8XwsHX6R-yWrnGlqy_Ybdym21odFoNmtbcnD5BBjK4646Nn3-kleMmLrphI0RAhuJS77i4tM9ofo3pYj8Vg&sig=Cg0ArKJSzOSpjvw9KuB9EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=162&vt=11&dtpt=161&dett=2&cstd=0&cisv=r20221026.92389&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Oct 2022 16:52:45 GMT

GET
DATA 200
OK truncated
/ Frame AD7B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37bfd8950abb03f95e5b633e73ef2c6e64b852c579050f7a897b24dd4d71124a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 20C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1&C=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIetIhCX29H0ARiGsIzVATAB&v=APEucNXUG8aXMNuNHqKQ6FS98Nso2AoQa8IGbJANw5MeZrchm7_wWzZbQUGCUQr5bTHJdwFYyU-OzBVpp3YBCgJwBnxtFUwrN_qxg-wNnvxj8XJ3NUi-We8EMBdjIsiZo6-Rfi8bltvTCa21mWIIM0w5oD8RXIrM86cyCKgLFXoQULuojWRs5qI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 16:52:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 16:52:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 20C6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y16r3rZHPJXLg61kU-kp6gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1

43 B
766 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIetIhCX29H0ARiGsIzVATAB&v=APEucNXUG8aXMNuNHqKQ6FS98Nso2AoQa8IGbJANw5MeZrchm7_wWzZbQUGCUQr5bTHJdwFYyU-OzBVpp3YBCgJwBnxtFUwrN_qxg-wNnvxj8XJ3NUi-We8EMBdjIsiZo6-Rfi8bltvTCa21mWIIM0w5oD8RXIrM86cyCKgLFXoQULuojWRs5qI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 16:52:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZJlBJe--a5IY61TTXhOSg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 20C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGnVYw3l65dLSUDc_WDwzVA&google_cver=1

43 B
1016 B

63ms
25ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGnVYw3l65dLSUDc_WDwzVA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIetIhCX29H0ARiGsIzVATAB&v=APEucNXUG8aXMNuNHqKQ6FS98Nso2AoQa8IGbJANw5MeZrchm7_wWzZbQUGCUQr5bTHJdwFYyU-OzBVpp3YBCgJwBnxtFUwrN_qxg-wNnvxj8XJ3NUi-We8EMBdjIsiZo6-Rfi8bltvTCa21mWIIM0w5oD8RXIrM86cyCKgLFXoQULuojWRs5qI

Protocol

HTTP/1.1

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 16:52:46 GMT
AN-X-Request-Uuid: 2a3336e4-7f7d-496a-94d5-9219cd9797b6
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 92.222.212.16; 92.222.212.16; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGnVYw3l65dLSUDc_WDwzVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20C6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3MzE2ODI2Mjc3MjMzMjc4Mg%3D%3D

170 B
188 B

102ms
45ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3MzE2ODI2Mjc3MjMzMjc4Mg%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 16:52:46 GMT
AN-X-Request-Uuid: f6e4e5b6-3bb6-4cd9-bf0f-d8afd0678c67
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3MzE2ODI2Mjc3MjMzMjc4Mg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 92.222.212.16; 92.222.212.16; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B35D 22 KB
8 KB 28ms
26ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 473466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame DFAB 35 B
463 B 112ms
39ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAcLvpRZZEUkbpbj2VR6Oh0&google_cver=1&google_push=AZmPxg8_juxcxBEcfTGj1WX3JWgw6AGN7ijQfZqeeYM0wX4NatVmj9TEfjD4F71V-ksQCnCWuTe3HzWfMW1H64sMXqh0VuCD5YeV50I1V_sQooJj3fV24lWJgeib6GARDxcsupK51CeoFjXO

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFAB
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8OPYL-...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8OPYL-...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMzAxNjUyNDYwMDAxNzYxODgwNzU1MA%3D%3D&google_push=AZmPxg8OPYL-LLPXshWXQmjbwyROe5r2TE6ZHIG0NFwktQmtRtOZhgg5VTB4bFPldtdteY...

170 B
188 B

36ms
36ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMzAxNjUyNDYwMDAxNzYxODgwNzU1MA%3D%3D&google_push=AZmPxg8OPYL-LLPXshWXQmjbwyROe5r2TE6ZHIG0NFwktQmtRtOZhgg5VTB4bFPldtdteYt5EBKKbt6LsrcYJSW-jLnhLsJd9m_xWPS4M6O8sgVepNU032Zdbsub4tBucSCn7WPYpH9tyyE

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMzAxNjUyNDYwMDAxNzYxODgwNzU1MA%3D%3D&google_push=AZmPxg8OPYL-LLPXshWXQmjbwyROe5r2TE6ZHIG0NFwktQmtRtOZhgg5VTB4bFPldtdteYt5EBKKbt6LsrcYJSW-jLnhLsJd9m_xWPS4M6O8sgVepNU032Zdbsub4tBucSCn7WPYpH9tyyE
pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 30 Oct 2022 16:52:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFAB
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEI8v_TOLiE32NuABANZ17SU&google_cver=1&google_push=AZmPxg_2pfDYxlG33x5QblMFAR3CrGmHwX4FJFCZqINbBdESPDhm3tv-Rpy4dI-CcmrryGINrF3vrb2M_uBaSRwYi7JRaQNiTESAN...
https://rtb.openx.net/sync/dds?google_gid=CAESEI8v_TOLiE32NuABANZ17SU&google_cver=1&google_push=AZmPxg_2pfDYxlG33x5QblMFAR3CrGmHwX4FJFCZqINbBdESPDhm3tv-Rpy4dI-CcmrryGINrF3vrb2M_uBaSRwYi7JRaQNiTESAN...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_2pfDYxlG33x5QblMFAR3CrGmHwX4FJFCZqINbBdESPDhm3tv-Rpy4dI-CcmrryGINrF3vrb2M_uBaSRwYi7JRaQNiTESANcfz6Ht-yA0jZ-vxFfnZPW-dcGJkY-YK1A...

170 B
188 B

57ms
41ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_2pfDYxlG33x5QblMFAR3CrGmHwX4FJFCZqINbBdESPDhm3tv-Rpy4dI-CcmrryGINrF3vrb2M_uBaSRwYi7JRaQNiTESANcfz6Ht-yA0jZ-vxFfnZPW-dcGJkY-YK1AssZpQpnrw9&google_hm=IMcn_PjryQ89Eccycr17RQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:45 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_2pfDYxlG33x5QblMFAR3CrGmHwX4FJFCZqINbBdESPDhm3tv-Rpy4dI-CcmrryGINrF3vrb2M_uBaSRwYi7JRaQNiTESANcfz6Ht-yA0jZ-vxFfnZPW-dcGJkY-YK1AssZpQpnrw9&google_hm=IMcn_PjryQ89Eccycr17RQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: l9ugffsaaimgocqh3vhq332ngpvbedmf

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFAB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=me3k5LcLTnehxEuqWV5sJg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

40ms
38ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=me3k5LcLTnehxEuqWV5sJg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg__u192mo4z9JrxzDjeZgz6e4CUZmcV6q3UDoUl1Qph07tzRgeOQfGKTcBfe4Uu5SsVfP5lhtElMwaWuM9BgVY2abp65b35wyvKYd0tsPsM74Z1dtXE7QjTKNsBDlDOi9TTXfNc3C00

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=me3k5LcLTnehxEuqWV5sJg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg__u192mo4z9JrxzDjeZgz6e4CUZmcV6q3UDoUl1Qph07tzRgeOQfGKTcBfe4Uu5SsVfP5lhtElMwaWuM9BgVY2abp65b35wyvKYd0tsPsM74Z1dtXE7QjTKNsBDlDOi9TTXfNc3C00
date: Sun, 30 Oct 2022 16:52:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFAB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYiacCpvtxvZAvxHRIo_0w&google_cver=1&google_push=AZmPxg_dkQRN-uVs1HD2IXUu4fahwLhL-8vsSoQDMLQWsnoP3vFY8P5QNJctnbeqNmrBo3VXOyo...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWTEJXU1AtUy1HVlpa&google_push=AZmPxg_dkQRN-uVs1HD2IXUu4fahwLhL-8vsSoQDMLQWsnoP3vFY8P5QNJctnbeqNmrBo3VXOyoXnDXxoGvbiMpUrGmmVDX9UelrrdwLi...

170 B
188 B

87ms
44ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWTEJXU1AtUy1HVlpa&google_push=AZmPxg_dkQRN-uVs1HD2IXUu4fahwLhL-8vsSoQDMLQWsnoP3vFY8P5QNJctnbeqNmrBo3VXOyoXnDXxoGvbiMpUrGmmVDX9UelrrdwLid9B6IF0cnIzZez371a6P5zM0azmtxCvvG5dSLBm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWTEJXU1AtUy1HVlpa&google_push=AZmPxg_dkQRN-uVs1HD2IXUu4fahwLhL-8vsSoQDMLQWsnoP3vFY8P5QNJctnbeqNmrBo3VXOyoXnDXxoGvbiMpUrGmmVDX9UelrrdwLid9B6IF0cnIzZez371a6P5zM0azmtxCvvG5dSLBm
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFAB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECxjJkJlwxN6n7kqq0RVYvo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECxjJkJlwxN6n7kqq0RVYvo&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECxjJkJlwxN6n7kqq0RVYvo&google_hm=Y16r3rZHPJXLg61kU_kp6gAAFCYAAAIB&google_nid=index&google_push=AZmPxg8loFdVrGYR2K1-VZdmnbj0GkvgmuEC1...

170 B
188 B

38ms
37ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECxjJkJlwxN6n7kqq0RVYvo&google_hm=Y16r3rZHPJXLg61kU_kp6gAAFCYAAAIB&google_nid=index&google_push=AZmPxg8loFdVrGYR2K1-VZdmnbj0GkvgmuEC1G_5MFI0IyX5FoyadmUyQxhjQ__6_NDS-hEkQYybMjDni7AMXcmqEAeGzoJKmmWJ2pKQtt4gT1fbuyGrgaOs_6NGctxnyO10EPIXleQbX-c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4I2t73yVALyLA0WXe2ED0gFs9OG8aPwCilq9QfrlJVSY3KgAFU4saSxpD%2FUnu2TTKIqIGZyFhjDGzUuX%2BrX3buveBkqPe4owiRQyvlcGdV97MmOtYQhKNYM%2BwQeVQjjZ9yP8jvthFICjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECxjJkJlwxN6n7kqq0RVYvo&google_hm=Y16r3rZHPJXLg61kU_kp6gAAFCYAAAIB&google_nid=index&google_push=AZmPxg8loFdVrGYR2K1-VZdmnbj0GkvgmuEC1G_5MFI0IyX5FoyadmUyQxhjQ__6_NDS-hEkQYybMjDni7AMXcmqEAeGzoJKmmWJ2pKQtt4gT1fbuyGrgaOs_6NGctxnyO10EPIXleQbX-c
cache-control: no-cache
cf-ray: 7625a9ccc89bd6ba-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame DFAB 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DFAB 0
232 B 65ms
34ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kbm2uF8CsCeG4kkNmf0pgjQm3G87gzMrcQikZ4x33DsYnTPmK-ujhH2FxZIZyMFViR3ShJ8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=7ZWryUu1rQ&p=https%3A//qa.cr-halal.com&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame D795 0
318 B 1155ms
328ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9vlbwq3&c=1712106163937&slotId=856053081968.5&qqid=CMyVvY-1iPsCFUqAhQodWO8E8w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D795 15 KB
16 KB 99ms
26ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 518874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D795 15 KB
15 KB 105ms
34ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:44:20 GMT
x-content-type-options: nosniff
age: 184106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 13:44:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D795 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CAvu-3ateY4yzCcqAlgTY3pOYD-_C__9s5tu5iMkQ4sW5pb81EAEghtzOHWD7gYCAmArIAQWoAwHIA5sEqgTtAU_Qs8fDsh-6ld-kdTsFVFIyKlQsf6US-PAxAzeA6kD5q_q4ioo-wvcYed2BssdgltBHwNARYtWe9-6CNXukygjVi2cVnMbHjN3oA7BWVK9xyW634k6NAVhuVgMlb4gYHY-LukQsJX0bYAiew0iuQ-Dp4sBX1edmnQfngxAPQLaM7LbJwoIiznTvR8eBAN8znqrgJVZSDBSPhKs4jYuQ3Cqe-iPfcvt8_F-ZkqyMwQ-josrNEwI1ZoUwYb_V6GM6mjXZ-qXB7uVpH-mBxG-BR4qz1B9sZeq6eeiZ6Q4-IAT_5Ac-nLANoRRoT0za2MAE8J_soaYE4AQDkAYBoAZ2gAfpvoXIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATi5H4EMgTxJWc4QPQEwDYEwqIFATYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1667148766091&ai=CAvu-3ateY4yzCcqAlgTY3pOYD-_C__9s5tu5iMkQ4sW5pb81EAEghtzOHWD7gYCAmArIAQWoAwHIA5sEqgTtAU_Qs8fDsh-6ld-kdTsFVFIyKlQsf6US-PAxAzeA6kD5q_q4ioo-wvcYed2BssdgltBHwNARYtWe9-6CNXukygjVi2cVnMbHjN3oA7BWVK9xyW634k6NAVhuVgMlb4gYHY-LukQsJX0bYAiew0iuQ-Dp4sBX1edmnQfngxAPQLaM7LbJwoIiznTvR8eBAN8znqrgJVZSDBSPhKs4jYuQ3Cqe-iPfcvt8_F-ZkqyMwQ-josrNEwI1ZoUwYb_V6GM6mjXZ-qXB7uVpH-mBxG-BR4qz1B9sZeq6eeiZ6Q4-IAT_5Ac-nLANoRRoT0za2MAE8J_soaYE4AQDkAYBoAZ2gAfpvoXIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATi5H4EMgTxJWc4QPQEwDYEwqIFATYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D795 30 KB
17 KB 134ms
56ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DYwHH67360gnadfG0vZq9mfS07ZNXDcC5juzhGtBYKj4m79Yo7eozg1ttYvfBP84qRv89oqC0iBvnru8Vca07bwbtz7w&cry=1&dbm_d=AKAmf-CO3lVNPGAO-eDKHK4FmSK_r-KMcgj0Xc8PggNJn97rILcrLnd9spXWlXpqpPVEF8je6BsgErYjOMCEpuyckWMvD2oAxtS2xoZ3h4X_3baW2Zfx1p7jgDCQk90IToaqNXfHrN6oOFbxjv_uz9X_pzCywWp-o_iElwxDyHWy53ZLNZgNftMzetfqVO1x4rDCO2HHryJTeJ4NMBdFUZfPweDGGFjOgd_sBYuhcEDCenHpWCvRFreVKJ2SeKDFawGqdKpce4oyamagorjbADYaZA9sTsnmxrvEGax2K_GGriQ8kmNMZNWRLXEgOGG0XG6V2u2YxtFelYr6LA-uDt_oQYsN1MD3yBLrSXFOt_4hRORRbPE2jmvvvJHF6kX7HBQf5AFzLaMAn4y7-32jF7LBCG8ogjc_GhCIZyXMCHy-ZxMsXW1grCqw24G2ffGnOMSgk9p0tBBwI4n4pJqAXoiQPwZ_E50_4gvJIGJBJ6iK2jQVI0_syuagtW-tb_t8KrWp2Xze0LkB-FPImvOYkyaDqfK3vhhm6f2K1D1_pmq_o990mq8NqMM4ub8uq0yz9dzZfM093iAdXO7-fmRU53Lz-4YQrMVNmKailWcd8vDcTAzlXLH9f3pybTqRCkCU3RQLN7nq0BVYxMvZypiS5gomF1UA0xdmQ3315iEjTJYr3_WF4rqVYQGJj4kRPtdqwLEvzq7FeEQhts6BYLbq3jbY7iD3LiybBtH5BVNX1Gx5SJByYBCo_0a_Pz9sF6DrHKmRHXIV_-N6OEU5kkFKMFr7xBVz_I1ai74tfpp_CeKcItdJz1zAkH-7zEeVLp0rvgSP8QX4Tv4bk5dsI7wKj6c3zE-0Iu5_vukbrAWg1zMGo29Qi3iegmyKzfa5aafqIltyoVDdQQp2bu5f8dMzzh69LYllZFQl6_E9I8hB6oGeIYs4Ndzp4apETI0xlo-HybScv1K60rQhqoGUL20u4yzIIxo0EPx6D-nk0Z-XwdYSiMJYzdgGuOV8Z50l7XWc5LnQShOc58xNKR7IvuU5IESnJ8xkCR2lCZv4Cv6bZZ1lVYodWCP1y0_pSGRAQ6Lmeb_T348gzm11cCKJBe-3AJGzWydn1dX42A5hrOLkTBdjQlXO2m5Ve6um8qJdR550go4RmWD9jUpHeNSZx1Ci0LuaDcpD_X95ioTZwFh6grpwj7geYj7Zvf6b9U5bwt4pe62ZtoemMFAvhpF0MNdWC1HCPabMdmzZ8h1GIg7tM7kBtuEWDkxjySTFKMkBEUyawMxfcMzBWE7N94FSUKRZJcBwqI7tnuQMrIkyi-9HPvc70qtaev36yUhk2yEVTG9-adoZI5xsYIsJiQyQdFXg7rXZN-E1COKUBcZFYmw6lurxYwHM3BDRa2HFuhHUkA29ucWXUQOFEn860IoidE-7vHY8tIL6m2I_p38CUVV3k4bAOpWV15IWBk-n1rRxlQWvOlM_9SqQQGnn1QF_tGBEfR_q_Z44jo5m3l46lrAlTrWIBO_LtByKz0W87xKT5UOFQcCN9d_thwRzPGRYVCsYPVw80K8VHQVmNPi30Hd3ePZLrMVMgvwk_DnW6OlKvQyh8s3g6uN2Fq4ftpSgfYPY5LRyuwYbVmPurowiynR6aYZADrqPM14lSpDT0b2ywkQHh3YYTBVFvhSzU6r_UEkkH5bc1g2w8DZTkj55H0N6aQq8-b6IyY-Tcg7GRrCryHQmXI_SgK6OGTyLDa-o1SBZyiUp7PqdFffhP6a7iRSUXIrUYjHaIO3seC5thDmXkll-FxEgh-cwoEl-0XwFBxsncGx8lhYkAc9I94MfXRrKrLnxRFhrPkkcSglYjPbD7GRZQ48U6jMr44xcTeDqj4H9P0m-unKN67XhDC61M5pMnyq5xiGfLU5_dNpRDO7sxGblTMe_qVeWaDkHY7ZWkRKHgKVqKMyGxu7qi-jN7C76TgsA0Dv6E-yhwtRNAwbiMtqVimoFwpPElZUa2G3X53q3j--qOx8M6sXXQnZS9OVCbspGg86xTY2nNNJUYO0bHcGNkIYcoy6yL27z_KY3VrozxuUABGzisCslcAmGNR07t3OdMgEKKAm5_AA6ilgMhp2HcIao1EJbPofgNC8diwzN8vrpws2HKglKUJ4Hth7onM5WRsGmjFm3kptYmmdApwuRAL1kRmfZmv6w1wE03e9rS6vwxRK9MFjc_A_bg_wEsbXCivwBdXQI5Cur-ESdKPQCgXeH21KTfx71eJCdSv9z0VizuZ9i-wMUWiyfV61Xo-rhym-OBTMVz6At60ZGcvkaqFlqcpWsUH4XaCMGMx3BMFI0zlhWgAcaJDywfCCLeGeW22NslErotyYcTQKWo36UROuOkRTrdA8_lcC3PLMm4DxPcJnkcG07NDgiTAAbYwFbwaVQ49GvMgtbfHolcIR7M-uaXrCuYdkYvzktIdXcGx-xCdLBJpemPJahAColfBQiBsxoM9vHHWyVpGELkYw0tSZNmO6BLk0a5Im_FGvsLlQ_pqsMwEeMFpbPT7bt_wjp-sLdFEBY0mrLwnMj13ZGzNa7vv1BmCKeAOBDesJGcXF--QC1n3i4L5iIW4vd0RnFo2A8QbjuPqbOBdsWQsLuNw_U3rxjeJn30PZhxXYeXpYLV0f-2xayjoUuzBagcmCW1JKjKH9uO4_7TRVxRLVs-44fllqOsMSYtpZfzK3yn2rTfEGKnVrrn3BkNZR-Zl8TYW1geeGs2AiXtiMpKtQU7yXLRCUmYwmOr6jA1QXGIGZHdEWB7-xSf-hscnQQxovPklZuCJ4P3NlmDC1G2m_uUrv6VbVO_I_BXLHhPCVuPrnpg0tVFetIa259SbZDWacOR3zfi3WDq1a544QB1NpWGvYf991cS78BkY_lO_Z0q8d4S2NA4FoyJVfN0Tac9ckYC3RMkS4bRobAXw1dd6xOG2-FtAmm11c384MI2PO38CvwXXb3xZa0Rd9Gxjt_AKJtsK97oHyCBpYWZn_yHqT6gThW-ICDekH_iC7lwznA-wZTyB7X_lbFCnZjqJtlClAJV4sGAni7fihzGvGUf8ktGz0S4jlFdGjLlP3IeKJaV-Ki3jFtaEViUFDDWAVGjxf1_qauHV_ZAAeFmpXUBNmB3MEg1zNH7bCIrdORetrfFXsNn41dnk3rENO1l53hVr5_a-DC_zBa374-v8XqGtn9-re3cf05K61PpZ3PE1L044bi-TtxIdgv4wugAR0URMRE6tXCnNwAT80PiBfV6YqPfAF2YLi_BG4N0HqvSc6S7Tnp110jyVGWMXCEdNEeUN59XY35jZgofDY0V4t9RkQN9LazTB5ButAe-85q049hF_BVH9yDzZvDSsvL41tTRfIIKta_ZdxQYrCvn9humbtEFeguKQ60WzSGZgR7e29WW8X0x91gsMhWvoZkw0dDn1Y_0eTDtyyTx-JQHV2Gq0X1ZlFW2ePlFfogBaURiLd7-Bdcpmohk6a_Q7pJsxYRnV4tetBbeglAle9zb-YPNkLCXxkvbW9wj7XXf4jj9XHAVKx-MqJvwu3zO6hQoNX2YYG7Gr3wqSjm6Y-Qtm1mMic0D_AwQASDtZtfUPbpCa9I1RrSUUhrKU5Q44136IEFTWhXgR0ZfxJKu0W9ER3xQhJx3y0oEQs6iEEHdiO5ydT9yoUJioGsXxy3OPfuV2H70m8qRkwkDnxLp4Ivrw_XN3qJgCbYOPfTbKetlP43WjIVjXYSQqSk5o6O5nWpFjxbcSLFb8nQLRy-kpsV6Xs2Tw2J03Tn_HzM6rOqo8Xz1af-NfcDJVGvpBa31suVxIQkDSri-vBVXwRekpsc7g0tQckVhTFOI9CCGpzZ9rXUlRExN2EsEttxrIuT_b3DxOYo2YEJrB9s2dJnYYROfSliwViD93wQf4prkkouRKzViWljznVLBNteP-Zk_7CU5-Oqlh7gHLY5KwHvoxU&cid=CAASJeRobk1YG3B7tLppvxRXXqt2x_Fxx7ZvEEKXfeLwlaS8QyUllAM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

c4e54b3a00dd7628e19ac0242a24f174a3f874a3bf4b558bff7fffeb44375f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16522
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D795 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwQz33ateY4yzCcqAlgTY3pOYD-_C__9s5tu5iMkQ4sW5pb81EAEghtzOHWD7gYCAmArIAQWoAwGqBOoBT9Czx8OyH7qV36R1OwVUUjIqVCx_pRL48DEDN4DqQPmr-riKij7C9xh53YGyx2CW0EfA0BFi1Z737oI1e6TKCNWLZxWcxseM3egDsFZUr3HJbrfiTo0BWG5WAyVviBgdj4u6RCwlfRtgCJ7DSK5D4OniwFfV52adB-eDEA9AtozstsnCgiLOdO9Hx4EA3zOequAlVlIMFI-EqziNi5DcKp76I99y-3z8X5mSrIzBD_ujKJcbeOVUF530Xc9YgQVZl7gPB4VIBSi5IevlZQVOo6t7mpQkTHiXwLfxhO-aZQpk7BawqKIB7nL_wATwn-yhpgTgBAOIBYuL-IFFkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfpvoXIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJENpOGI6Pn9UB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE4uR-BDIE8SVnOED0BMA2BMKiBQE2BQB0BUBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=0iqmVZnetgc&uach_m=[UACH]&cid=CAQSPADq26N96IgjGbSVLENV1C12eMBpRvr5hL0JnHk3uk4oE-AE9_aIqlPXGH1-3N_P2CRJu8c6hUPdKulvEyAT&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1667148765&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667148765105&bpp=1&bdt=1835&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbac5652fec5ceb5-226d175f5dce0053%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA&gpic=UID%3D00000b7a77bdc466%3AT%3D1667148764%3ART%3D1667148764%3AS%3DALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=35088432114&frm=20&pv=1&ga_vid=1259080444.1667148764&ga_sid=1667148764&ga_hid=1289461730&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775016&oid=2&pvsid=2963305716587128&tmod=1221701811&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=CwMzPLbgMN&p=https%3A//qa.cr-halal.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0F92 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 13:44:20 GMT
etag: 48472445140208031
expires: Mon, 31 Oct 2022 13:44:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D795 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5485d71b79aa9d8b74c251e632f52e7bb72c6eaa93062cc37d0b0ae53142e28b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame B35D 36 KB
16 KB 38ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 13:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 13:52:20 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F92
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDZXIM7t8nPIL_zrssLJ2-s&google_cver=1&google_push=AZmPxg-f12SzOFvZLxgWx8wx2C7fyj4144mqYiFsrzD8IrUjNS8o6FTv5j...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-f12SzOFvZLxgWx8wx2C7fyj4144mqYiFsrzD8IrUjNS8o6FTv5jkPp0Wbwzx8p8r2PPT4hbJEvlR4tectP0RpllpLNt8&google_hm=4AVzLUe89edkG...

170 B
188 B

48ms
39ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-f12SzOFvZLxgWx8wx2C7fyj4144mqYiFsrzD8IrUjNS8o6FTv5jkPp0Wbwzx8p8r2PPT4hbJEvlR4tectP0RpllpLNt8&google_hm=4AVzLUe89edkGg-MwBYXXA

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-f12SzOFvZLxgWx8wx2C7fyj4144mqYiFsrzD8IrUjNS8o6FTv5jkPp0Wbwzx8p8r2PPT4hbJEvlR4tectP0RpllpLNt8&google_hm=4AVzLUe89edkGg-MwBYXXA
pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F92
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_AgiuUHjdVWD60djkMppt8VKRVYE5rMzKMG3e5a692PWC28Pq8bwpJgIYbf6eenU2wF2G4ujZZK5KK-ZteZDgMv0k3kJgz&google_gid=CAESELZFrH1M8RNc4oeYLAaB6iQ&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCN7X-poGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWm1QeGdfQWdpdVVIamRWV0Q2MGRqa01wcHQ4VktSVllFNXJNektNRzNlNWE2OTJQV0MyOFBxOGJ3cEpnSVliZjZlZW5VMndGMkc0dWpaWks1S0stWn...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTmFQUTc4ckZqRENhM1dVcnRqVC1qX295MXJCaWdKVERGMVlZT1JPLTBYcw==&google_push

170 B
188 B

41ms
41ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTmFQUTc4ckZqRENhM1dVcnRqVC1qX295MXJCaWdKVERGMVlZT1JPLTBYcw==&google_push

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Oct 2022 16:52:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTmFQUTc4ckZqRENhM1dVcnRqVC1qX295MXJCaWdKVERGMVlZT1JPLTBYcw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F92
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGhRHAsDDdEGeG87RaZ0ICw&google_push=AZmPxg9NNHtqi02vrq4jXPeGRt8z3917J4qC4ru8J1G2ue4ZjAMUQM_V5xSKlZf7gtyiEC2V0P1OYLjHFtOwLpHP43veoc0...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg9NNHtqi02vrq4jXPeGRt8z3917J4qC4ru8J1G2ue4ZjAMUQM_V5xSKlZf7gtyiEC2V0P1OYLjHFtOwLpHP43veoc0h406G&google_hm=MTA4MTE4MDU3MDE1OD...

170 B
188 B

37ms
37ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg9NNHtqi02vrq4jXPeGRt8z3917J4qC4ru8J1G2ue4ZjAMUQM_V5xSKlZf7gtyiEC2V0P1OYLjHFtOwLpHP43veoc0h406G&google_hm=MTA4MTE4MDU3MDE1ODI0Njc3MzQ

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg9NNHtqi02vrq4jXPeGRt8z3917J4qC4ru8J1G2ue4ZjAMUQM_V5xSKlZf7gtyiEC2V0P1OYLjHFtOwLpHP43veoc0h406G&google_hm=MTA4MTE4MDU3MDE1ODI0Njc3MzQ
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F92
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEH44h4FfcGpnAe2w6_joxI4&google_cver=1&google_push=AZmPxg_r77ywZq56s_-org8ZZSq1eqd6-LwwMwy9Pv9hJU2Lpn6_5P5TuNDZNBD8OX7ZiHB6_XfFSI1SIbb4W7l6NO_yjgNazA
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_r77ywZq56s_-org8ZZSq1eqd6-LwwMwy9Pv9hJU2Lpn6_5P5TuNDZNBD8OX7ZiHB6_XfFSI1SIbb4W7l6NO_yjgNazA&google_hm=IMcn_PjryQ89Eccycr17RQ==

170 B
188 B

52ms
42ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_r77ywZq56s_-org8ZZSq1eqd6-LwwMwy9Pv9hJU2Lpn6_5P5TuNDZNBD8OX7ZiHB6_XfFSI1SIbb4W7l6NO_yjgNazA&google_hm=IMcn_PjryQ89Eccycr17RQ==

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_r77ywZq56s_-org8ZZSq1eqd6-LwwMwy9Pv9hJU2Lpn6_5P5TuNDZNBD8OX7ZiHB6_XfFSI1SIbb4W7l6NO_yjgNazA&google_hm=IMcn_PjryQ89Eccycr17RQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 60rsbdgv60kc165hdreb8gk6jsoi9cbl

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F92
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=85T5JJTVRk-63eeSosbnAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

39ms
37ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=85T5JJTVRk-63eeSosbnAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9t_1MHPxaXMiyA-RzDLneWmb7ZdH0QxUyhIgzKmHwAMK7BCydMCggkxqjDTmXDbPx_Opyy3NjxCuYWkC4S5ynVdInaczPh

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=85T5JJTVRk-63eeSosbnAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9t_1MHPxaXMiyA-RzDLneWmb7ZdH0QxUyhIgzKmHwAMK7BCydMCggkxqjDTmXDbPx_Opyy3NjxCuYWkC4S5ynVdInaczPh
date: Sun, 30 Oct 2022 16:52:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F92
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOe7ije3v0hhTrFUPnQHAVw&google_cver=1&google_push=AZmPxg--ZR8Sm-M5Ch9qpwr_B9TdNpYw4YrMw_DCVls8veseTic-Y_EZCY3hoz789s2w28mc9Am...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWTEJXVFMtSi1JUTg0&google_push=AZmPxg--ZR8Sm-M5Ch9qpwr_B9TdNpYw4YrMw_DCVls8veseTic-Y_EZCY3hoz789s2w28mc9Am_Jiu5fFoTpnqwHALvNKwRXaQ

170 B
188 B

47ms
38ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWTEJXVFMtSi1JUTg0&google_push=AZmPxg--ZR8Sm-M5Ch9qpwr_B9TdNpYw4YrMw_DCVls8veseTic-Y_EZCY3hoz789s2w28mc9Am_Jiu5fFoTpnqwHALvNKwRXaQ

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWTEJXVFMtSi1JUTg0&google_push=AZmPxg--ZR8Sm-M5Ch9qpwr_B9TdNpYw4YrMw_DCVls8veseTic-Y_EZCY3hoz789s2w28mc9Am_Jiu5fFoTpnqwHALvNKwRXaQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F92
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFSWkhXmajrHQwzQpOhqRnM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFSWkhXmajrHQwzQpOhqRnM&google_hm=Y16r3rZHPJXLg61kU_kp6gAAFCYAAAIB&google_nid=index&google_push=AZmPxg9J3RN1sXJDZyTIRVhgBdXXSQAziI90D...

170 B
188 B

41ms
38ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFSWkhXmajrHQwzQpOhqRnM&google_hm=Y16r3rZHPJXLg61kU_kp6gAAFCYAAAIB&google_nid=index&google_push=AZmPxg9J3RN1sXJDZyTIRVhgBdXXSQAziI90D26eucK-H5X4WWR_FCzV0JbNpzXe3q3uFqoRbKU3Ga7u0Ug9QZFC62c18cry4oUD

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQK0mgZelnNQxMN3kyESGLLf%2B6RIsw1VRNy7rxqjvnOV7GRHm9HsvHBRqLRg8SASSEGJTUzMhyqPAzwYWIXKSXX6fg%2F7PcLprxWMwdM4cv7ldeAg5VJ2RWCOkvhy4KzX79Wclw0ltOY2SA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFSWkhXmajrHQwzQpOhqRnM&google_hm=Y16r3rZHPJXLg61kU_kp6gAAFCYAAAIB&google_nid=index&google_push=AZmPxg9J3RN1sXJDZyTIRVhgBdXXSQAziI90D26eucK-H5X4WWR_FCzV0JbNpzXe3q3uFqoRbKU3Ga7u0Ug9QZFC62c18cry4oUD
cache-control: no-cache
cf-ray: 7625a9ccc897d6ba-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0F92 0
12 B 82ms
38ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1ObBvXZ2HIkbM1jyOpZ1ADFP3N3rYluD8I2HEoZS5GJwh9BpKr2jslqveq0XLpsxD2Xkr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E73 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlYwa3KteY8bmJ5mX8AL20aboAwAAAAA4AeAEAg&bg=!GhmlGV3NAAZPh4lnb4c7ACkAdvg8WuNSFi1vmxLpkUqtGuFV4rxfZWaR0h-Dctibj3_Trtzo9Xvj5wIAAAEiUgAAAAJoAQcKAEy1oYbp1qrHnqy2xOCpXHCnNY3kdZU-DJ2ZMRAXQyqcU63tXB6rOabWTRZsJnPiGuJ2KheVzfIdSGEepwQIHD3oG5QXgUFt-kyTPI2HmQLzrWwDP61NnU_cW_sBo-7EVaycUS5OC088IJsaWjJiVzA1NUEJP3RYRzaSaatpSiV8zRRXKpm6qo4_PAJ5pI0I0VXj6vMCJDU-S8tWCDNIfWHYdoCI5sazQqIUter6qYtanW3aTmtdmtFuKtqUr7NxiloYJbiVxJ4-VPoRb4McAU6vDXz_c8MECEkEqH1V-Je-ISyFXZRPw9niUugFu5YGEoWu9j7A0PmLPN9Vy9FHqaFkw--Ku2C7gfAJNuVjdchLY15ykKfCgpT909LhfquQMQWz0PBBLkYFN7f8GUggV99ljjyTjfL9Lm84vrrbhd6r0UzGFpiJGklEE4qVM1egOZjpzIQ9IWgcobeQeNIiv4qeF_CNGW0HCxGjeunC7mNX5jfWecJcsLbZyWf-T4feho054yeouZix28Sru_7vIkYvPA4N93rTfKHtk_BNe3Kn2E8mKcblZUNwDxuLQZcF6g1Q1Y6qAU0OYsaBEx3pMhAzvgoZcvcAfBp7vGzoXiBrGgjZq8sKg1fwfhI_ti-dSTYqFXwxYnVkZrGyAiyGczf7MiaHpLiSWPv8UK_m6PGZIB4ujtPzHsSQo0iImIRZw13GvdG8ypkQC96yaBjgWbQeS9UXqH6ZB0h8edh-Seyqbuvl_jcKezSI9iLbu7rsVg1F1b5zElDlUy2t0jSjzi6IF_rwus5pcxa3TBj7uXgof6G5Qq9ZMjmAVd-HZzA7LpzfWtiyoCMaOhk9UugggZTNePL3EmlyR8W1KHHQpUmoNv9KPzSNgE1F58FFVxQmAhbAKEUynJNp07ZAPaDeBTbbNEVPABInp5MXjmbSCkqJvzZG2M4Vv7Trdid5PzgUwLysOr1-R68mq-y0cnbVuKTOegveGp74eoPaY4eOzj-lj4R8UaIoUIPb0Uy4JdlHKJBoy8RBF4fG03QHGo_0seHBq08tBMN73X19Q1dODH1MCobrfWZVSWHiW9BVPwbhlXFxYWtxLTByO49Fhy4F3UbYwwE

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D795 41 KB
15 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-25glenld.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698684766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D795
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698684766/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-25glenld.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698684766/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

147ms
19ms

Fetch
video/mp4

2a00:1450:4007:9::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-25glenld.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698684766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A64A43271B7828FBCF87855085CB105B051EFC0.57EF2C9D287B7DFFA73B88AEDC59957779D42AF0/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::2/mm/42/mn/sn-25glenld/ms/onc/mt/1667147616/mv/u/mvi/1/pl/46/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4007:9::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 30 Oct 2022 16:52:46 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3993004
Last-Modified: Thu, 06 Oct 2022 16:17:15 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 30 Oct 2022 16:52:46 GMT

Redirect headers

date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-25glenld.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698684766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A64A43271B7828FBCF87855085CB105B051EFC0.57EF2C9D287B7DFFA73B88AEDC59957779D42AF0/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::2/mm/42/mn/sn-25glenld/ms/onc/mt/1667147616/mv/u/mvi/1/pl/46/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 121ms
65ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e655553438b3568c9f65f3b03089aae0fdd87f41334692b43ccd2076b7fac4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11323
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 5330 23 KB
9 KB 28ms
27ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 543139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 10:00:27 GMT
expires: Tue, 24 Oct 2023 10:00:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B35D 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHWb83ateY9bXCfGI9fgPrvuVwA4AAAAAOAHgBAI&bg=!vb6lvvrNAAZPh4lnb4c7ACkAdvg8Wnb4LJcPj5axEqmhxyjzN36-iP1Ik9kuTVjtCdBe2ew1eHvwwQIAAAB9UgAAAARoAQcKAI-ho_eDTrG25-P0eS1bdGqP536foXsr-rjcZ9PjarG3HucrTnveeY-HDyOCWgeKLHsihotKX06Mh7a7naAJs-WVomsMd-lxYnsoZg8LBl1ECU_i_TwcPGNydk7LPC8Lwqrrz_X6X1gsBTqsm_TS2IyziVhuxT92dzc7oH7kfwLWJ1x8x2xaIIQ9vVrGVeE51ZkC8Mv6RDx1Fpg32aK0qhybu9KVVqg8YBNuIV9wsD5qZrdvX_EPOo4tTjrnYNV2ohm22Q18mnkAF5e-olagpiG5wPs8A2fGeR1aFY-QyHDVyCidl72yZAq_9dBpuJgQzK8kwYlx5CZiR85nKv1nu0Lnuuc1oDknAsvUc-qzJE95f_Je6j6EUbBIc5oIcGNSfeQGGJSixFNRzHVQG5AUk7HxgOjxkQSP9trkj93z80KRI7HBJUAcqpM1oPmpFI6ymdLTg6Xn1q9LxPTtp0HdizYFjqL6e-XMHnHagEj9dRZPl2RMEdZhu7QUGJ-REPBJehuZNEni2WeCdBvKZLc2KM4zxDj9JBJtOXvZhJPfCDOH2rB2VidiLQjqipXcAYb55ioeM0lVVCRHZVSwaRkA-1NKX0uIU0JQDvtf__tYKYCoL_r9VNds7sA3xq1Dz1cHc2dJ-nyztfkYa4R7Ip4105MTycfgEbYtLvDkAUtRpOs1IPRdgmcsr6a-jpheZNsyBGVqdaUcuGJEHZnUkH1qrwkwuFXA9WjMsPmOHM-6Re1XZsj09D6xW_73ePcj9XKNyhcvoEsmQX6IT8eGpevFPNl6PaMkV15xxJFnVIX9tZyuT9Pv-0RvMg4XkcK_R2Bfytv0h7MPv9OE0BFWi8h_l3dsXwdEmuXarQizWVWpPN4oZlrAChkaVqkx-h4ErRMzpl1NtL3i6YK76_SQSnVhAP2Mef9Ig34ldLO8wL8mJWdvsk4QdaywZalpuf3km_njLMF8M1wJrPDaxF-V_IO3I5sR-NnGhsgX8gIFts4PtjWL7rczO5r6VJAm4k0_oFNpjWQ6ovwyuZZ_16LaMRqcLFTdDCXvtL3aILQJuVB7j0ATx6c8HjT-BZ6-nqbgLQ9MIXEaNvUrNrG7LcX7dX9OkPFIVIRyi6PYPryugnjuIk3gL4qeKuyFFNM-PLsuBBbdCcPw94DR3kEtbALWET0ZMRdDHgqN6w15OBrobOACzc1g1DY8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5330 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 06:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 06:14:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Oct 2022 16:52:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB58 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 3448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 15:55:18 GMT
expires: Mon, 30 Oct 2023 15:55:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B1E7 783 B
535 B 37ms
36ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

592e46f5a3515d61705250336d9f5e0f1c485567be7e89bc1c35c654cc379eba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YdnBZzELp7od3kdR5Cm9aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-YdnBZzELp7od3kdR5Cm9aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Oct 2022 16:52:46 GMT
expires: Sun, 30 Oct 2022 16:52:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 206 file.mp4
r1---sn-25glenld.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698684766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D795 135 KB
0 45ms
21ms Media
video/mp4 2a00:1450:4007:9::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:9::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 30 Oct 2022 16:52:46 GMT
date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3993003/3993004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3993004
last-modified: Thu, 06 Oct 2022 16:17:15 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B1E7 0
0 60ms
59ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=2963305716587128&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame AB58 36 KB
16 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 13:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 13:52:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5330 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BqtHE3qteY8vMDMLm1gbOv7yoCAAAAAA4AeAEAg&bg=!aWqlai7NAAZPh4lnb4c7ACkAdvg8WpgZTFWHiBusQFLs6rriVl1RLrYs8teaa6OgJAiCZS2qE6PMHQIAAACaUgAAAANoAQcKALyeP-Z_Nsd_kb3EqYRi67BVykOqJvGCvmQBPBrwyyFVzKJ9ivswSXTzUvZSiUvaclJYgxhegin2iZVCQTONdff8wjteQ6kS4FtLm03nID1ZU_DLJG-qoOzS-WGBVEGVWe3nsbAPqPwCaRHa7LzzJQQrgt9krAQ2DfZQc-jLFqqHP_XhV2NCQSiNXsdM-irTrnGK0xMh9S_G9cEUs0qG0YUC9WH00IPs5n_V94EJe6AnuPpm05BDoft7S7BZxJkCyJuCfJcTeNtBFR26GSgn0QI8WnIQZfx-anY9jleoKqJP7ca4jPxEUBRV5zo6XELBd7MTpEiYIexkPYJeTEf9BVJ2S50MdwX2Dk2uIW7AnKfWTFOCg_fRNJXpoWN3f8164qkOYKWh11BiURA2QSibHp6FF_Hi2NBLW48QyQWaBb0whvApOIZeupBgzhRtUSpHXUrVY6x3aP7pJuoiWWonXZtLzoSlOLiEEZ0_u55razI1oVMalLZ9aNaP6k_FtiLbnfH3kOA3rmTtuGNiIjdxn2yX-QQ_O621pCZw_jzNZ0qdr89QR2nGOqBR9z-aJ60R73cNEi1F6u4LyYyHv_ndSxeUmWziWNGxsTRPfv9QT3PEAdVCGGuch-Mov-qBP5namWEXP5QAbXjR0ykDiwatL_lqyBjz8sP3IGpMkXNe6rz4zc9LHZYrYa1ZqVOdjHSrsyugSZ73FtqVmPbTnPr-SRKXgbf5tf6f91HBsy2chvDLb7vyUjtK6QO-txfgT2mRfWXEyeWUBXatIm2kiFHz5mH_5PxoepeWd8ejBtHuGjSWuB_b1Yp4-bKCWZh7Ul-lNcr4ZAudAhIqgxyCjsx5Iyoh5o9PbB-GIPO7QPTh46dJM2hT02ATDCyU3SKZ6fR1p8vb4DrUhxU7RusS1Db9cPWnC0Lu4Iyd6lTeu1jM-LDeEROT882CiWB-eHrCTWhI2HzgMzLGuN1Q_xOvXFuL84jxeMSRUAKiT4dLNJRwCbaAVtnQAOT0P2l0kFMYWPHUMTdT3DV5P0eKfdysYgZ0z6RQzQyYb20hkeY8J1nAQsBXSF6ULkFPXjGFwnjPxV3RBa5buxSgN-QgXpLHRTL6nBpqVTDy8Hl2C7NF9Eo87SqDNaniUtdpytwO3sB_QWJdlwGKDy_CDZbFoYgwTvNHx4KEcWSENrkM6Ubjo8DMHRXj1bYgTquvubo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E1C 42 B
64 B 66ms
65ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-z0P64zkVpidV7tXvgN2TazgUuTiZMq-ucNa2vjp4_6Rn2VsPN14GtzuBEXAGsYZ8twfbuYWPpDHIE2XJyP3bK3zhTCB-wljP_rj9ul8IN3SxYoI8yfY3JA4NAn9qPxjYtD3gUw&sai=AMfl-YSODgV3jS5kX2Nenbvvi7anP5Y3sWiqPfnTL4vuRvywHMNAUN_JRviyFHhm6rlju16wNpqMVrhsZHWiLqE&sig=Cg0ArKJSzLxK-XJzldzWEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=192,814,1001,1001,1001&tos=192,622,187,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667148765216&rpt=468&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AB58 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ih6GvQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 16:52:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3871 42 B
64 B 67ms
62ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuU79MIXj9WK6XHyNYuiJXItl2bygiU9rJfWE-EI2af1U2wBNF8fFCtpH93mqzv4GA6CA44eHWGnVHWXGG2w5HzB88V5fU__8-AsfSo0hfeCU-aur3apJjGk1Z_YOqwRlgL-_fj0R45krTfCI3Bj4S9orciILZ8EVvO3w3UJ2_KkVeXMCir1hFMD_Zm1EiWhg&sai=AMfl-YS65CG1e0BGuMI5ZQf7E6-Pgrtxhze7EDjCuzDOQn_Kwb2dDy2XSV-nXZUEyErdyx0FsTdbe5KAOSTE1rk&sig=Cg0ArKJSzIIOnzoqoeraEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3576269607&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667148765291&rpt=613&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
64ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=2963305716587128&bg=!R0SlRADNAAZPh4lnb4c7ACkAdvg8WsTH3zJxe459FwQAoe86ADtSb8G1IxF9SzDW7ZRSGZfCdD2_ZwIAAACRUgAAAARoAQeZAqSjOMtO5D48mnWf9Wg12mZQ9n0De7hyRJuzgWnakbmTP-1AfFwhgihMNlsdB2IbTOVX9QhM3HpGL8IQx2hpNDUwbUKAEqX4nBsVv419-lIqkPf02zaDtJDxrEOlYuDhVAdcJ8dD9w5mn7R1ze05ofCVGN0MWkSjxdWydFoRiO2DldoDmGUazymQlkC5oDlvr8scvvCOw-b4UD9LwKzkTO75G_IsEp0PP9rDa3KbYlIpmPLvv9djDWtr2VT7OStPLnH1THIDHRZzZ3ZmsRclm4ulDMTWohesfGSwMoqC2TCEhIJug-H3BSZD8UmkOSjpIwJjxTFRTftKa6m9GourgEBSMa_vlzz1n7GcgM0b27AY6oT0uNc7XMR5PqUgXyZDuUnI3M20CWzuh6W5D1RGTUPt58QPkrsnLvN1yt-DbU2VehuT1LcSzMOmPjF3PMTercN4H12ntGjemoVhP6fZm6ldbRyrw2jdyHIv235Tldendt_4WSaeBJADcRVE22a1T3bAnm2brzDltl6FjBiO8kpuxSq1_QtE4QMYV_CgFJywqojMMcW_A0Mzy9uRpmNyPN4q-0IQkH_MbuOhSPQE3lT4XSU2lkO1qiumDJuqyVj_XOOp22gMV_iO5Z-U2Ef6bllmr5HTSPg4elB2QdLAbKnCC8EI1kGxODEfay0SZLlDJGwazywBuK41nbSmSFlmch54waSGWggC9kensV0dV86G6DociM_exlRyVqJ2JhgZEDZ0aHDbvItiNtsB3ScGLFWZOIJOgo2hB41Um_9QTpuPZVYnSz4UcIdHY40jzgetnpUJEU-FhHOaKfXYkuoGKdlTCyadFLMI_Ph6tZDne7pouelxSu4aM3NbDB15W6XN9_x_QzrKvHZonj9yMlNXgsIjxJDU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame D795 0
54 B 629ms
328ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9vlbwr1&c=1712106163937&slotId=856053081968.5&qqid=CMyVvY-1iPsCFUqAhQodWO8E8w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=914&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 16:52:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENCUTzDAVYLyeid3XJdur3g&google_cver=1&google_push=AZmPxg-fIB8bgVBsrm_5c5pQDPT5LXLoqM_gtLw7RDq4i1-AcFc-Vr2kDGmSrNmkqt49GVEK40NNSZM1ZtkzmBn7B5bhE3-2aQ249kBy4o90rvuRepHMMEZMbI_3j4Nm7ly6AN2UzjeD_97b

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 16:35:35	Name: __Secure-ENID Value: 7.SE=TbMXppprYqgepDggOGZha0zpJ4Nxtn6rntL_mWZyDWUwGX1_aJnYJxRim6LkKWMi53L0pXAfLN_3qtl6e3lvzzr0JtUGvMQJGO7hH4FjmOVe9X5qYTv0pVCsW-q8a80xPKimRTwKZ4QXChUZJl7gPaUJPlpDJMD91OhZbKteJR8
.google.com/	1970-01-20 16:41:48	Name: CONSENT Value: PENDING+648
qa.cr-halal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 10633e09db58789db7d33617b828d8dc
qa.cr-halal.com/	1970-01-20 07:08:41	Name: qa_key Value: 32tjdvhp5d88wjj9oljo6k145uzthoa0
.cr-halal.com/	1970-01-20 16:41:48	Name: _ga_V7K5ME1CH7 Value: GS1.1.1667148764.1.0.1667148764.0.0.0
.cr-halal.com/	1970-01-20 16:41:48	Name: _ga Value: GA1.1.1259080444.1667148764
.cr-halal.com/	1970-01-20 16:27:24	Name: __gads Value: ID=cbac5652fec5ceb5-226d175f5dce0053:T=1667148764:RT=1667148764:S=ALNI_MZTbquPtt6P3-lA9vjZL27nacz_DA
.cr-halal.com/	1970-01-20 16:27:24	Name: __gpi Value: UID=00000b7a77bdc466:T=1667148764:RT=1667148764:S=ALNI_MYhYKetYWB8DTLXqzbQqBnyM29KAg
.doubleclick.net/	1970-01-20 16:27:24	Name: IDE Value: AHWqTUnofWsUiUZkuYbSGrXyNGTT5HY-L45-Ou6ddK-umNcQ2aCsU9swNOfV1ulwV-U
.doubleclick.net/	1970-01-20 07:05:52	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 09:15:24	Name: uuid2 Value: 7073168262772332782
.openx.net/	1970-01-20 15:51:24	Name: i Value: 2c3d9299-f8ea-4fd6-81b3-436dc5837202\|1667148766
.quantserve.com/	1970-01-20 09:15:24	Name: d Value: EAUBCQG6J4EA
.quantserve.com/	1970-01-20 16:36:03	Name: mc Value: 635eabde-18c6c-77c22-a961c
.casalemedia.com/	1970-01-20 09:15:24	Name: CMPS Value: 5158
.casalemedia.com/	1970-01-20 09:15:24	Name: CMPRO Value: 5158
.adnxs.com/	1970-01-20 09:15:24	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTywVa29!]tbPl1M>e)ZlrFUfJ+tGXxoiC@GfOIO9L%QKN5n=9/In=9oS+YZSW2cPoeF3If)y3KL9D3I?+Uc+%KG
.casalemedia.com/	1970-01-20 15:51:24	Name: CMID Value: Y16r3rZHPJXLg61kU-kp6gAA
.rlcdn.com/	1970-01-20 15:51:24	Name: rlas3 Value: DpRjO7SXMzN+xFkEBxpc5JwKhoBHl844SUOUS37EbkI=
.mookie1.com/	1970-01-20 16:34:36	Name: id Value: 10811805701582467734
.mookie1.com/	1970-01-20 16:34:36	Name: mdata Value: 1\|10811805701582467734\|1667148766271
.mookie1.com/	1970-01-20 16:34:36	Name: ov Value: 6d6fe6092b2f0857003265e54c35dfc7
.casalemedia.com/	1970-01-20 09:15:24	Name: CMTS Value: 3358
.rlcdn.com/	1970-01-20 08:32:12	Name: pxrc Value: CN7X+poGEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 07:07:15	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:15:24	Name: KADUSERCOOKIE Value: 99EDE4E4-B70B-4E77-A1C4-4BAA595E6C26
.e.dlx.addthis.com/	1970-01-20 16:36:03	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:36:03	Name: na_id Value: 2022103016524600017618807550
.addthis.com/	1970-01-20 16:36:03	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:36:03	Name: uid Value: 635eabde6d24cdc9
.addthis.com/	1970-01-20 16:36:03	Name: ouid Value: 635eabde00014a47d1d7faaacbdce577a0e797ab90670531b15c
.dlx.addthis.com/	1970-01-20 07:49:00	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:49:00	Name: na_sr Value: 20221030
.dlx.addthis.com/	1970-01-20 07:05:48	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:49:00	Name: na_sc_e Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENCUTzDAVYLyeid3XJdur3g&google_cver=1&google_push=AZmPxg-fIB8bgVBsrm_5c5pQDPT5LXLoqM_gtLw7RDq4i1-AcFc-Vr2kDGmSrNmkqt49GVEK40NNSZM1ZtkzmBn7B5bhE3-2aQ249kBy4o90rvuRepHMMEZMbI_3j4Nm7ly6AN2UzjeD_97b Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3135644639015474&fa=1&ifi=10&uci=a!a&btvi=5&xpc=zvfsmDDMFK&p=https%3A//qa.cr-halal.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
bangladeshembassy.bt
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
odr.mookie1.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
qa.cr-halal.com
r1---sn-25glenld.c.2mdn.net
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
sp-ao.shortpixel.ai
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.analyticsinsight.net
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.stilt.com
googlecm.hit.gemius.pl
104.18.19.126
142.250.186.98
142.250.74.194
185.59.220.194
185.64.190.78
185.80.39.216
192.124.249.5
2001:4860:4802:34::36
2404:6800:4003:c03::78
2405:d000:0:100::216
2606:4700:10::6816:6f6
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4007:9::6
2a06:98c1:3120::3
34.98.67.61
35.227.252.103
35.244.174.68
37.252.173.38
64.233.167.155
66.29.132.14
69.173.144.138
88.221.168.166
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
09e74d56ba258111fe273e096f0ce3143e7da7ac3a2493e5ef5ff69f7d4c55e3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0e2a37ec9babf7ebb24c1667f9624df292b7595e0f1bf9d0ebcd54be8b915e14
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
1598b1ea3ad76587b77ce3f930a0818a33b4804270f23af96b65f9d2c7591374
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1850d4a00f34b02563f4be9b1b9bd49e7c542f4bb4d1ef3c164e9e55cfbf2ccc
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
37bfd8950abb03f95e5b633e73ef2c6e64b852c579050f7a897b24dd4d71124a
3a1a0c6ddbca643c8148527a8329347eb08c28e80daae5678c03b1bc621b57e3
3faea1e399e6b42f0d09246bb5830523180a265cd64cf6d01a41a98053405fb2
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5485d71b79aa9d8b74c251e632f52e7bb72c6eaa93062cc37d0b0ae53142e28b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592e46f5a3515d61705250336d9f5e0f1c485567be7e89bc1c35c654cc379eba
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63bde5c0922f69570794d504d1a6b689645cb8a8bac183f4020b5c69d1fa3128
678bfd94c68afc6a4132801d3c414b4b5686a823e12dc7ac391de6c31fa1fa99
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8afcc2380ea7b1745497d81339b2dad311f422b584edf1c6ad2ae74927ba2f2a
907c82474365b931db275b8eab0524cebecb33abba932694ed10dc9235a6fe37
94d68048a82ccbbbf8359f2e31bcdc70983581412f366de67e5b24337eb25bdd
96a1307165b6bc114b21f8480f40c694adbb788ef3c2ece3af0cff637d49b323
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0ce409f38eb4d4ab4b89f64dd74e339bbda0561a2a2c2d345a21305636e673
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b0e59a8e051718635735716392aedcf9d714a7b352c4a0d7cb72cc182568bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293
ab426babbdbdf19d286d1fff0e8a603dc88fa3263fe2939b6e7dd62cc1d1ba8f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4e54b3a00dd7628e19ac0242a24f174a3f874a3bf4b558bff7fffeb44375f4a
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792
d034c3f9dd7b4caaccaa7d71c7a18e897fe6872840ebf1c35ddd35cdd8a308ce
d44dd867f44722158fd47846c41a31d4d58d37d40c8e317fb9d86dcd5d4ec590
d540ef13eb4384bf634d6c42eb1030a5d1e30b3a324e03a8fcce899072b144f0
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e2fed796bc88dc10c8540676338f4c712b58ffaa2bc7db5a5a93f36bc37ae052
e3a04e05fb7d684f57dac89d54d2221abf3d2967d3e4141dcd9cac7acfe18f56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e655553438b3568c9f65f3b03089aae0fdd87f41334692b43ccd2076b7fac4dd
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ccc5124182a6c2c188923e0622cb286be240ccb7e88d6b3dce7ab4bb8342aa
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fcb468917c9ba7de586db5381f64570c3a3220510183aa203ff055bd0ec2e038

qa.cr-halal.com Open in urlscan Pro 66.29.132.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

86 %HTTPS

59 %IPv6

27 Domains

38 Subdomains

29 IPs

8 Countries

1632 kBTransfer

4214 kBSize

35 Cookies

2 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

86 %
HTTPS

59 %
IPv6

27
Domains

38
Subdomains

29
IPs

8
Countries

1632 kB
Transfer

4214 kB
Size

35
Cookies

145 HTTP transactions
4 data transactions